[Fedora-security-commits] fedora-security/audit f10, 1.14, 1.15 f8, 1.232, 1.233 f9, 1.222, 1.223

[fedora-security-commits at redhat.com]

Author: thoger

Update of /cvs/fedora/fedora-security/audit
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv30842/audit

Modified Files:
	f10 f8 f9 
Log Message:
few more updates



Index: f10
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f10,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- f10	11 Sep 2008 15:15:31 -0000	1.14
+++ f10	12 Sep 2008 19:00:33 -0000	1.15
@@ -8,6 +8,7 @@
 CVE-2008-3970 version (pam_mount, fixed 0.47) [since pam_mount-0.47-1.fc10] 
 CVE-2008-3969 version (bitlbee, fixed 1.2.3) [since bitlbee-1.2.3-1.fc10] 
 CVE-2008-3964 backport (libpng, fixed 1.2.32beta01) #461620 [since libpng-1.2.31-2.fc10]
+CVE-2008-3962 backport (ssmtp) [since ssmtp-2.61-11.6.fc10] 
 CVE-2008-3934 version (wireshark, fixed 1.0.3) [since wireshark-1.0.3-1.fc10]
 CVE-2008-3933 version (wireshark, fixed 1.0.3) [since wireshark-1.0.3-1.fc10]
 CVE-2008-3932 version (wireshark, fixed 1.0.3) [since wireshark-1.0.3-1.fc10]
@@ -18,6 +19,8 @@
 CVE-2008-3906 VULNERABLE (mono) #461755 
 CVE-2008-3905 version (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since ruby-1.8.6.287-1.fc10] 
 CVE-2008-3889 VULNERABLE (postfix, fixed 2.4.9, 2.5.5) #459101 
+CVE-2008-3824 VULNERABLE (horde) oCERT-2008-012
+CVE-2008-3823 VULNERABLE (horde) oCERT-2008-012
 CVE-2008-3796 version (swfdec, fixed 0.6.8) [since swfdec-0.7.4-1.fc10] 
 CVE-2008-3790 VULNERABLE (ruby) 
 CVE-2008-3789 VULNERABLE (samba, fixed 3.2.3) 
@@ -51,6 +54,7 @@
 CVE-2008-3326 version (moodle) 1.8.x+ not affected
 CVE-2008-3325 version (moodle) 1.8.x+ not affected
 CVE-2008-3294 ignore (vim) build-time tmp file usage
+CVE-2008-3283 version (fedora-ds-base, fixed 1.1.2) [since fedora-ds-base-1.1.2-1.fc10] 
 CVE-2008-3282 VULNERABLE (openoffice.org) 
 CVE-2008-3281 version (libxml2) #459714 [since libxml2-2.7.0-1.fc10]
 CVE-2008-3274 backport (ipa) [since ipa-1.1.0-3.fc10] 
@@ -95,6 +99,7 @@
 CVE-2008-2935 VULNERABLE (libxslt) 
 CVE-2008-2933 version (firefox, fixed 3.0.1) [since firefox-3.0.1-1.fc10]
 CVE-2008-2932 version (adminutil, fixed 1.1.7) [since adminutil-1.1.7-1.fc10] 
+CVE-2008-2930 version (fedora-ds-base, fixed 1.1.2) [since fedora-ds-base-1.1.2-1.fc10] 
 CVE-2008-2929 version (adminutil, fixed 1.1.6) [since adminutil-1.1.6-1.fc10] 
 CVE-2008-2928 version (adminutil, fixed 1.1.7) [since adminutil-1.1.7-1.fc10] 
 CVE-2008-2841 ignore (xchat) windows-only, IE bug


Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.232
retrieving revision 1.233
diff -u -r1.232 -r1.233
--- f8	11 Sep 2008 15:15:32 -0000	1.232
+++ f8	12 Sep 2008 19:00:33 -0000	1.233
@@ -10,6 +10,7 @@
 CVE-2008-3970 fixed (pam_mount, fixed 0.47) [since FEDORA-2008-7973] 
 CVE-2008-3969 fixed (bitlbee, fixed 1.2.3) [since FEDORA-2008-7761] 
 CVE-2008-3964 ignore (libpng, fixed 1.2.32beta01) not affected
+CVE-2008-3962 VULNERABLE (ssmtp) 
 CVE-2008-3934 fixed (wireshark, fixed 1.0.3) #461254 [since FEDORA-2008-7894] 
 CVE-2008-3933 fixed (wireshark, fixed 1.0.3) #461254 [since FEDORA-2008-7894] 
 CVE-2008-3932 fixed (wireshark, fixed 1.0.3) #461254 [since FEDORA-2008-7894] 
@@ -20,6 +21,8 @@
 CVE-2008-3906 VULNERABLE (mono) #461753 
 CVE-2008-3905 VULNERABLE (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-7554] 
 CVE-2008-3889 VULNERABLE (postfix, fixed 2.4.9, 2.5.5) #459099 
+CVE-2008-3824 VULNERABLE (horde) oCERT-2008-012
+CVE-2008-3823 VULNERABLE (horde) oCERT-2008-012
 CVE-2008-3790 VULNERABLE (ruby) 
 CVE-2008-3789 ignore (samba, fixed 3.2.3) 3.2.x only
 CVE-2008-3747 fixed (wordpress, fixed 2.6.1) [since FEDORA-2008-7463] 
@@ -51,9 +54,10 @@
 CVE-2008-3326 version (moodle) 1.8.x+ not affected
 CVE-2008-3325 version (moodle) 1.8.x+ not affected
 CVE-2008-3294 ignore (vim) build-time tmp file usage
+CVE-2008-3283 fixed (fedora-ds-base, fixed 1.1.2) [since FEDORA-2008-7891] 
 CVE-2008-3282 fixed (openoffice.org) [since FEDORA-2008-7531] 
 CVE-2008-3281 fixed (libxml2) #459712 [since FEDORA-2008-7724] 
-CVE-2008-3274 VULNERABLE (ipa) [since ipa-1.1.0-4.fc8] 
+CVE-2008-3274 fixed (ipa) [since FEDORA-2008-7987] 
 CVE-2008-3264 fixed (asterisk, fixed 1.4.21.2) [since FEDORA-2008-6676] AST-2008-011
 CVE-2008-3263 fixed (asterisk, fixed 1.4.21.2) [since FEDORA-2008-6676] AST-2008-010
 CVE-2008-3259 ignore (openssh, fixed 5.1) HP-UX only
@@ -93,6 +97,7 @@
 CVE-2008-2935 fixed (libxslt) [since FEDORA-2008-7029] 
 CVE-2008-2933 fixed (firefox, fixed 2.0.0.16) [since FEDORA-2008-6491] 
 CVE-2008-2932 fixed (adminutil, fixed 1.1.7) [since FEDORA-2008-7642] 
+CVE-2008-2930 fixed (fedora-ds-base, fixed 1.1.2) [since FEDORA-2008-7891] 
 CVE-2008-2929 fixed (adminutil, fixed 1.1.6) [since FEDORA-2008-7642] 
 CVE-2008-2928 fixed (adminutil, fixed 1.1.7) [since FEDORA-2008-7642] 
 CVE-2008-2841 ignore (xchat) windows-only, IE bug


Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.222
retrieving revision 1.223
diff -u -r1.222 -r1.223
--- f9	11 Sep 2008 15:15:32 -0000	1.222
+++ f9	12 Sep 2008 19:00:33 -0000	1.223
@@ -9,6 +9,7 @@
 CVE-2008-3970 fixed (pam_mount, fixed 0.47) [since FEDORA-2008-7976] 
 CVE-2008-3969 fixed (bitlbee, fixed 1.2.3) [since FEDORA-2008-7830] 
 CVE-2008-3964 ignore (libpng, fixed 1.2.32beta01) not affected
+CVE-2008-3962 VULNERABLE (ssmtp) 
 CVE-2008-3934 fixed (wireshark, fixed 1.0.3) #461255 [since FEDORA-2008-7936] 
 CVE-2008-3933 fixed (wireshark, fixed 1.0.3) #461255 [since FEDORA-2008-7936] 
 CVE-2008-3932 fixed (wireshark, fixed 1.0.3) #461255 [since FEDORA-2008-7936] 
@@ -19,6 +20,8 @@
 CVE-2008-3906 VULNERABLE (mono) #461754 
 CVE-2008-3905 VULNERABLE (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-7697] 
 CVE-2008-3889 VULNERABLE (postfix, fixed 2.4.9, 2.5.5) #459100 
+CVE-2008-3824 VULNERABLE (horde) oCERT-2008-012
+CVE-2008-3823 VULNERABLE (horde) oCERT-2008-012
 CVE-2008-3796 version (swfdec, fixed 0.6.8) [since swfdec-0.6.8-1.fc9] 
 CVE-2008-3790 VULNERABLE (ruby) 
 CVE-2008-3789 fixed (samba, fixed 3.2.3) [since FEDORA-2008-7243] 
@@ -52,9 +55,10 @@
 CVE-2008-3326 version (moodle) 1.8.x+ not affected
 CVE-2008-3325 version (moodle) 1.8.x+ not affected
 CVE-2008-3294 ignore (vim) build-time tmp file usage
+CVE-2008-3283 fixed (fedora-ds-base, fixed 1.1.2) [since FEDORA-2008-7813] 
 CVE-2008-3282 fixed (openoffice.org) [since FEDORA-2008-7680] 
 CVE-2008-3281 fixed (libxml2) #459713 [since FEDORA-2008-7395] 
-CVE-2008-3274 VULNERABLE (ipa) [since ipa-1.1.0-7.fc9] 
+CVE-2008-3274 fixed (ipa) [since FEDORA-2008-8003] 
 CVE-2008-3264 fixed (asterisk) [since FEDORA-2008-6853] AST-2008-011
 CVE-2008-3263 fixed (asterisk) [since FEDORA-2008-6853] AST-2008-010
 CVE-2008-3259 ignore (openssh, fixed 5.1) HP-UX only
@@ -96,6 +100,7 @@
 CVE-2008-2935 fixed (libxslt) [since FEDORA-2008-7062] 
 CVE-2008-2933 fixed (firefox, fixed 3.0.1) [since FEDORA-2008-6518] 
 CVE-2008-2932 fixed (adminutil, fixed 1.1.7) [since FEDORA-2008-7339] 
+CVE-2008-2930 fixed (fedora-ds-base, fixed 1.1.2) [since FEDORA-2008-7813] 
 CVE-2008-2929 fixed (adminutil, fixed 1.1.6) [since FEDORA-2008-7339] 
 CVE-2008-2928 fixed (adminutil, fixed 1.1.7) [since FEDORA-2008-7339] 
 CVE-2008-2841 ignore (xchat) windows-only, IE bug