[Fedora-security-commits] fedora-security/audit f8, 1.151, 1.152 f9, 1.140, 1.141 fc7, 1.307, 1.308

fedora-security-commits at redhat.com fedora-security-commits at redhat.com
Wed Mar 5 16:45:33 UTC 2008 

Author: thoger

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19518/audit

Modified Files:
	f8 f9 fc7 
Log Message:
cleanups, note some new issues



Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.151
retrieving revision 1.152
diff -u -r1.151 -r1.152
--- f8	5 Mar 2008 10:03:53 -0000	1.151
+++ f8	5 Mar 2008 16:45:03 -0000	1.152
@@ -10,14 +10,16 @@
 GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
 GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963] 
 GENERIC-MAP-NOMATCH VULNERABLE (viewvc) #435349 
-GENERIC-MAP-NOMATCH VULNERABLE (php-Smarty) #435811 
 GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since ] 
+CVE-2008-1133 ignore (drupal) #435816 drupal 6.x only
 CVE-2008-1131 ignore (drupal) #435816 drupal 6.x only
 CVE-2008-1111 VULNERABLE (lighttpd) #435807 
 CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since FEDORA-2008-1043]
 CVE-2008-1072 VULNERABLE (wireshark) #435485 
 CVE-2008-1071 VULNERABLE (wireshark) #435485 
 CVE-2008-1070 VULNERABLE (wireshark) #435485 
+CVE-2008-1066 version (php-Smarty) #435811 [since ]
 CVE-2008-0983 VULNERABLE (lighttpd) #435807 
 CVE-2008-0932 fixed (sword) #433724 [since FEDORA-2008-1922] why? diatheke.pl is not shipped...
 CVE-2008-0928 fixed (qemu) #433561 [since FEDORA-2008-2001] 


Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.140
retrieving revision 1.141
diff -u -r1.140 -r1.141
--- f9	5 Mar 2008 10:03:53 -0000	1.140
+++ f9	5 Mar 2008 16:45:03 -0000	1.141
@@ -10,16 +10,17 @@
 GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
 GENERIC-MAP-NOMATCH VULNERABLE (wyrd) #433722 
 GENERIC-MAP-NOMATCH fixed (inkscape) #432807  [since inkscape-0.45.1+0.46pre1-4.fc9]
-GENERIC-MAP-NOMATCH VULNERABLE (php-Smarty) #435813 
 GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
-CVE-2008-1133 version (drupal) #435817 [since drupal-6.1-1.fc9]
-CVE-2008-1131 version (drupal) #435817 [since drupal-6.1-1.fc9]
-CVE-2008-1111 VULNERABLE (lighttpd) #435809 
+CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since phpMyAdmin-2.11.5-1.fc9] 
+CVE-2008-1133 version (drupal, fixed 6.1) #435817 [since drupal-6.1-1.fc9]
+CVE-2008-1131 version (drupal, fixed 6.1) #435817 [since drupal-6.1-1.fc9]
+CVE-2008-1111 backport (lighttpd) #435809 [since lighttpd-1.4.18-6.fc9]
 CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since xine-lib-1.1.10-2.fc9]
 CVE-2008-1072 VULNERABLE (wireshark) #435488 
 CVE-2008-1071 VULNERABLE (wireshark) #435488 
 CVE-2008-1070 VULNERABLE (wireshark) #435488 
-CVE-2008-0983 VULNERABLE (lighttpd) #435809 
+CVE-2008-1066 version (php-Smarty) #435813 [since php-Smarty-2.6.19-1.fc9]
+CVE-2008-0983 backport (lighttpd) #435809 [since lighttpd-1.4.18-6.fc9]
 CVE-2008-0932 backport (sword) #433726 [since sword-1.5.10-3.fc9] why? diatheke.pl is not shipped...
 CVE-2008-0928 backport (qemu) #433563 [since qemu-0.9.1-3.fc9]
 CVE-2008-0928 backport (kvm) #433566 [since kvm-61-2.fc9]


Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.307
retrieving revision 1.308
diff -u -r1.307 -r1.308
--- fc7	5 Mar 2008 10:03:53 -0000	1.307
+++ fc7	5 Mar 2008 16:45:03 -0000	1.308
@@ -11,14 +11,16 @@
 GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
 GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986] 
 GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159] 
-GENERIC-MAP-NOMATCH VULNERABLE (php-Smarty) #435812 
 GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since ] 
+CVE-2008-1133 ignore (drupal) #435815 drupal 6.x only
 CVE-2008-1131 ignore (drupal) #435815 drupal 6.x only
 CVE-2008-1111 VULNERABLE (lighttpd) #435808 
 CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since FEDORA-2008-1047]
 CVE-2008-1072 VULNERABLE (wireshark) #435487 
 CVE-2008-1071 VULNERABLE (wireshark) #435487 
 CVE-2008-1070 VULNERABLE (wireshark) #435487 
+CVE-2008-1066 version (php-Smarty, fixed 2.6.19) #435812 [since ]
 CVE-2008-0983 VULNERABLE (lighttpd) #435808 
 CVE-2008-0932 fixed (sword) #433725 [since FEDORA-2008-1951] why? diatheke.pl is not shipped...
 CVE-2008-0928 fixed (qemu) #433562 [since FEDORA-2008-1995]

More information about the Fedora-security-commits mailing list