December 2007 - security-commits - Fedora Mailing-Lists

fedora-security/audit f8, 1.37, 1.38 f9, 1.32, 1.33 fc7, 1.194, 1.195

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17181/audit Modified Files: f8 f9 fc7 Log Message: note drupal cve id Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.37 retrieving revision 1.38 diff -u -r1.37 -r1.38 --- f8 10 Dec 2007 16:12:14 -0000 1.37 +++ f8 10 Dec 2007 19:23:30 -0000 1.38 @@ -7,7 +7,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date F8 as of 20071029 -GENERIC-MAP-NOMATCH version (drupal, fixed 5.4) [since FEDORA-2007-4163] SA-2007-031 +CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4163] SA-2007-031 GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412761 GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412761 GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412761 Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.32 retrieving revision 1.33 diff -u -r1.32 -r1.33 --- f9 10 Dec 2007 16:12:14 -0000 1.32 +++ f9 10 Dec 2007 19:23:30 -0000 1.33 @@ -7,6 +7,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date F9 as of 20071029 +CVE-2007-6299 version (drupal, fixed 5.4) [since drupal-5.4-1.fc9] SA-2007-031 CVE-2007-6239 version (squid, fixed 2.6.17) [since squid-2.6.STABLE17-1.fc9] CVE-2007-6210 backport (zabbix) #407181 [since zabbix-1.4.2-4.fc9] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.194 retrieving revision 1.195 diff -u -r1.194 -r1.195 --- fc7 10 Dec 2007 16:12:14 -0000 1.194 +++ fc7 10 Dec 2007 19:23:30 -0000 1.195 @@ -8,7 +8,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC7 as of 20071029 -GENERIC-MAP-NOMATCH version (drupal, fixed 5.4) [since FEDORA-2007-4136] SA-2007-031 +CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4136] SA-2007-031 GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412751 GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412751 GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412751

16 years, 5 months

1
0
0 / 0

fedora-security/audit fc6,1.305,1.306

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4763/audit Modified Files: fc6 Log Message: note last FC6 updates that managed to get in before EOL fix EOL message Index: fc6 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc6,v retrieving revision 1.305 retrieving revision 1.306 diff -u -r1.305 -r1.306 --- fc6 7 Dec 2007 14:53:17 -0000 1.305 +++ fc6 10 Dec 2007 18:10:07 -0000 1.306 @@ -5,16 +5,22 @@ # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) # Up to date CVE as of CVE email 20071030 -# Up to date FC6 as of 20071029 +# Up to date FC6 as of 20071207 -# This list is no longer maintained by the Red Hat security -# response team as of 29th June 2007 (two months after the +# This list is no longer maintained by the Red Hat Security Response +# Team as of 7th December 2007 (EOL date of FC6, ~one month after the # release date of Fedora 8) +# +# Zod's dead baby, Zod's dead... CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name +CVE-2007-6110 backport (htdig) [since FEDORA-2007-757] +CVE-2007-5960 backport (mozilla) [since FEDORA-2007-756] +CVE-2007-5959 backport (mozilla) [since FEDORA-2007-756] +CVE-2007-5947 backport (mozilla) [since FEDORA-2007-756] CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi CVE-2007-5937 backport (tetex) #379841 [since FEDORA-2007-750] Multiple dviljk buffer overflows CVE-2007-5936 backport (tetex) #379841 [since FEDORA-2007-750] dviljk uses insecure temporary file @@ -26,6 +32,8 @@ CVE-2007-5770 backport (ruby) #373371 [since FEDORA-2007-738] CVE-2007-5708 backport (openldap) [since FEDORA-2007-741] CVE-2007-5707 backport (openldap) [since FEDORA-2007-741] +CVE-2007-5501 version (kernel) [since FEDORA-2007-759] +CVE-2007-5500 version (kernel) [since FEDORA-2007-759] CVE-2007-5461 VULNERABLE (tomcat5) #334521 CVE-2007-5398 backport (samba) [since FEDORA-2007-751] CVE-2007-5393 backport (cups) [since FEDORA-2007-746] @@ -52,12 +60,12 @@ CVE-2007-5162 version (ruby) #313801 [since FEDORA-2007-718] CVE-2007-5137 backport (tk, fixed 8.4.16) #332071 [since FEDORA-2007-728] CVE-2007-5135 backport (openssl, fixed 0.9.8d) [since FEDORA-2007-725] -CVE-2007-5116 VULNERABLE (perl) #378121 +CVE-2007-5116 backport (perl) #378121 [since FEDORA-2007-748] CVE-2007-5079 VULNERABLE (gdm) #363031 CVE-2007-5034 version (elinks) #297611 [since FEDORA-2007-710] CVE-2007-4995 backport (openssl, fixed 0.9.8f) [since FEDORA-2007-725] CVE-2007-4993 backport (xen) [since FEDORA-2007-713] -CVE-2007-4990 VULNERABLE (xorg-x11-xfs, fixed 1.0.5) #373321 +CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5) #373321 [since FEDORA-2007-763] CVE-2007-4965 VULNERABLE (python) imageop module heap overflow #373281 CVE-2007-4924 VULNERABLE (opal, fixed 2.2.10) #297561 CVE-2007-4897 VULNERABLE (opal, fixed 2.2.8) #297561 @@ -78,10 +86,11 @@ CVE-2007-4658 backport (php, fixed 5.2.4) #278011 [since FEDORA-2007-709] CVE-2007-4657 ignore (php, fixed 5.2.4) arbitrary read not remotely triggerable CVE-2007-4619 backport (flac, fixed 1.2) #332581 [since FEDORA-2007-730] +CVE-2007-4575 backport (openoffice.org, fixed 2.3.1) [since FEDORA-2007-762] CVE-2007-4572 backport (samba) [since FEDORA-2007-751] CVE-2007-4571 version (kernel) [since FEDORA-2007-714] CVE-2007-4569 backport (kdebase) #299741 [since FEDORA-2007-716] -CVE-2007-4568 VULNERABLE (xorg-x11-xfs, fixed 1.0.5) #373251 +CVE-2007-4568 version (xorg-x11-xfs, fixed 1.0.5) #373251 [since FEDORA-2007-763] CVE-2007-4565 backport (fetchmail) #260881 [since FEDORA-2007-689] CVE-2007-4559 VULNERABLE (python, not fixed upstream) #315291 Upstream WONTFIX. See where we use the code. CVE-2007-4558 ignore (star, fixed 1.5a84) duplicate of CVE-2007-4134

16 years, 5 months

1
0
0 / 0

fedora-security/audit f8, 1.36, 1.37 f9, 1.31, 1.32 fc7, 1.193, 1.194

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10991/audit Modified Files: f8 f9 fc7 Log Message: add samba Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.36 retrieving revision 1.37 diff -u -r1.36 -r1.37 --- f8 10 Dec 2007 14:31:34 -0000 1.36 +++ f8 10 Dec 2007 16:12:14 -0000 1.37 @@ -24,6 +24,7 @@ CVE-2007-6110 backport (htdig) [since FEDORA-2007-3958] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3639] CVE-2007-6061 VULNERABLE (audacity) #393251 +CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28) CVE-2007-6035 version (cacti, fixed 0.8.7a) #391991 [since FEDORA-2007-3667] CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.31 retrieving revision 1.32 diff -u -r1.31 -r1.32 --- f9 10 Dec 2007 14:31:34 -0000 1.31 +++ f9 10 Dec 2007 16:12:14 -0000 1.32 @@ -21,6 +21,7 @@ CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) CVE-2007-6061 VULNERABLE (audacity) #393251 CVE-2007-6035 version (cacti, fixed 0.8.7a) #392001 [since cacti-0.8.7a-1.fc9] +CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28) CVE-2007-5977 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] CVE-2007-5976 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.193 retrieving revision 1.194 diff -u -r1.193 -r1.194 --- fc7 10 Dec 2007 14:31:34 -0000 1.193 +++ fc7 10 Dec 2007 16:12:14 -0000 1.194 @@ -26,6 +26,7 @@ CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3666] CVE-2007-6061 VULNERABLE (audacity) #393251 CVE-2007-6035 version (cacti, fixed 0.8.7a) #391981 [since FEDORA-2007-3683] +CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28) CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952]

16 years, 5 months

1
0
0 / 0

fedora-security/audit f8, 1.35, 1.36 f9, 1.30, 1.31 fc7, 1.192, 1.193

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22232/audit Modified Files: f8 f9 fc7 Log Message: fedora update Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.35 retrieving revision 1.36 diff -u -r1.35 -r1.36 --- f8 5 Dec 2007 20:37:28 -0000 1.35 +++ f8 10 Dec 2007 14:31:34 -0000 1.36 @@ -7,19 +7,20 @@ # Up to date CVE as of CVE email 20071030 # Up to date F8 as of 20071029 +GENERIC-MAP-NOMATCH version (drupal, fixed 5.4) [since FEDORA-2007-4163] SA-2007-031 GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412761 GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412761 GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412761 CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412391 -CVE-2007-6210 VULNERABLE (zabbix) #407181 [since zabbix-1.4.2-4.fc8] +CVE-2007-6210 backport (zabbix) #407181 [since FEDORA-2007-4176] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi -CVE-2007-6201 VULNERABLE (wesnoth, fixed 1.2.8) -CVE-2007-6183 VULNERABLE (ruby-gnome2) #405601 +CVE-2007-6201 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3989] +CVE-2007-6183 backport (ruby-gnome2) #405601 [since FEDORA-2007-4216] CVE-2007-6110 backport (htdig) [since FEDORA-2007-3958] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3639] CVE-2007-6061 VULNERABLE (audacity) #393251 @@ -43,26 +44,28 @@ CVE-2007-5770 backport (ruby) #373391 [since FEDORA-2007-2812] GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 CVE-2007-5751 backport (liferea, fixed 1.4.6) #360641 [since FEDORA-2007-2853] -CVE-2007-5742 VULNERABLE (wesnoth, fixed 1.2.8) +CVE-2007-5742 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3989] CVE-2007-5712 version (Django, fixed 0.96.1) #362771 [since FEDORA-2007-2788] CVE-2007-5708 version (openldap, fixed 2.3.39) #362991 [since FEDORA-2007-2796] CVE-2007-5707 version (openldap, fixed 2.3.39) #362991 [since FEDORA-2007-2796] CVE-2007-5690 version (zaptel) [since FEDORA-2007-2860] not really an issue -CVE-2007-5624 VULNERABLE (nagios, fixed 2.10) #362801 +CVE-2007-5624 version (nagios, fixed 2.10) #362801 [since FEDORA-2007-4145] CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731 [since FEDORA-2007-2876] nagios-plugins-1.4.8-9.fc8 CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-3636] +CVE-2007-5501 version (kernel) [since FEDORA-2007-3837] +CVE-2007-5500 version (kernel) [since FEDORA-2007-3837] CVE-2007-5461 version (tomcat5) #363001 [since FEDORA-2007-3474] CVE-2007-5398 version (samba) [since FEDORA-2007-3403] CVE-2007-5395 version (link-grammar) #372351 [since FEDORA-2007-3235] CVE-2007-5393 backport (xpdf) #372471 [since FEDORA-2007-3014] CVE-2007-5393 backport (cups) [since FEDORA-2007-2982] -CVE-2007-5393 VULNERABLE (poppler) #372511 +CVE-2007-5393 version (poppler, fixed 0.6.2) #372511 [since FEDORA-2007-4031] CVE-2007-5393 backport (kdegraphics) #372571 [since FEDORA-2007-3001] CVE-2007-5393 backport (koffice) #372601 [since FEDORA-2007-3093] CVE-2007-5393 backport (tetex) #372661 [since FEDORA-2007-3308] CVE-2007-5392 backport (xpdf) #372471 [since FEDORA-2007-3014] CVE-2007-5392 backport (cups) [since FEDORA-2007-2982] -CVE-2007-5392 VULNERABLE (poppler) #372511 +CVE-2007-5392 version (poppler, fixed 0.6.2) #372511 [since FEDORA-2007-4031] CVE-2007-5392 backport (kdegraphics) #372571 [since FEDORA-2007-3001] CVE-2007-5392 backport (koffice) #372601 [since FEDORA-2007-3093] CVE-2007-5392 backport (tetex) #372661 [since FEDORA-2007-3308] @@ -83,6 +86,7 @@ CVE-2007-4829 VULNERABLE (perl-Archive-Tar, not fixed upstream) #364281 CVE-2007-4752 version (openssh, fixed 4.7) #280461 CVE-2007-4619 version (flac, fixed 1.2) #332581 +CVE-2007-4575 backport (openoffice.org, fixed 2.3.1) [since FEDORA-2007-4172] CVE-2007-4572 version (samba) [since FEDORA-2007-3403] CVE-2007-4568 version (xorg-x11-xfs, fixed 1.0.5) CVE-2007-4559 VULNERABLE (python, not fixed upstream) #315291 Upstream WONTFIX. See where we use the code. @@ -92,7 +96,7 @@ CVE-2007-4351 version (cups) #362971 [since FEDORA-2007-2982] CVE-2007-4352 backport (xpdf) #372471 [since FEDORA-2007-3014] CVE-2007-4352 backport (cups) [since FEDORA-2007-2982] -CVE-2007-4352 VULNERABLE (poppler) #372511 +CVE-2007-4352 version (poppler, fixed 0.6.2) #372511 [since FEDORA-2007-4031] CVE-2007-4352 backport (kdegraphics) #372571 [since FEDORA-2007-3001] CVE-2007-4352 backport (koffice) #372601 [since FEDORA-2007-3093] CVE-2007-4352 backport (tetex) #372661 [since FEDORA-2007-3308] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.30 retrieving revision 1.31 diff -u -r1.30 -r1.31 --- f9 5 Dec 2007 17:01:31 -0000 1.30 +++ f9 10 Dec 2007 14:31:34 -0000 1.31 @@ -43,20 +43,20 @@ CVE-2007-5712 version (Django, fixed 0.96.1) #362781 [since Django-0.96.1-1.fc9] CVE-2007-5708 version (openldap, fixed 2.3.39) #360091 [since openldap-2.3.39-1.fc9] CVE-2007-5707 version (openldap, fixed 2.3.39) #360091 [since openldap-2.3.39-1.fc9] -CVE-2007-5624 VULNERABLE (nagios, fixed 2.10) #362811 +CVE-2007-5624 version (nagios, fixed 2.10) #362811 [since nagios-2.10-3.fc9] CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731 CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 CVE-2007-5461 VULNERABLE (tomcat5, not fixed 5.5.25) #334531 CVE-2007-5395 version (link-grammar) #372361 [since link-grammar-4.2.5-1.fc9] CVE-2007-5393 backport (xpdf) #372481 [since xpdf-3.02-4.fc9] CVE-2007-5393 backport (cups) -CVE-2007-5393 VULNERABLE (poppler) #372521 +CVE-2007-5393 version (poppler, fixed 0.6.2) #372521 [since poppler-0.6.2-1.fc9] CVE-2007-5393 VULNERABLE (kdegraphics) #372581 CVE-2007-5393 VULNERABLE (koffice) #372611 CVE-2007-5393 version (tetex) #372671 [since tetex-3.0-48.fc9] CVE-2007-5392 backport (xpdf) #372481 [since xpdf-3.02-4.fc9] CVE-2007-5392 backport (cups) -CVE-2007-5392 VULNERABLE (poppler) #372521 +CVE-2007-5392 version (poppler, fixed 0.6.2) #372521 [since poppler-0.6.2-1.fc9] CVE-2007-5392 VULNERABLE (kdegraphics) #372581 CVE-2007-5392 VULNERABLE (koffice) #372611 CVE-2007-5392 version (tetex) #372671 [since tetex-3.0-48.fc9] @@ -72,6 +72,7 @@ CVE-2007-4999 version (pidgin, fixed 2.2.2) CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5) CVE-2007-4829 VULNERABLE (perl-Archive-Tar, not fixed upstream) #364291 +CVE-2007-4575 version (openoffice.org, fixed 2.3.1) [since openoffice.org-2.3.1-9.1.fc9] CVE-2007-4752 version (openssh, fixed 4.7) #280461 CVE-2007-4619 version (flac, fixed 1.2) #332581 CVE-2007-4568 version (xorg-x11-xfs, fixed 1.0.5) @@ -80,7 +81,7 @@ CVE-2007-4400 VULNERABLE (konversation) #362931 Remove media script? CVE-2007-4352 backport (xpdf) #372481 [since xpdf-3.02-4.fc9] CVE-2007-4352 backport (cups) -CVE-2007-4352 VULNERABLE (poppler) #372521 +CVE-2007-4352 version (poppler, fixed 0.6.2) #372521 [since poppler-0.6.2-1.fc9] CVE-2007-4352 VULNERABLE (kdegraphics) #372581 CVE-2007-4352 VULNERABLE (koffice) #372611 CVE-2007-4352 version (tetex) #372671 [since tetex-3.0-48.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.192 retrieving revision 1.193 diff -u -r1.192 -r1.193 --- fc7 5 Dec 2007 20:37:28 -0000 1.192 +++ fc7 10 Dec 2007 14:31:34 -0000 1.193 @@ -8,19 +8,20 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC7 as of 20071029 +GENERIC-MAP-NOMATCH version (drupal, fixed 5.4) [since FEDORA-2007-4136] SA-2007-031 GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412751 GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412751 GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412751 CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412381 -CVE-2007-6210 VULNERABLE (zabbix) #407181 [since zabbix-1.4.2-3.fc7] +CVE-2007-6210 backport (zabbix) #407181 [since FEDORA-2007-4160] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi -CVE-2007-6201 VULNERABLE (wesnoth, fixed 1.2.8) -CVE-2007-6183 VULNERABLE (ruby-gnome2) #405591 +CVE-2007-6201 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3986] +CVE-2007-6183 version (ruby-gnome2) #405591 [since FEDORA-2007-4229] CVE-2007-6110 backport (htdig) [since FEDORA-2007-3907] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3666] CVE-2007-6061 VULNERABLE (audacity) #393251 @@ -44,7 +45,7 @@ CVE-2007-5795 backport (emacs) #367581 [since FEDORA-2007-3056] CVE-2007-5770 backport (ruby) #373381 [since FEDORA-2007-2685] CVE-2007-5751 backport (liferea, fixed 1.4.6) #360641 [since FEDORA-2007-2725] -CVE-2007-5742 VULNERABLE (wesnoth, fixed 1.2.8) +CVE-2007-5742 version (wesnoth, fixed 1.2.8) [since FEDORA-2007-3986] CVE-2007-5728 version (phpPgAdmin) seems to be fixed for some time CVE-2007-5715 backport (denyhosts) fixed long ago CVE-2007-5712 version (Django, fixed 0.96.1) #362761 [since FEDORA-2007-3157] @@ -52,7 +53,7 @@ CVE-2007-5707 backport (openldap, fixed 2.3.39) #360081 [since FEDORA-2007-3124] CVE-2007-5690 version (zaptel) [since FEDORA-2007-3094] not really an issue CVE-2007-5626 ignore (bacula) known, documented limitation -CVE-2007-5624 VULNERABLE (nagios, fixed 2.10) #362791 +CVE-2007-5624 version (nagios, fixed 2.10) #362791 [since FEDORA-2007-4123] CVE-2007-5623 backport (nagios-plugins) #348731 [since FEDORA-2007-2713] CVE-2007-5597 version (drupal, fixed 5.3) [since FEDORA-2007-2649] CVE-2007-5596 version (drupal, fixed 5.3) [since FEDORA-2007-2649] @@ -62,6 +63,8 @@ CVE-2007-5589 version (phpmyadmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-2738] CVE-2007-5585 backport (rss-glx) #336331 [since FEDORA-2007-2652] CVE-2007-5585 backport (tempest) #336331 [since FEDORA-2007-2652] +CVE-2007-5501 version (kernel) [since FEDORA-2007-3751] +CVE-2007-5500 version (kernel) [since FEDORA-2007-3751] CVE-2007-5461 version (tomcat5) #334511 [since FEDORA-2007-3456] CVE-2007-5416 ignore (drupal) Vulnerability in PHP<5.1.3, we're safe CVE-2007-5398 version (samba) [since FEDORA-2007-3402] @@ -148,6 +151,7 @@ CVE-2007-4629 version (mapserver, fixed 4.10.3) #272081 [since FEDORA-2007-2018] CVE-2007-4631 version (qgit) #268381 [since FEDORA-2007-2108] CVE-2007-4619 version (flac, fixed 1.2) #332571 [since FEDORA-2007-2596] +CVE-2007-4575 backport (openoffice.org, fixed 2.3.1) [since FEDORA-2007-4120] CVE-2007-4573 version (kernel) [since FEDORA-2007-2298] CVE-2007-4572 version (samba) [since FEDORA-2007-3402] CVE-2007-4571 version (kernel) [since FEDORA-2007-2349]

16 years, 5 months

1
0
0 / 0

fedora-security/audit fc6,1.304,1.305

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12004/audit Modified Files: fc6 Log Message: Goodbye Fedora Core! I've been pleased to meet you! Index: fc6 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc6,v retrieving revision 1.304 retrieving revision 1.305 diff -u -r1.304 -r1.305 --- fc6 4 Dec 2007 09:09:10 -0000 1.304 +++ fc6 7 Dec 2007 14:53:17 -0000 1.305 @@ -7,6 +7,10 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC6 as of 20071029 +# This list is no longer maintained by the Red Hat security +# response team as of 29th June 2007 (two months after the +# release date of Fedora 8) + CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6207 VULNERABLE (kernel) Xen cross-domain memory read CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue

16 years, 5 months

1
0
0 / 0

fedora-security/tools generate-manifest, 1.4, 1.4.2.1

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/tools In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12004/tools Modified Files: Tag: lkundrak-tools-ng generate-manifest Log Message: Goodbye Fedora Core! I've been pleased to meet you! Index: generate-manifest =================================================================== RCS file: /cvs/fedora/fedora-security/tools/generate-manifest,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- generate-manifest 6 Nov 2007 15:39:24 -0000 1.4 +++ generate-manifest 7 Dec 2007 14:53:18 -0000 1.4.2.1 @@ -12,7 +12,6 @@ if [ -z "$@" ] then export TAGS=" - dist-fc6-updates dist-fc7-updates dist-f8-updates dist-f9-build

16 years, 5 months

1
0
0 / 0

fedora-security/manifest dist-fc6-updates, 1.3, NONE

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/manifest In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12004/manifest Removed Files: dist-fc6-updates Log Message: Goodbye Fedora Core! I've been pleased to meet you! --- dist-fc6-updates DELETED ---

16 years, 5 months

1
0
0 / 0

fedora-security/tools add-tracking-bugs, 1.2.2.2, 1.2.2.3

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/tools In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31921/tools Modified Files: Tag: lkundrak-tools-ng add-tracking-bugs Log Message: new bugzilla versioning Index: add-tracking-bugs =================================================================== RCS file: /cvs/fedora/fedora-security/tools/add-tracking-bugs,v retrieving revision 1.2.2.2 retrieving revision 1.2.2.3 diff -u -r1.2.2.2 -r1.2.2.3 --- add-tracking-bugs 19 Nov 2007 09:10:37 -0000 1.2.2.2 +++ add-tracking-bugs 6 Dec 2007 16:16:18 -0000 1.2.2.3 @@ -59,15 +59,19 @@ # Valid versions my %versions = ( - 'f6', => 'fc6', - 'fc6', => 'fc6', - 'f7', => 'f7', - 'fc7', => 'f7', - 'f8', => 'f8', - 'fc8', => 'f8', - 'f9', => 'devel', - 'fc9', => 'devel', - 'devel', => 'devel', + '6', => '6', + 'f6', => '6', + 'fc6', => '6', + '7', => '7', + 'f7', => '7', + 'fc7', => '7', + '8', => '8', + 'f8', => '8', + 'fc8', => '8', + '9', => 'rawhide', + 'f9', => 'rawhide', + 'fc9', => 'rawhide', + 'devel', => 'rawhide', ); # RPC

16 years, 5 months

1
0
0 / 0

fedora-security/audit f8, 1.34, 1.35 fc7, 1.191, 1.192

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14243 Modified Files: f8 fc7 Log Message: XFCE, rawhide seems fixed Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.34 retrieving revision 1.35 diff -u -r1.34 -r1.35 --- f8 5 Dec 2007 17:01:31 -0000 1.34 +++ f8 5 Dec 2007 20:37:28 -0000 1.35 @@ -7,6 +7,9 @@ # Up to date CVE as of CVE email 20071030 # Up to date F8 as of 20071029 +GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412761 +GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412761 +GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412761 CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412391 CVE-2007-6210 VULNERABLE (zabbix) #407181 [since zabbix-1.4.2-4.fc8] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.191 retrieving revision 1.192 diff -u -r1.191 -r1.192 --- fc7 5 Dec 2007 17:01:31 -0000 1.191 +++ fc7 5 Dec 2007 20:37:28 -0000 1.192 @@ -8,6 +8,9 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC7 as of 20071029 +GENERIC-MAP-NOMATCH VULNERABLE (libxfcegui4) #412751 +GENERIC-MAP-NOMATCH VULNERABLE (libxfce4util) #412751 +GENERIC-MAP-NOMATCH VULNERABLE (xfce-panel) #412751 CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412381 CVE-2007-6210 VULNERABLE (zabbix) #407181 [since zabbix-1.4.2-3.fc7] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script

16 years, 5 months

1
0
0 / 0

fedora-security/audit f8, 1.33, 1.34 f9, 1.29, 1.30 fc7, 1.190, 1.191

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3776/audit Modified Files: f8 f9 fc7 Log Message: squid possible dos Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.33 retrieving revision 1.34 diff -u -r1.33 -r1.34 --- f8 4 Dec 2007 09:09:10 -0000 1.33 +++ f8 5 Dec 2007 17:01:31 -0000 1.34 @@ -7,6 +7,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date F8 as of 20071029 +CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412391 CVE-2007-6210 VULNERABLE (zabbix) #407181 [since zabbix-1.4.2-4.fc8] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.29 retrieving revision 1.30 diff -u -r1.29 -r1.30 --- f9 4 Dec 2007 09:09:10 -0000 1.29 +++ f9 5 Dec 2007 17:01:31 -0000 1.30 @@ -7,6 +7,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date F9 as of 20071029 +CVE-2007-6239 version (squid, fixed 2.6.17) [since squid-2.6.STABLE17-1.fc9] CVE-2007-6210 backport (zabbix) #407181 [since zabbix-1.4.2-4.fc9] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.190 retrieving revision 1.191 diff -u -r1.190 -r1.191 --- fc7 4 Dec 2007 09:09:10 -0000 1.190 +++ fc7 5 Dec 2007 17:01:31 -0000 1.191 @@ -8,6 +8,7 @@ # Up to date CVE as of CVE email 20071030 # Up to date FC7 as of 20071029 +CVE-2007-6239 VULNERABLE (squid, fixed 2.6.17) #412381 CVE-2007-6210 VULNERABLE (zabbix) #407181 [since zabbix-1.4.2-3.fc7] CVE-2007-6209 ignore (zsh) #409871 We don't ship the script CVE-2007-6208 ignore (claws) We don't ship the script

16 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

security-commits December 2007