[Fedora-security-commits] fedora-security/audit f8, 1.165, 1.166 f9, 1.156, 1.157 fc7, 1.321, 1.322

fedora-security-commits at redhat.com fedora-security-commits at redhat.com
Wed Mar 19 11:34:47 UTC 2008 

Author: thoger

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3893/audit

Modified Files:
	f8 f9 fc7 
Log Message:
note asterisk, perl-Net-DNS



Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.165
retrieving revision 1.166
diff -u -r1.165 -r1.166
--- f8	19 Mar 2008 08:57:54 -0000	1.165
+++ f8	19 Mar 2008 11:34:17 -0000	1.166
@@ -11,10 +11,14 @@
 GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963] 
 GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159] 
 GENERIC-MAP-NOMATCH fixed (roundup) #436547 [since FEDORA-2008-2370] 
+CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438133 
 CVE-2008-1360 VULNERABLE (nagios) #437850 
 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
+CVE-2008-1333 ignore (asterisk) not affected
+CVE-2008-1332 VULNERABLE (asterisk, fixed 1.4.18.1) #438133 
 CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
 CVE-2008-1304 ignore (wordpress) bogus CVE id description?
+CVE-2008-1289 VULNERABLE (asterisk, fixed 1.4.18.1) #438133 
 CVE-2008-1284 version (horde, fixed 3.1.7) #436628 [since FEDORA-2008-2362] 
 CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects.
 **CVE-2008-1227 fixed (libsilc) We updated this as non-security
@@ -173,6 +177,7 @@
 CVE-2007-6420 ignore (httpd) wontfix by upstream
 CVE-2007-6415 fixed (scponly, fixed 4.8) #429732 [since FEDORA-2008-1743] 
 CVE-2007-6388 fixed (httpd, fixed 2.2.8) #427982 [since FEDORA-2008-1711] 
+CVE-2007-6341 ignore (perl-Net-DNS) no impact
 CVE-2007-6337 fixed (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115] 
 CVE-2007-6336 fixed (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115] 
 CVE-2007-6335 fixed (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115] 


Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.156
retrieving revision 1.157
diff -u -r1.156 -r1.157
--- f9	19 Mar 2008 08:57:54 -0000	1.156
+++ f9	19 Mar 2008 11:34:17 -0000	1.157
@@ -11,10 +11,14 @@
 GENERIC-MAP-NOMATCH VULNERABLE (wyrd) #433722 
 GENERIC-MAP-NOMATCH fixed (inkscape) #432807  [since inkscape-0.45.1+0.46pre1-4.fc9]
 GENERIC-MAP-NOMATCH version (roundup) #436549 [since roundup-1.4.4-1.fc9]
+CVE-2008-1390 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134 
 CVE-2008-1360 VULNERABLE (nagios) #437852 
 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
+CVE-2008-1333 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134 
+CVE-2008-1332 ignore (asterisk) not affected according to upstream advisory
 CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
 CVE-2008-1304 ignore (wordpress) bogus CVE id description?
+CVE-2008-1289 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134 
 CVE-2008-1284 version (horde, fixed 3.1.7) #436628 
 CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects.
 **CVE-2008-1227 fixed (libsilc) We updated this as non-security
@@ -172,6 +176,7 @@
 CVE-2007-6420 ignore (httpd) wontfix by upstream
 CVE-2007-6415 backport (scponly, fixed 4.8) [since scponly-4.6-10.fc9]
 CVE-2007-6388 version (httpd, fixed 2.2.8) #427984 [since httpd-2.2.8-2]
+CVE-2007-6341 version (perl-Net-DNS) [since perl-Net-DNS-0.63-1.fc9] 
 CVE-2007-6337 version (clamav, fixed 0.92) #426213 [since clamav-0.92-3.fc9]
 CVE-2007-6336 version (clamav, fixed 0.92) #426213 [since clamav-0.92-3.fc9]
 CVE-2007-6335 version (clamav, fixed 0.92) #426213 [since clamav-0.92-3.fc9]


Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.321
retrieving revision 1.322
diff -u -r1.321 -r1.322
--- fc7	19 Mar 2008 08:57:54 -0000	1.321
+++ fc7	19 Mar 2008 11:34:17 -0000	1.322
@@ -12,10 +12,14 @@
 GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986] 
 GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159] 
 GENERIC-MAP-NOMATCH fixed (roundup) #436548 [since FEDORA-2008-2471] 
+CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438132 
 CVE-2008-1360 VULNERABLE (nagios) #437851 
 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
+CVE-2008-1333 ignore (asterisk) not affected
+CVE-2008-1332 VULNERABLE (asterisk, fixed 1.4.18.1) #438132 
 CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
 CVE-2008-1304 ignore (wordpress) bogus CVE id description?
+CVE-2008-1289 VULNERABLE (asterisk, fixed 1.4.18.1) #438132 
 CVE-2008-1284 version (horde, fixed 3.1.7) #436628 [since FEDORA-2008-2406] 
 CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects.
 **CVE-2008-1227 fixed (libsilc) We updated this as non-security
@@ -172,6 +176,7 @@
 CVE-2007-6420 ignore (httpd) wontfix by upstream
 CVE-2007-6415 fixed (scponly, fixed 4.8) #429731 [since FEDORA-2008-1728] 
 CVE-2007-6388 fixed (httpd, fixed 2.2.8) #427983 [since FEDORA-2008-1695] 
+CVE-2007-6341 ignore (perl-Net-DNS) no impact
 CVE-2007-6337 fixed (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170] 
 CVE-2007-6336 fixed (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170] 
 CVE-2007-6335 fixed (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170]

More information about the Fedora-security-commits mailing list