[Fedora-security-commits] fedora-security/audit f10, 1.10, 1.11 f8, 1.228, 1.229 f9, 1.218, 1.219
fedora-security-commits at redhat.com
fedora-security-commits at redhat.com
Mon Jul 14 06:45:25 UTC 2008
- Previous message (by thread): [Fedora-security-commits] fedora-security/audit f10, 1.9, 1.10 f8, 1.227, 1.228 f9, 1.217, 1.218
- Next message (by thread): [Fedora-security-commits] fedora-security/audit f10, 1.11, 1.12 f8, 1.229, 1.230 f9, 1.219, 1.220
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8206/audit
Modified Files:
f10 f8 f9
Log Message:
last week issues
Index: f10
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f10,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- f10 4 Jul 2008 20:12:09 -0000 1.10
+++ f10 14 Jul 2008 06:44:55 -0000 1.11
@@ -4,10 +4,18 @@
# *CVE are items that need verification for Fedora 10
# (mozilla) = (gecko-libs dependent stuff)
+CVE-2008-3145 version (wireshark, fixed 1.0.2) [since wireshark-1.0.2-1.fc10]
+CVE-2008-3141 version (wireshark, fixed 1.0.1) [since wireshark-1.0.1-1.fc10]
+CVE-2008-3140 version (wireshark, fixed 1.0.1) [since wireshark-1.0.1-1.fc10]
+CVE-2008-3139 version (wireshark, fixed 1.0.1) [since wireshark-1.0.1-1.fc10]
+CVE-2008-3138 version (wireshark, fixed 1.0.1) [since wireshark-1.0.1-1.fc10]
+CVE-2008-3137 version (wireshark, fixed 1.0.1) [since wireshark-1.0.1-1.fc10]
+CVE-2008-3067 version (sudo, fixed 1.6.9p12)
CVE-2008-2960 version (phpMyAdmin, fixed 2.11.7) [since phpMyAdmin-2.11.7-1.fc10] PMASA-2008-4
CVE-2008-2954 backport (linuxdcpp) #453734 [since linuxdcpp-1.0.1-3.fc10]
CVE-2008-2953 backport (linuxdcpp) #453734 [since linuxdcpp-1.0.1-3.fc10]
CVE-2008-2952 backport (openldap) #453728 [since openldap-2.4.10-2.fc10]
+CVE-2008-2950 VULNERABLE (poppler) #454290
CVE-2008-2942 VULNERABLE (mercurial)
CVE-2008-2841 ignore (xchat) windows-only, IE bug
CVE-2008-2827 backport (perl) #452642 [since perl-5.10.0-28.fc10]
@@ -63,6 +71,7 @@
CVE-2008-2374 version (bluez-libs, fixed 3.34) #452822 [since bluez-libs-3.34-1.fc10]
CVE-2008-2371 backport (pcre) #453557 [since pcre-7.3-4.fc10]
CVE-2008-2371 version (glib2) #453561 [since glib2-2.17.3-1.fc10]
+CVE-2008-2364 VULNERABLE (httpd, fixed 2.2.9) #447312
CVE-2008-2363 VULNERABLE (pan) #449335
CVE-2008-2362 version (xorg-x11-server) #450927 [since xorg-x11-server-1.4.99.902-2.20080612.fc10]
CVE-2008-2361 version (xorg-x11-server) #450927 [since xorg-x11-server-1.4.99.902-2.20080612.fc10]
@@ -80,7 +89,7 @@
CVE-2008-2119 ignore (asterisk, fixed 1.2.29) AST-2008-008, only for 1.0.x and 1.2.x
CVE-2008-2108 version (php, fixed 5.2.6) [since php-5.2.6-2.fc9]
CVE-2008-2107 version (php, fixed 5.2.6) [since php-5.2.6-2.fc9]
-CVE-2008-2085 VULNERABLE (sipp) #446222
+CVE-2008-2085 backport (sipp) #446222 [since sipp-3.1-2.fc10]
CVE-2008-2079 VULNERABLE (mysql, fixed 5.0.60) #445804
CVE-2008-2051 version (php, fixed 5.2.6) [since php-5.2.6-2.fc9]
CVE-2008-2004 VULNERABLE (xen) disables format autodetection by default [since xen-3.2.0-11.fc10]
@@ -111,8 +120,10 @@
CVE-2008-1677 version (fedora-ds-base, fixed 1.1.1) #445810 [since fedora-ds-base-1.1.1-1.fc10]
CVE-2008-1672 backport (openssl, fixed 0.9.8h) #448691 [since openssl-0.9.8g-9.fc10]
CVE-2008-1531 backport (lighttpd) [since lighttpd-1.4.19-4.fc10]
+CVE-2008-1502 version (moodle, fixed 1.9)
CVE-2008-1488 VULNERABLE (php-pecl-apc) #438848
CVE-2008-1475 VULNERABLE (roundup, fixed 1.4.5)
+CVE-2008-1447 VULNERABLE (bind) #454477
CVE-2008-1423 backport (libvorbis) #446344 [since libvorbis-1.2.0-4.fc10]
CVE-2008-1420 backport (libvorbis) #446344 [since libvorbis-1.2.0-4.fc10]
CVE-2008-1419 backport (libvorbis) #446344 [since libvorbis-1.2.0-4.fc10]
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.228
retrieving revision 1.229
diff -u -r1.228 -r1.229
--- f8 4 Jul 2008 20:12:09 -0000 1.228
+++ f8 14 Jul 2008 06:44:55 -0000 1.229
@@ -6,39 +6,47 @@
rhbz293031 fixed (nx) #293031 [since FEDORA-2008-2258]
rhbz249840 version (tor, fixed 0.1.2.15)
+CVE-2008-3145 VULNERABLE (wireshark, fixed 1.0.1)
+CVE-2008-3141 VULNERABLE (wireshark, fixed 1.0.2)
+CVE-2008-3140 VULNERABLE (wireshark, fixed 1.0.1)
+CVE-2008-3139 VULNERABLE (wireshark, fixed 1.0.1)
+CVE-2008-3138 VULNERABLE (wireshark, fixed 1.0.1)
+CVE-2008-3137 VULNERABLE (wireshark, fixed 1.0.1)
+CVE-2008-3067 VULNERABLE (sudo, fixed 1.6.9p12)
CVE-2008-2960 fixed (phpMyAdmin, fixed 2.11.7) [since FEDORA-2008-5640] PMASA-2008-4
CVE-2008-2954 fixed (linuxdcpp) #453732 [since FEDORA-2008-6038]
CVE-2008-2953 fixed (linuxdcpp) #453732 [since FEDORA-2008-6038]
CVE-2008-2952 fixed (openldap) #453726 [since FEDORA-2008-6029]
+CVE-2008-2950 VULNERABLE (poppler) #454288
CVE-2008-2942 VULNERABLE (mercurial)
CVE-2008-2841 ignore (xchat) windows-only, IE bug
CVE-2008-2827 ignore (perl) perl 5.10 only
-CVE-2008-2811 VULNERABLE (firefox, fixed 2.0.0.15) [since firefox-2.0.0.15-1.fc8]
-CVE-2008-2811 VULNERABLE (seamonkey, fixed 1.1.10) #453954
-CVE-2008-2810 VULNERABLE (firefox, fixed 2.0.0.15) [since firefox-2.0.0.15-1.fc8]
-CVE-2008-2810 VULNERABLE (seamonkey, fixed 1.1.10) #453954
-CVE-2008-2809 VULNERABLE (firefox, fixed 2.0.0.15) [since firefox-2.0.0.15-1.fc8]
-CVE-2008-2809 VULNERABLE (seamonkey, fixed 1.1.10) #453954
-CVE-2008-2808 VULNERABLE (firefox, fixed 2.0.0.15) [since firefox-2.0.0.15-1.fc8]
-CVE-2008-2808 VULNERABLE (seamonkey, fixed 1.1.10) #453954
-CVE-2008-2807 VULNERABLE (firefox, fixed 2.0.0.15) [since firefox-2.0.0.15-1.fc8]
-CVE-2008-2807 VULNERABLE (seamonkey, fixed 1.1.10) #453954
+CVE-2008-2811 fixed (firefox, fixed 2.0.0.15) [since FEDORA-2008-6127]
+CVE-2008-2811 fixed (seamonkey, fixed 1.1.10) #453954 [since FEDORA-2008-6196]
+CVE-2008-2810 fixed (firefox, fixed 2.0.0.15) [since FEDORA-2008-6127]
+CVE-2008-2810 fixed (seamonkey, fixed 1.1.10) #453954 [since FEDORA-2008-6196]
+CVE-2008-2809 fixed (firefox, fixed 2.0.0.15) [since FEDORA-2008-6127]
+CVE-2008-2809 fixed (seamonkey, fixed 1.1.10) #453954 [since FEDORA-2008-6196]
+CVE-2008-2808 fixed (firefox, fixed 2.0.0.15) [since FEDORA-2008-6127]
+CVE-2008-2808 fixed (seamonkey, fixed 1.1.10) #453954 [since FEDORA-2008-6196]
+CVE-2008-2807 fixed (firefox, fixed 2.0.0.15) [since FEDORA-2008-6127]
+CVE-2008-2807 fixed (seamonkey, fixed 1.1.10) #453954 [since FEDORA-2008-6196]
CVE-2008-2806 ignore (firefox, fixed 2.0.0.15) Mac OS X specific
CVE-2008-2806 ignore (seamonkey, fixed 1.1.10) Mac OS X specific
-CVE-2008-2805 VULNERABLE (firefox, fixed 2.0.0.15) [since firefox-2.0.0.15-1.fc8]
-CVE-2008-2805 VULNERABLE (seamonkey, fixed 1.1.10) #453954
-CVE-2008-2803 VULNERABLE (firefox, fixed 2.0.0.15) [since firefox-2.0.0.15-1.fc8]
-CVE-2008-2803 VULNERABLE (seamonkey, fixed 1.1.10) #453954
-CVE-2008-2802 VULNERABLE (firefox, fixed 2.0.0.15) [since firefox-2.0.0.15-1.fc8]
-CVE-2008-2802 VULNERABLE (seamonkey, fixed 1.1.10) #453954
-CVE-2008-2801 VULNERABLE (firefox, fixed 2.0.0.15) [since firefox-2.0.0.15-1.fc8]
-CVE-2008-2801 VULNERABLE (seamonkey, fixed 1.1.10) #453954
-CVE-2008-2800 VULNERABLE (firefox, fixed 2.0.0.15) [since firefox-2.0.0.15-1.fc8]
-CVE-2008-2800 VULNERABLE (seamonkey, fixed 1.1.10) #453954
-CVE-2008-2799 VULNERABLE (firefox, fixed 2.0.0.15) [since firefox-2.0.0.15-1.fc8]
-CVE-2008-2799 VULNERABLE (seamonkey, fixed 1.1.10) #453954
-CVE-2008-2798 VULNERABLE (firefox, fixed 2.0.0.15) [since firefox-2.0.0.15-1.fc8]
-CVE-2008-2798 VULNERABLE (seamonkey, fixed 1.1.10) #453954
+CVE-2008-2805 fixed (firefox, fixed 2.0.0.15) [since FEDORA-2008-6127]
+CVE-2008-2805 fixed (seamonkey, fixed 1.1.10) #453954 [since FEDORA-2008-6196]
+CVE-2008-2803 fixed (firefox, fixed 2.0.0.15) [since FEDORA-2008-6127]
+CVE-2008-2803 fixed (seamonkey, fixed 1.1.10) #453954 [since FEDORA-2008-6196]
+CVE-2008-2802 fixed (firefox, fixed 2.0.0.15) [since FEDORA-2008-6127]
+CVE-2008-2802 fixed (seamonkey, fixed 1.1.10) #453954 [since FEDORA-2008-6196]
+CVE-2008-2801 fixed (firefox, fixed 2.0.0.15) [since FEDORA-2008-6127]
+CVE-2008-2801 fixed (seamonkey, fixed 1.1.10) #453954 [since FEDORA-2008-6196]
+CVE-2008-2800 fixed (firefox, fixed 2.0.0.15) [since FEDORA-2008-6127]
+CVE-2008-2800 fixed (seamonkey, fixed 1.1.10) #453954 [since FEDORA-2008-6196]
+CVE-2008-2799 fixed (firefox, fixed 2.0.0.15) [since FEDORA-2008-6127]
+CVE-2008-2799 fixed (seamonkey, fixed 1.1.10) #453954 [since FEDORA-2008-6196]
+CVE-2008-2798 fixed (firefox, fixed 2.0.0.15) [since FEDORA-2008-6127]
+CVE-2008-2798 fixed (seamonkey, fixed 1.1.10) #453954 [since FEDORA-2008-6196]
CVE-2008-2783 VULNERABLE (kronolith)
CVE-2008-2728 ignore (ruby) 1.6.x variant of CVE-2008-2726
CVE-2008-2727 ignore (ruby) 1.6.x variant of CVE-2008-2725
@@ -63,9 +71,10 @@
CVE-2008-2377 ignore (gnutls, fixed 2.4.1) 2.3.5+ only
CVE-2008-2376 fixed (ruby, fixed 1.8.6-p257) [since FEDORA-2008-6094]
CVE-2008-2375 ignore (vsftpd) pre-2.0.5 versions only
-CVE-2008-2374 VULNERABLE (bluez-libs, fixed 3.34) #452820
-CVE-2008-2371 VULNERABLE (pcre) #453555
+CVE-2008-2374 VULNERABLE (bluez-libs, fixed 3.34) #452820 [since FEDORA-2008-6140]
+CVE-2008-2371 fixed (pcre) #453555 [since FEDORA-2008-6111]
CVE-2008-2371 fixed (glib2) #453559 [since FEDORA-2008-6025]
+CVE-2008-2364 VULNERABLE (httpd, fixed 2.2.9) #454423
CVE-2008-2363 VULNERABLE (pan) #449333
CVE-2008-2362 fixed (xorg-x11-server) #450925 [since FEDORA-2008-5279]
CVE-2008-2361 fixed (xorg-x11-server) #450925 [since FEDORA-2008-5279]
@@ -73,7 +82,7 @@
CVE-2008-2359 fixed (system-config-network) [since FEDORA-2008-4633]
CVE-2008-2357 fixed (mtr, fixed 0.73)
CVE-2008-2310 ignore (binutils) blocked by fortify_source
-CVE-2008-2307 VULNERABLE (WebKit, fixed svn34204) #454094
+CVE-2008-2307 fixed (WebKit, fixed svn34204) #454094 [since FEDORA-2008-6220]
CVE-2008-2302 fixed (Django, fixed 0.96.2) #447258 [since FEDORA-2008-4248]
CVE-2008-2292 fixed (net-snmp, fixed 5.4.2.pre1) [since FEDORA-2008-5218]
CVE-2008-2276 VULNERABLE (mantis) upstream fix in 1.2.0a1 seems useless
@@ -88,7 +97,7 @@
CVE-2008-2105 fixed (bugzilla, fixed 3.0.4, 3.1.4) #445822 [since FEDORA-2008-3442]
CVE-2008-2104 ignore (bugzilla, fixed 3.1.4) only affects 3.1.3, not in Fedora
CVE-2008-2103 fixed (bugzilla, fixed 3.0.4, 3.1.4) #445822 [since FEDORA-2008-3442]
-CVE-2008-2085 VULNERABLE (sipp) #446220
+CVE-2008-2085 fixed (sipp) #446220 [since FEDORA-2008-6219]
CVE-2008-2079 VULNERABLE (mysql, fixed 5.0.60) #445805
CVE-2008-2068 version (wordpress, fixed 2.5.1) [since FEDORA-2008-3397]
CVE-2008-2051 fixed (php, fixed 5.2.6) [since FEDORA-2008-3864]
@@ -168,6 +177,7 @@
CVE-2008-1552 fixed (libsilc, fixed 1.1.7) #438382 [since FEDORA-2008-2641]
CVE-2008-1532 version (Perlbal, fixed 1.70) #439056 [since FEDORA-2008-2778]
CVE-2008-1531 fixed (lighttpd) #439068 [since FEDORA-2008-3376]
+CVE-2008-1502 fixed (moodle, fixed 1.8.5) #454247 [since FEDORA-2008-6226]
CVE-2008-1488 VULNERABLE (php-pecl-apc) #438847
CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
CVE-2008-1482 fixed (xine-lib) #438670 [since FEDORA-2008-2849]
@@ -175,6 +185,7 @@
CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370]
CVE-2008-1468 fixed (namazu, fixed 2.0.18) #438667 [since FEDORA-2008-2767]
CVE-2008-1467 fixed (centerim) #438871 [since FEDORA-2008-2869]
+CVE-2008-1447 fixed (bind) #454475 [since FEDORA-2008-6281]
CVE-2008-1423 fixed (libvorbis) #446342 [since FEDORA-2008-3934]
CVE-2008-1420 fixed (libvorbis) #446342 [since FEDORA-2008-3934]
CVE-2008-1419 fixed (libvorbis) #446342 [since FEDORA-2008-3934]
@@ -520,9 +531,9 @@
CVE-2007-5690 version (zaptel) [since FEDORA-2007-2860] not really an issue
CVE-2007-5624 version (nagios, fixed 2.10) #362801 [since FEDORA-2007-4145]
CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731 [since FEDORA-2007-2876] nagios-plugins-1.4.8-9.fc8
-CVE-2007-5615 VULNERABLE (jetty) [since jetty-5.1.14-1jpp.1.fc8]
-CVE-2007-5614 VULNERABLE (jetty) [since jetty-5.1.14-1jpp.1.fc8]
-CVE-2007-5613 VULNERABLE (jetty) [since jetty-5.1.14-1jpp.1.fc8]
+CVE-2007-5615 fixed (jetty) [since FEDORA-2008-6164]
+CVE-2007-5614 fixed (jetty) [since FEDORA-2008-6164]
+CVE-2007-5613 fixed (jetty) [since FEDORA-2008-6164]
CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-3636]
CVE-2007-5503 version (cairo, fixed 1.4.12) [since FEDORA-2007-3913]
CVE-2007-5501 version (kernel) [since FEDORA-2007-3837]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.218
retrieving revision 1.219
diff -u -r1.218 -r1.219
--- f9 4 Jul 2008 20:12:10 -0000 1.218
+++ f9 14 Jul 2008 06:44:55 -0000 1.219
@@ -5,39 +5,47 @@
# (mozilla) = (gecko-libs dependent stuff)
rhbz249840 version (tor, fixed 0.1.2.15)
+CVE-2008-3145 VULNERABLE (wireshark, fixed 1.0.1) [since wireshark-1.0.2-1.fc9]
+CVE-2008-3141 VULNERABLE (wireshark, fixed 1.0.2) [since wireshark-1.0.2-1.fc9]
+CVE-2008-3140 VULNERABLE (wireshark, fixed 1.0.1) [since wireshark-1.0.2-1.fc9]
+CVE-2008-3139 VULNERABLE (wireshark, fixed 1.0.1) [since wireshark-1.0.2-1.fc9]
+CVE-2008-3138 VULNERABLE (wireshark, fixed 1.0.1) [since wireshark-1.0.2-1.fc9]
+CVE-2008-3137 VULNERABLE (wireshark, fixed 1.0.1) [since wireshark-1.0.2-1.fc9]
+CVE-2008-3067 version (sudo, fixed 1.6.9p12)
CVE-2008-2960 fixed (phpMyAdmin, fixed 2.11.7) [since FEDORA-2008-5676] PMASA-2008-4
CVE-2008-2954 fixed (linuxdcpp) #453733 [since FEDORA-2008-6018]
CVE-2008-2953 fixed (linuxdcpp) #453733 [since FEDORA-2008-6018]
CVE-2008-2952 fixed (openldap) #453727 [since FEDORA-2008-6062]
+CVE-2008-2950 VULNERABLE (poppler) #454289
CVE-2008-2942 VULNERABLE (mercurial)
CVE-2008-2841 ignore (xchat) windows-only, IE bug
CVE-2008-2827 fixed (perl) #452641 [since FEDORA-2008-5739]
CVE-2008-2811 version (firefox, fixed 3.0) [since firefox-3.0-1.fc9]
-CVE-2008-2811 VULNERABLE (seamonkey, fixed 1.1.10) #453955
+CVE-2008-2811 fixed (seamonkey, fixed 1.1.10) #453955 [since FEDORA-2008-6193]
CVE-2008-2810 version (firefox, fixed 3.0) [since firefox-3.0-1.fc9]
-CVE-2008-2810 VULNERABLE (seamonkey, fixed 1.1.10) #453955
+CVE-2008-2810 fixed (seamonkey, fixed 1.1.10) #453955 [since FEDORA-2008-6193]
CVE-2008-2809 version (firefox, fixed 3.0) [since firefox-3.0-1.fc9]
-CVE-2008-2809 VULNERABLE (seamonkey, fixed 1.1.10) #453955
+CVE-2008-2809 fixed (seamonkey, fixed 1.1.10) #453955 [since FEDORA-2008-6193]
CVE-2008-2808 version (firefox, fixed 3.0) [since firefox-3.0-1.fc9]
-CVE-2008-2808 VULNERABLE (seamonkey, fixed 1.1.10) #453955
+CVE-2008-2808 fixed (seamonkey, fixed 1.1.10) #453955 [since FEDORA-2008-6193]
CVE-2008-2807 version (firefox, fixed 3.0) [since firefox-3.0-1.fc9]
-CVE-2008-2807 VULNERABLE (seamonkey, fixed 1.1.10) #453955
+CVE-2008-2807 fixed (seamonkey, fixed 1.1.10) #453955 [since FEDORA-2008-6193]
CVE-2008-2806 ignore (firefox, fixed 3.0) Mac OS X specific
CVE-2008-2806 ignore (seamonkey, fixed 1.1.10) Mac OS X specific
CVE-2008-2805 version (firefox, fixed 3.0) [since firefox-3.0-1.fc9]
-CVE-2008-2805 VULNERABLE (seamonkey, fixed 1.1.10) #453955
+CVE-2008-2805 fixed (seamonkey, fixed 1.1.10) #453955 [since FEDORA-2008-6193]
CVE-2008-2803 version (firefox, fixed 3.0) [since firefox-3.0-1.fc9]
-CVE-2008-2803 VULNERABLE (seamonkey, fixed 1.1.10) #453955
+CVE-2008-2803 fixed (seamonkey, fixed 1.1.10) #453955 [since FEDORA-2008-6193]
CVE-2008-2802 version (firefox, fixed 3.0) [since firefox-3.0-1.fc9]
-CVE-2008-2802 VULNERABLE (seamonkey, fixed 1.1.10) #453955
+CVE-2008-2802 fixed (seamonkey, fixed 1.1.10) #453955 [since FEDORA-2008-6193]
CVE-2008-2801 version (firefox, fixed 3.0) [since firefox-3.0-1.fc9]
-CVE-2008-2801 VULNERABLE (seamonkey, fixed 1.1.10) #453955
+CVE-2008-2801 fixed (seamonkey, fixed 1.1.10) #453955 [since FEDORA-2008-6193]
CVE-2008-2800 version (firefox, fixed 3.0) [since firefox-3.0-1.fc9]
-CVE-2008-2800 VULNERABLE (seamonkey, fixed 1.1.10) #453955
+CVE-2008-2800 fixed (seamonkey, fixed 1.1.10) #453955 [since FEDORA-2008-6193]
CVE-2008-2799 version (firefox, fixed 3.0) [since firefox-3.0-1.fc9]
-CVE-2008-2799 VULNERABLE (seamonkey, fixed 1.1.10) #453955
+CVE-2008-2799 fixed (seamonkey, fixed 1.1.10) #453955 [since FEDORA-2008-6193]
CVE-2008-2798 version (firefox, fixed 3.0) [since firefox-3.0-1.fc9]
-CVE-2008-2798 VULNERABLE (seamonkey, fixed 1.1.10) #453955
+CVE-2008-2798 fixed (seamonkey, fixed 1.1.10) #453955 [since FEDORA-2008-6193]
CVE-2008-2728 ignore (ruby) 1.6.x variant of CVE-2008-2726
CVE-2008-2727 ignore (ruby) 1.6.x variant of CVE-2008-2725
CVE-2008-2726 fixed (ruby, fixed 1.8.6-p230, 1.8.7-p22) #452294 [since FEDORA-2008-5664]
@@ -47,7 +55,7 @@
CVE-2008-2722 fixed (gallery2, fixed 2.2.5) [since FEDORA-2008-5576]
CVE-2008-2721 fixed (gallery2, fixed 2.2.5) [since FEDORA-2008-5576]
CVE-2008-2720 fixed (gallery2, fixed 2.2.5) [since FEDORA-2008-5576]
-CVE-2008-2719 VULNERABLE (nasm, fixed 2.03.01) [since nasm-2.03.01-1.fc9]
+CVE-2008-2719 fixed (nasm, fixed 2.03.01) [since FEDORA-2008-5473]
CVE-2008-2713 fixed (clamav, fixed 0.93.1) [since FEDORA-2008-5476]
CVE-2008-2711 VULNERABLE (fetchmail, fixed 6.3.9) crash only in verbose mode
CVE-2008-2696 VULNERABLE (exiv2, fixed 0.17)
@@ -61,9 +69,10 @@
CVE-2008-2377 ignore (gnutls, fixed 2.4.1) 2.3.5+ only
CVE-2008-2376 fixed (ruby, fixed 1.8.6-p257) [since FEDORA-2008-6033]
CVE-2008-2375 ignore (vsftpd) pre-2.0.5 versions only
-CVE-2008-2374 VULNERABLE (bluez-libs, fixed 3.34) #452821
-CVE-2008-2371 VULNERABLE (pcre) #453556
+CVE-2008-2374 VULNERABLE (bluez-libs, fixed 3.34) #452821 [since FEDORA-2008-6133]
+CVE-2008-2371 fixed (pcre) #453556 [since FEDORA-2008-6110]
CVE-2008-2371 fixed (glib2) #453560 [since FEDORA-2008-6048]
+CVE-2008-2364 VULNERABLE (httpd, fixed 2.2.9) #447311
CVE-2008-2363 VULNERABLE (pan) #449334
CVE-2008-2362 fixed (xorg-x11-server) #450926 [since FEDORA-2008-5254]
CVE-2008-2361 fixed (xorg-x11-server) #450926 [since FEDORA-2008-5254]
@@ -71,7 +80,7 @@
CVE-2008-2359 ignore (system-config-network) F8 specific issue
CVE-2008-2357 fixed (mtr, fixed 0.73)
CVE-2008-2310 ignore (binutils) blocked by fortify_source
-CVE-2008-2307 VULNERABLE (WebKit, fixed svn34204) #454095
+CVE-2008-2307 fixed (WebKit, fixed svn34204) #454095 [since FEDORA-2008-6186]
CVE-2008-2302 fixed (Django, fixed 0.96.2) #447259 [since FEDORA-2008-4267]
CVE-2008-2292 fixed (net-snmp, fixed 5.4.2.pre1) [since FEDORA-2008-5215]
CVE-2008-2276 VULNERABLE (mantis) upstream fix in 1.2.0a1 seems useless
@@ -168,6 +177,7 @@
CVE-2008-1552 version (libsilc, fixed 1.1.7) #438382 [since libsilc-1.1.7-1.fc9]
CVE-2008-1532 version (Perlbal, fixed 1.70) [since Perlbal-1.70-1.fc9]
CVE-2008-1531 fixed (lighttpd) #439069 [since FEDORA-2008-4119]
+CVE-2008-1502 version (moodle, fixed 1.9)
CVE-2008-1488 VULNERABLE (php-pecl-apc) #438848
CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
CVE-2008-1482 version (xine-lib) #438671 [since xine-lib-1.1.11.1-1.fc9]
@@ -175,6 +185,7 @@
CVE-2008-1474 version (roundup) #436549 [since roundup-1.4.4-1.fc9]
CVE-2008-1468 version (namazu, fixed 2.0.18) #438668 [since namazu-2.0.18-1.fc9]
CVE-2008-1467 fixed (centerim) #438871
+CVE-2008-1447 fixed (bind) #454476 [since FEDORA-2008-6256]
CVE-2008-1423 fixed (libvorbis) #446343 [since FEDORA-2008-3910]
CVE-2008-1420 fixed (libvorbis) #446343 [since FEDORA-2008-3910]
CVE-2008-1419 fixed (libvorbis) #446343 [since FEDORA-2008-3910]
- Previous message (by thread): [Fedora-security-commits] fedora-security/audit f10, 1.9, 1.10 f8, 1.227, 1.228 f9, 1.217, 1.218
- Next message (by thread): [Fedora-security-commits] fedora-security/audit f10, 1.11, 1.12 f8, 1.229, 1.230 f9, 1.219, 1.220
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Fedora-security-commits
mailing list