[Fedora-security-commits] fedora-security/audit f10, 1.36, 1.37 f11, 1.7, 1.8 f9, 1.246, 1.247
fedora-security-commits at redhat.com
fedora-security-commits at redhat.com
Tue May 26 08:01:32 UTC 2009
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv30446/audit
Modified Files:
f10 f11 f9
Log Message:
bunch of old changes i failed to commit previously
these files are not really maintained any more :-(
Index: f10
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f10,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -r1.36 -r1.37
--- f10 6 Mar 2009 19:45:04 -0000 1.36
+++ f10 26 May 2009 08:01:02 -0000 1.37
@@ -4,16 +4,26 @@
# *CVE are items that need verification for Fedora 10
# (mozilla) = (gecko-libs dependent stuff)
+CVE-2009-0845 VULNERABLE (krb5) [since krb5-1.6.3-17.fc10]
CVE-2009-0819 ignore (mysql) 5.1+ only
CVE-2009-0749 fixed (optipng, fixed 0.6.2.1) [since FEDORA-2009-2100]
CVE-2009-0737 fixed (mediawiki, fixed 1.13.4) [since FEDORA-2009-2231]
+CVE-2009-0733 VULNERABLE (lcms, fixed 1.18) #491273
+CVE-2009-0723 VULNERABLE (lcms, fixed 1.18) #491273
CVE-2009-0671 ignore (uw-imap) rejected, fake report
CVE-2009-0601 ignore (wireshark, fixed 1.0.6) not security
CVE-2009-0600 fixed (wireshark, fixed 1.0.6) [since FEDORA-2009-1798]
CVE-2009-0599 fixed (wireshark, fixed 1.0.6) [since FEDORA-2009-1798]
-CVE-2009-0578 VULNERABLE (NetworkManager, 0.7.0.99) [since NetworkManager-0.7.0.99-1.fc10]
+CVE-2009-0587 ignore (evolution-data-server) only old EDS versions affected
+CVE-2009-0585 ignore (libsoup) not affected
+CVE-2009-0584 fixed (ghostscript) #491277 [since FEDORA-2009-2885]
+CVE-2009-0583 fixed (ghostscript) #491277 [since FEDORA-2009-2885]
+CVE-2009-0582 fixed (evolution-data-server, fixed 2.26.0) [since FEDORA-2009-2784]
+CVE-2009-0581 VULNERABLE (lcms, fixed 1.18) #491273
+CVE-2009-0578 fixed (NetworkManager, 0.7.0.99) [since FEDORA-2009-2419]
CVE-2009-0577 ignore (cups) not affected
CVE-2009-0547 VULNERABLE (evolution)
+CVE-2009-0547 fixed (evolution-data-server, fixed 2.26.0) [since FEDORA-2009-2784]
CVE-2009-0544 fixed (python-crypto) [since FEDORA-2009-1687]
CVE-2009-0543 ignore (proftpd) not affected
CVE-2009-0542 VULNERABLE (proftpd) #485130
@@ -22,12 +32,12 @@
CVE-2009-0500 fixed (moodle, fixed 1.9.4) [since FEDORA-2009-1699]
CVE-2009-0499 fixed (moodle, fixed 1.9.4) [since FEDORA-2009-1699]
CVE-2009-0490 VULNERABLE (audacity, fixed 1.3.6) #484952
-CVE-2009-0486 VULNERABLE (bugzilla, fixed 3.0.8) #484756
-CVE-2009-0485 VULNERABLE (bugzilla, fixed 3.0.7) #484756
-CVE-2009-0484 VULNERABLE (bugzilla, fixed 3.0.7) #484756
-CVE-2009-0483 VULNERABLE (bugzilla, fixed 3.0.7) #484756
-CVE-2009-0482 VULNERABLE (bugzilla, fixed 3.2.1) #484756
-CVE-2009-0481 VULNERABLE (bugzilla, fixed 3.0.7) #484756
+CVE-2009-0486 fixed (bugzilla, fixed 3.0.8) #484756 [since FEDORA-2009-2417]
+CVE-2009-0485 fixed (bugzilla, fixed 3.0.7) #484756 [since FEDORA-2009-2417]
+CVE-2009-0484 fixed (bugzilla, fixed 3.0.7) #484756 [since FEDORA-2009-2417]
+CVE-2009-0483 fixed (bugzilla, fixed 3.0.7) #484756 [since FEDORA-2009-2417]
+CVE-2009-0482 fixed (bugzilla, fixed 3.2.1) #484756 [since FEDORA-2009-2417]
+CVE-2009-0481 fixed (bugzilla, fixed 3.0.7) #484756 [since FEDORA-2009-2417]
CVE-2009-0415 fixed (trickle) [since FEDORA-2009-1694]
CVE-2009-0414 fixed (tor, fixed 0.2.0.33) [since FEDORA-2009-0917]
CVE-2009-0413 fixed (roundcubemail) [since FEDORA-2009-1204]
@@ -35,8 +45,8 @@
CVE-2009-0397 fixed (gstreamer-plugins-good, fixed 0.10.13) [since FEDORA-2009-1213]
CVE-2009-0387 fixed (gstreamer-plugins-good, fixed 0.10.13) [since FEDORA-2009-1213]
CVE-2009-0386 fixed (gstreamer-plugins-good, fixed 0.10.13) [since FEDORA-2009-1213]
-CVE-2009-0368 VULNERABLE (opensc, fixed 0.11.7) [since opensc-0.11.7-1.fc10]
-CVE-2009-0365 VULNERABLE (NetworkManager, 0.7.0.99) [since NetworkManager-0.7.0.99-1.fc10]
+CVE-2009-0368 fixed (opensc, fixed 0.11.7) [since FEDORA-2009-2266]
+CVE-2009-0365 fixed (NetworkManager, 0.7.0.99) [since FEDORA-2009-2419]
CVE-2009-0362 fixed (fail2ban) [since FEDORA-2009-1737]
CVE-2009-0361 ignore (pam_krb5) not affected
CVE-2009-0360 ignore (pam_krb5) not affected
@@ -57,9 +67,9 @@
CVE-2009-0122 ignore (hplip) Debian/Ubuntu specific
CVE-2009-0041 fixed (asterisk, fixed 1.6.0.5) [since FEDORA-2009-0984] AST-2009-001
CVE-2009-0040 fixed (libpng, fixed 1.2.35,1.0.43) [since FEDORA-2009-2112]
-CVE-2009-0040 VULNERABLE (libpng10, fixed 1.2.35,1.0.43) [since libpng10-1.0.43-1.fc10]
+CVE-2009-0040 fixed (libpng10, fixed 1.2.35,1.0.43) [since FEDORA-2009-1976]
CVE-2009-0040 fixed (mingw32-libpng, fixed 1.2.35,1.0.43) [since FEDORA-2009-2131]
-CVE-2009-0037 VULNERABLE (curl, fixed 7.19.4) #48870
+CVE-2009-0037 fixed (curl, fixed 7.19.4) #488170 [since FEDORA-2009-2247]
CVE-2009-0036 ignore (libvirt) libvirt_proxy not shipped
CVE-2009-0034 fixed (sudo) [since FEDORA-2009-1074]
CVE-2009-0032 ignore (cups) Mandriva-specific
@@ -70,7 +80,7 @@
CVE-2008-6229 fixed (drupal-cck, fixed 6.x.2.0) [since FEDORA-2008-10143]
CVE-2008-6125 version (moodle)
CVE-2008-6123 fixed (net-snmp) [since FEDORA-2009-1769]
-CVE-2008-6098 VULNERABLE (bugzilla, fixed 3.0.6) #484756
+CVE-2008-6098 fixed (bugzilla, fixed 3.0.6) #484756 [since FEDORA-2009-2417]
CVE-2008-6059 VULNERABLE (WebKit) [since WebKit-1.1.0-0.14.svn40351.fc10]
CVE-2008-6020 fixed (drupal-views, fixed 6.x-2.2) [since FEDORA-2008-11578]
CVE-2008-5917 VULNERABLE (horde, fixed 3.2.3,3.3.1)
@@ -78,7 +88,9 @@
CVE-2008-5906 version (ktorrent, fixed 3.1.4) [since ktorrent-3.1.4-1.fc10]
CVE-2008-5905 version (ktorrent, fixed 3.1.4) [since ktorrent-3.1.4-1.fc10]
CVE-2008-5844 ignore (php, fixed 5.2.8) only affected 5.2.7
+CVE-2008-5843 fixed (pdfjam, fixed 1.21) [since FEDORA-2009-2651]
CVE-2008-5744 ignore (zaptel) kernel modules not shipped
+CVE-2008-5743 fixed (pdfjam, fixed 1.21) [since FEDORA-2009-2651]
CVE-2008-5718 VULNERABLE (netatalk, fixed 2.0.4-beta2)
CVE-2008-5716 ignore (xen) CVE-2008-4405 was not yet fixed
CVE-2008-5714 VULNERABLE (kvm)
@@ -188,7 +200,7 @@
CVE-2008-4577 version (dovecot, fixed 1.1.14) [since dovecot-1.1.5-1.fc10]
CVE-2008-4575 version (jhead, fixed 2.84) [since jhead-2.84-1.fc10]
CVE-2008-4474 fixed (freeradius) [since FEDORA-2008-10392] dialupadmin subpackage dropped
-CVE-2008-4437 VULNERABLE (bugzilla, fixed 3.0.5) #484756
+CVE-2008-4437 fixed (bugzilla, fixed 3.0.5) #484756 [since FEDORA-2009-2417]
CVE-2008-4434 ignore (bittorrent) 6.x only
CVE-2008-4422 backport (libxml2, fixed 2.7.2) [since libxml2-2.7.1-2.fc10]
CVE-2008-4408 version (mediawiki, fixed 1.13.2) [since mediawiki-1.13.2-41.fc10]
@@ -197,6 +209,7 @@
CVE-2008-4359 version (lighttpd, fixed 1.4.20) #465754 [since lighttpd-1.4.20-1.fc10]
CVE-2008-4326 version (phpMyAdmin, fixed 2.11.9.2) [since phpMyAdmin-2.11.9.2-1.fc10]
CVE-2008-4325 version (viewvc, fixed 1.0.6) [since viewvc-1.0.6-1.fc10]
+CVE-2008-4316 VULNERABLE (glib2) [since glib2-2.18.4-2.fc10]
CVE-2008-4315 VULNERABLE (tog-pegasus) [since FEDORA-2008-10061]
CVE-2008-4314 fixed (samba, fixed 3.0.33,3.2.5) [since FEDORA-2008-10612]
CVE-2008-4313 VULNERABLE (tog-pegasus) [since FEDORA-2008-10061]
Index: f11
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f11,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- f11 6 Mar 2009 19:45:04 -0000 1.7
+++ f11 26 May 2009 08:01:02 -0000 1.8
@@ -4,16 +4,26 @@
# *CVE are items that need verification for Fedora 10
# (mozilla) = (gecko-libs dependent stuff)
+CVE-2009-0845 backport (krb5) [since krb5-1.6.3-19.fc11]
CVE-2009-0819 version (mysql) [since mysql-5.1.32-1.fc11]
CVE-2009-0749 version (optipng, fixed 0.6.2.1) [since optipng-0.6.2.1-1.fc11]
CVE-2009-0737 version (mediawiki, fixed 1.13.4) [since mediawiki-1.14.0-45.fc11]
+CVE-2009-0733 VULNERABLE (lcms, fixed 1.18) #491274
+CVE-2009-0723 VULNERABLE (lcms, fixed 1.18) #491274
CVE-2009-0671 ignore (uw-imap) rejected, fake report
CVE-2009-0601 ignore (wireshark, fixed 1.0.6) not security
CVE-2009-0600 version (wireshark, fixed 1.0.6)
CVE-2009-0599 version (wireshark, fixed 1.0.6)
+CVE-2009-0587 ignore (evolution-data-server) only old EDS versions affected
+CVE-2009-0585 ignore (libsoup) not affected
+CVE-2009-0584 VULNERABLE (ghostscript) #491278
+CVE-2009-0583 VULNERABLE (ghostscript) #491278
+CVE-2009-0582 VULNERABLE (evolution-data-server, fixed 2.26.0) [since evolution-data-server-2.26.0-1.fc11]
+CVE-2009-0581 VULNERABLE (lcms, fixed 1.18) #491274
CVE-2009-0578 version (NetworkManager, 0.7.0.99) [since NetworkManager-0.7.0.99-1.fc11]
CVE-2009-0577 ignore (cups) not affected
CVE-2009-0547 VULNERABLE (evolution)
+CVE-2009-0547 VULNERABLE (evolution-data-server, fixed 2.26.0) [since evolution-data-server-2.26.0-1.fc11]
CVE-2009-0544 version (python-crypto) [since python-crypto-2.0.1-16.1]
CVE-2009-0543 ignore (proftpd) not affected
CVE-2009-0542 VULNERABLE (proftpd) #485131
@@ -70,7 +80,9 @@
CVE-2008-5906 version (ktorrent, fixed 3.1.4) [since ktorrent-3.1.4-1.fc10]
CVE-2008-5905 version (ktorrent, fixed 3.1.4) [since ktorrent-3.1.4-1.fc10]
CVE-2008-5844 ignore (php, fixed 5.2.8) only affected 5.2.7
+CVE-2008-5843 version (pdfjam, fixed 1.21) [since pdfjam-1.21-1.fc11]
CVE-2008-5744 ignore (zaptel) kernel modules not shipped
+CVE-2008-5743 version (pdfjam, fixed 1.21) [since pdfjam-1.21-1.fc11]
CVE-2008-5718 VULNERABLE (netatalk, fixed 2.0.4-beta2)
CVE-2008-5716 ignore (xen) CVE-2008-4405 was not yet fixed
CVE-2008-5714 VULNERABLE (kvm)
@@ -145,6 +157,7 @@
CVE-2008-4640 version (jhead) [since jhead-2.86-1.fc11]
CVE-2008-4437 version (bugzilla, fixed 3.0.5) #484758 [since bugzilla-3.0.8-1.fc11]
CVE-2008-4405 VULNERABLE (xen)
+CVE-2008-4316 VULNERABLE (glib2) [since glib2-2.19.10-2.fc11]
CVE-2008-4315 fixed (tog-pegasus) [since tog-pegasus-2.7.2-2.fc11]
CVE-2008-4314 version (samba, fixed 3.0.33,3.2.5) [since samba-3.2.5-0.23.fc11]
CVE-2008-4313 fixed (tog-pegasus) [since tog-pegasus-2.7.2-2.fc11]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.246
retrieving revision 1.247
diff -u -r1.246 -r1.247
--- f9 6 Mar 2009 19:45:04 -0000 1.246
+++ f9 26 May 2009 08:01:02 -0000 1.247
@@ -5,16 +5,26 @@
# (mozilla) = (gecko-libs dependent stuff)
rhbz249840 version (tor, fixed 0.1.2.15)
+CVE-2009-0845 VULNERABLE (krb5) [since krb5-1.6.3-15.fc9]
CVE-2009-0819 ignore (mysql) 5.1+ only
CVE-2009-0749 fixed (optipng, fixed 0.6.2.1) [since FEDORA-2009-2098]
CVE-2009-0737 fixed (mediawiki, fixed 1.13.4) [since FEDORA-2009-2237]
+CVE-2009-0733 VULNERABLE (lcms, fixed 1.18) #491272
+CVE-2009-0723 VULNERABLE (lcms, fixed 1.18) #491272
CVE-2009-0671 ignore (uw-imap) rejected, fake report
CVE-2009-0601 ignore (wireshark, fixed 1.0.6) not security
-CVE-2009-0600 VULNERABLE (wireshark, fixed 1.0.6) [since wireshark-1.0.6-1.fc9]
-CVE-2009-0599 VULNERABLE (wireshark, fixed 1.0.6) [since wireshark-1.0.6-1.fc9]
-CVE-2009-0578 VULNERABLE (NetworkManager, 0.7.0.99) [since NetworkManager-0.7.0.99-1.fc9]
+CVE-2009-0600 fixed (wireshark, fixed 1.0.6) [since FEDORA-2009-1877]
+CVE-2009-0599 fixed (wireshark, fixed 1.0.6) [since FEDORA-2009-1877]
+CVE-2009-0587 ignore (evolution-data-server) only old EDS versions affected
+CVE-2009-0585 ignore (libsoup) not affected
+CVE-2009-0584 fixed (ghostscript) #491276 [since FEDORA-2009-2883]
+CVE-2009-0583 fixed (ghostscript) #491276 [since FEDORA-2009-2883]
+CVE-2009-0582 fixed (evolution-data-server, fixed 2.26.0) [since FEDORA-2009-2792]
+CVE-2009-0581 VULNERABLE (lcms, fixed 1.18) #491272
+CVE-2009-0578 fixed (NetworkManager, 0.7.0.99) [since FEDORA-2009-2420]
CVE-2009-0577 ignore (cups) not affected
CVE-2009-0547 VULNERABLE (evolution)
+CVE-2009-0547 fixed (evolution-data-server, fixed 2.26.0) [since FEDORA-2009-2792]
CVE-2009-0544 fixed (python-crypto) [since FEDORA-2009-1680]
CVE-2009-0543 ignore (proftpd) not affected
CVE-2009-0542 VULNERABLE (proftpd) #485129
@@ -23,12 +33,12 @@
CVE-2009-0500 fixed (moodle, fixed 1.9.4) [since FEDORA-2009-1641]
CVE-2009-0499 fixed (moodle, fixed 1.9.4) [since FEDORA-2009-1641]
CVE-2009-0490 VULNERABLE (audacity, fixed 1.3.6) #484953
-CVE-2009-0486 VULNERABLE (bugzilla, fixed 3.0.8) #484757
-CVE-2009-0485 VULNERABLE (bugzilla, fixed 3.0.7) #484757
-CVE-2009-0484 VULNERABLE (bugzilla, fixed 3.0.7) #484757
-CVE-2009-0483 VULNERABLE (bugzilla, fixed 3.0.7) #484757
-CVE-2009-0482 VULNERABLE (bugzilla, fixed 3.2.1) #484757
-CVE-2009-0481 VULNERABLE (bugzilla, fixed 3.0.7) #484757
+CVE-2009-0486 fixed (bugzilla, fixed 3.0.8) #484757 [since FEDORA-2009-2418]
+CVE-2009-0485 fixed (bugzilla, fixed 3.0.7) #484757 [since FEDORA-2009-2418]
+CVE-2009-0484 fixed (bugzilla, fixed 3.0.7) #484757 [since FEDORA-2009-2418]
+CVE-2009-0483 fixed (bugzilla, fixed 3.0.7) #484757 [since FEDORA-2009-2418]
+CVE-2009-0482 fixed (bugzilla, fixed 3.2.1) #484757 [since FEDORA-2009-2418]
+CVE-2009-0481 fixed (bugzilla, fixed 3.0.7) #484757 [since FEDORA-2009-2418]
CVE-2009-0415 fixed (trickle) [since FEDORA-2009-1675]
CVE-2009-0414 fixed (tor, fixed 0.2.0.33) [since FEDORA-2009-0897]
CVE-2009-0413 fixed (roundcubemail) [since FEDORA-2009-1256]
@@ -36,8 +46,8 @@
CVE-2009-0397 fixed (gstreamer-plugins-good, fixed 0.10.13) [since FEDORA-2009-1343]
CVE-2009-0387 fixed (gstreamer-plugins-good, fixed 0.10.13) [since FEDORA-2009-1343]
CVE-2009-0386 fixed (gstreamer-plugins-good, fixed 0.10.13) [since FEDORA-2009-1343]
-CVE-2009-0368 VULNERABLE (opensc, fixed 0.11.7) [since opensc-0.11.7-1.fc9]
-CVE-2009-0365 VULNERABLE (NetworkManager, 0.7.0.99) [since NetworkManager-0.7.0.99-1.fc9]
+CVE-2009-0368 fixed (opensc, fixed 0.11.7) [since FEDORA-2009-2267]
+CVE-2009-0365 fixed (NetworkManager, 0.7.0.99) [since FEDORA-2009-2420]
CVE-2009-0362 fixed (fail2ban) [since FEDORA-2009-1736]
CVE-2009-0361 ignore (pam_krb5) not affected
CVE-2009-0360 ignore (pam_krb5) not affected
@@ -58,7 +68,7 @@
CVE-2009-0122 ignore (hplip) Debian/Ubuntu specific
CVE-2009-0041 fixed (asterisk, fixed 1.6.0.5) [since FEDORA-2009-0973] AST-2009-001
CVE-2009-0040 fixed (libpng, fixed 1.2.35,1.0.43) [since FEDORA-2009-2128]
-CVE-2009-0040 VULNERABLE (libpng10, fixed 1.2.35,1.0.43) [since libpng10-1.0.43-1.fc9]
+CVE-2009-0040 fixed (libpng10, fixed 1.2.35,1.0.43) [since FEDORA-2009-2045]
CVE-2009-0037 fixed (curl, fixed 7.19.4) #488169 [since FEDORA-2009-2265]
CVE-2009-0036 ignore (libvirt) libvirt_proxy not shipped
CVE-2009-0034 VULNERABLE (sudo)
@@ -70,7 +80,7 @@
CVE-2008-6229 fixed (drupal-cck, fixed 6.x.2.0) [since FEDORA-2008-9479]
CVE-2008-6125 version (moodle)
CVE-2008-6123 ignore (net-snmp) not affected
-CVE-2008-6098 VULNERABLE (bugzilla, fixed 3.0.6) #484757
+CVE-2008-6098 fixed (bugzilla, fixed 3.0.6) #484757 [since FEDORA-2009-2418]
CVE-2008-6059 VULNERABLE (WebKit) [since WebKit-1.1.0-0.14.svn40351.fc9]
CVE-2008-6020 fixed (drupal-views, fixed 6.x-2.2) [since FEDORA-2008-11519]
CVE-2008-5917 VULNERABLE (horde, fixed 3.2.3,3.3.1)
@@ -78,7 +88,9 @@
CVE-2008-5906 fixed (ktorrent, fixed 3.1.4) [since FEDORA-2008-9167]
CVE-2008-5905 fixed (ktorrent, fixed 3.1.4) [since FEDORA-2008-9167]
CVE-2008-5844 ignore (php, fixed 5.2.8) only affected 5.2.7
+CVE-2008-5843 fixed (pdfjam, fixed 1.21) [since FEDORA-2009-2655]
CVE-2008-5744 ignore (zaptel) kernel modules not shipped
+CVE-2008-5743 fixed (pdfjam, fixed 1.21) [since FEDORA-2009-2655]
CVE-2008-5718 VULNERABLE (netatalk, fixed 2.0.4-beta2)
CVE-2008-5716 ignore (xen) CVE-2008-4405 was not yet fixed
CVE-2008-5714 VULNERABLE (kvm)
@@ -185,7 +197,7 @@
CVE-2008-4577 fixed (dovecot, fixed 1.1.14) [since FEDORA-2008-9202]
CVE-2008-4575 fixed (jhead, fixed 2.84) [since FEDORA-2008-8928]
CVE-2008-4474 fixed (freeradius) [since FEDORA-2008-10309] dialupadmin subpackage dropped
-CVE-2008-4437 VULNERABLE (bugzilla, fixed 3.0.5) #484757
+CVE-2008-4437 fixed (bugzilla, fixed 3.0.5) #484757 [since FEDORA-2009-2418]
CVE-2008-4434 ignore (bittorrent) 6.x only
CVE-2008-4422 fixed (libxml2, fixed 2.7.2) [since FEDORA-2008-8575]
CVE-2008-4408 fixed (mediawiki, fixed 1.13.2) [since FEDORA-2008-8639]
@@ -194,6 +206,7 @@
CVE-2008-4359 fixed (lighttpd, fixed 1.4.20) #464639 [since FEDORA-2008-11923]
CVE-2008-4326 fixed (phpMyAdmin, fixed 2.11.9.2) [since FEDORA-2008-8335]
CVE-2008-4325 fixed (viewvc, fixed 1.0.6) [since FEDORA-2008-8252]
+CVE-2008-4316 VULNERABLE (glib2) [since glib2-2.16.6-3.fc9]
CVE-2008-4315 VULNERABLE (tog-pegasus) [since FEDORA-2008-9688]
CVE-2008-4314 fixed (samba, fixed 3.0.33,3.2.5) [since FEDORA-2008-10518]
CVE-2008-4313 VULNERABLE (tog-pegasus) [since FEDORA-2008-9688]
@@ -242,7 +255,7 @@
CVE-2008-4059 fixed (seamonkey, fixed 1.1.12) [since FEDORA-2008-8429]
CVE-2008-4058 fixed (firefox, fixed 3.0.2) [since FEDORA-2008-8425]
CVE-2008-4058 fixed (seamonkey, fixed 1.1.12) [since FEDORA-2008-8429]
-CVE-2008-3972 VULNERABLE (opensc, fixed 0.11.6) [since opensc-0.11.7-1.fc9]
+CVE-2008-3972 fixed (opensc, fixed 0.11.6) [since FEDORA-2009-2267]
CVE-2008-3970 fixed (pam_mount, fixed 0.47) [since FEDORA-2008-7976]
CVE-2008-3969 fixed (bitlbee, fixed 1.2.3) [since FEDORA-2008-7830]
CVE-2008-3964 ignore (libpng, fixed 1.2.32beta01) not affected
@@ -452,7 +465,7 @@
CVE-2008-2266 ignore (perl-Convert-UUlib) embedded uulib copy uses mkstemp
CVE-2008-2238 fixed (openoffice.org, fixed 2.4.2) [since FEDORA-2008-9313]
CVE-2008-2237 fixed (openoffice.org, fixed 2.4.2) [since FEDORA-2008-9313]
-CVE-2008-2235 VULNERABLE (opensc, fixed 0.11.5) [since opensc-0.11.7-1.fc9]
+CVE-2008-2235 fixed (opensc, fixed 0.11.5) [since FEDORA-2009-2267]
CVE-2008-2168 ignore (httpd) browser issue, not apache
CVE-2008-2152 fixed (openoffice.org, fixed 2.4.1) [since FEDORA-2008-5143]
CVE-2008-2146 version (wordpress, fixed 2.2.3)
More information about the Fedora-security-commits
mailing list