January 2008 - security-commits - Fedora Mailing-Lists

fedora-security/audit f8, 1.89, 1.90 fc7, 1.245, 1.246

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14165 Modified Files: f8 fc7 Log Message: moodle, paramiko, syslog-ng and e2fsprogs fixed Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.89 retrieving revision 1.90 diff -u -r1.89 -r1.90 --- f8 16 Jan 2008 15:40:25 -0000 1.89 +++ f8 17 Jan 2008 10:00:09 -0000 1.90 @@ -53,7 +53,7 @@ CVE-2007-6337 VULNERABLE (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115] CVE-2007-6336 VULNERABLE (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115] CVE-2007-6335 VULNERABLE (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115] -CVE-2007-6437 VULNERABLE (syslog-ng) #426306 [since FEDORA-2008-0523] +CVE-2007-6437 fixed (syslog-ng) #426306 [since FEDORA-2008-0523] CVE-2007-6430 version (asterisk, fixed 1.4.16) [since FEDORA-2007-4651] CVE-2007-6389 VULNERABLE (gnome-screensaver) #426170 CVE-2007-6353 VULNERABLE (exiv2) #425923 @@ -137,7 +137,7 @@ CVE-2007-5503 version (cairo, fixed 1.4.12) [since FEDORA-2007-3913] CVE-2007-5501 version (kernel) [since FEDORA-2007-3837] CVE-2007-5500 version (kernel) [since FEDORA-2007-3837] -CVE-2007-5497 VULNERABLE (e2fsprogs) #414581 [since FEDORA-2007-4447] +CVE-2007-5497 fixed (e2fsprogs) #414581 [since FEDORA-2007-4447] CVE-2007-5461 version (tomcat5) #363001 [since FEDORA-2007-3474] CVE-2007-5398 version (samba) [since FEDORA-2007-3403] CVE-2007-5395 version (link-grammar) #372351 [since FEDORA-2007-3235] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.245 retrieving revision 1.246 diff -u -r1.245 -r1.246 --- fc7 16 Jan 2008 15:40:25 -0000 1.245 +++ fc7 17 Jan 2008 10:00:09 -0000 1.246 @@ -11,7 +11,7 @@ CVE-2008-0274 version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0469] CVE-2008-0273 version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0469] CVE-2008-0272 version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0469] -GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428729 +GENERIC-MAP-NOMATCH fixed (python-paramiko) #428729 [since FEDORA-2008-0644] CVE-2008-0285 ignore (ngircd) Not yet in Fedora, review request #234926 CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0333] **CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1) @@ -24,7 +24,7 @@ CVE-2008-0191 ignore (wordpress) File path is not a sensitive information CVE-2008-0172 VULNERABLE (boost) #428974 CVE-2008-0171 VULNERABLE (boost) #428974 -CVE-2008-0123 VULNERABLE (moodle) #428731 +CVE-2008-0123 fixed (moodle) #428731 [since FEDORA-2008-0610] CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198] CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427983 CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427828 [since FEDORA-2008-0506] @@ -53,7 +53,7 @@ CVE-2007-6337 VULNERABLE (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170] CVE-2007-6336 VULNERABLE (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170] CVE-2007-6335 VULNERABLE (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170] -CVE-2007-6437 VULNERABLE (syslog-ng) #426305 [since FEDORA-2008-0559] +CVE-2007-6437 fixed (syslog-ng) #426305 [since FEDORA-2008-0559] CVE-2007-6430 version (asterisk, fixed 1.4.16) [since FEDORA-2007-4593] CVE-2007-6389 VULNERABLE (gnome-screensaver) #426169 CVE-2007-6353 fixed (exiv2) #425922 [since FEDORA-2007-4551] @@ -146,7 +146,7 @@ CVE-2007-5503 VULNERABLE (cairo, fixed 1.4.12) [since FEDORA-2007-3818] CVE-2007-5501 version (kernel) [since FEDORA-2007-3751] CVE-2007-5500 version (kernel) [since FEDORA-2007-3751] -CVE-2007-5497 VULNERABLE (e2fsprogs) #414571 [since FEDORA-2007-4461] +CVE-2007-5497 fixed (e2fsprogs) #414571 [since FEDORA-2007-4461] CVE-2007-5461 version (tomcat5) #334511 [since FEDORA-2007-3456] CVE-2007-5416 ignore (drupal) Vulnerability in PHP<5.1.3, we're safe CVE-2007-5398 version (samba) [since FEDORA-2007-3402]

16 years, 3 months

1
0
0 / 0

fedora-security/tools/lib/Libexig Bugzilla.pm, 1.3, 1.4

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/tools/lib/Libexig In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10222/tools/lib/Libexig Modified Files: Bugzilla.pm Log Message: add possiblity to call arbitrary XMLRPC method Index: Bugzilla.pm =================================================================== RCS file: /cvs/fedora/fedora-security/tools/lib/Libexig/Bugzilla.pm,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- Bugzilla.pm 14 Jan 2008 16:33:12 -0000 1.3 +++ Bugzilla.pm 16 Jan 2008 17:27:01 -0000 1.4 @@ -240,4 +240,30 @@ $self->close_bug($bug, $resolution, $dupeid, $fixedin, $comment); } +# Call arbitrary Bugzilla XMLRPC method +# +# Arguments: method, method-specific arguments +sub rpccall +{ + my $self = shift; + my $method = shift or die 'No XMLRPC method specified!'; + + print "Calling bugzilla.$method with arguments:\n", Dumper(\@_) + if $self->{'debug'}; + + my $call = $self->{rpc}->call('bugzilla.'.$method, @_); + my $result = $call->result; + + if (!defined($result)) { + print STDERR "XMLRPC call to bugzilla.$method failed:\n"; + print STDERR $call->faultstring; + return undef; + } + + print "Bugzilla answer to bugzilla.$method:\n", Dumper($result), "\n" + if $self->{'debug'}; + + return $result; +} + 1;

16 years, 3 months

1
0
0 / 0

fedora-security/audit f8, 1.88, 1.89 f9, 1.81, 1.82 fc7, 1.244, 1.245

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26562 Modified Files: f8 f9 fc7 Log Message: boost regex flaws old coolkey issue Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.88 retrieving revision 1.89 diff -u -r1.88 -r1.89 --- f8 16 Jan 2008 08:13:01 -0000 1.88 +++ f8 16 Jan 2008 15:40:25 -0000 1.89 @@ -21,6 +21,8 @@ CVE-2008-0193 ignore (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3. **CVE-2008-0192 version (wordpress, not fixed 2.0.9) CVE-2008-0191 ignore (wordpress) File path is not a sensitive information +CVE-2008-0172 VULNERABLE (boost) #428975 +CVE-2008-0171 VULNERABLE (boost) #428975 CVE-2008-0123 fixed (moodle) #428731 [since FEDORA-2008-0610] CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199] CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427982 @@ -186,6 +188,7 @@ CVE-2007-4352 backport (koffice) #372601 [since FEDORA-2007-3093] CVE-2007-4352 backport (tetex) #372661 [since FEDORA-2007-3308] CVE-2007-4351 version (cups) #362971 [since FEDORA-2007-2982] +CVE-2007-4129 backport (coolkey) [since coolkey-1.1.0-5.fc8] CVE-2007-4045 backport (cups) [since FEDORA-2007-2982] CVE-2007-4033 backport (tetex) [since FEDORA-2007-3308] CVE-2007-3999 VULNERABLE (nfs-utils-lib) #362091 Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.81 retrieving revision 1.82 diff -u -r1.81 -r1.82 --- f9 16 Jan 2008 08:13:01 -0000 1.81 +++ f9 16 Jan 2008 15:40:25 -0000 1.82 @@ -21,6 +21,8 @@ CVE-2008-0193 version (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3.2 **CVE-2008-0192 version (wordpress, not fixed 2.0.9) CVE-2008-0191 ignore (wordpress) File path is not a sensitive information +CVE-2008-0172 VULNERABLE (boost) #428976 +CVE-2008-0171 VULNERABLE (boost) #428976 CVE-2008-0123 fixed (moodle) #428731 [since moodle-1.8.4-1.fc9] CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9] CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427984 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.244 retrieving revision 1.245 diff -u -r1.244 -r1.245 --- fc7 16 Jan 2008 08:13:01 -0000 1.244 +++ fc7 16 Jan 2008 15:40:25 -0000 1.245 @@ -22,6 +22,8 @@ CVE-2008-0193 ignore (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3.2 **CVE-2008-0192 version (wordpress, not fixed 2.0.9) CVE-2008-0191 ignore (wordpress) File path is not a sensitive information +CVE-2008-0172 VULNERABLE (boost) #428974 +CVE-2008-0171 VULNERABLE (boost) #428974 CVE-2008-0123 VULNERABLE (moodle) #428731 CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198] CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427983 @@ -286,6 +288,7 @@ CVE-2007-4137 backport (qt) #292941 [since FEDORA-2007-2216] CVE-2007-4134 version (star, fixed 1.5a84) #254128 [since FEDORA-2007-1852] CVE-2007-4131 backport (tar) #253684 [since FEDORA-2007-1890] +CVE-2007-4129 VULNERABLE (coolkey) #280091 CVE-2007-4066 backport (libvorbis) #245991 [since FEDORA-2007-1765] CVE-2007-4065 backport (libvorbis) #245991 [since FEDORA-2007-1765] CVE-2007-4045 backport (cups) [since FEDORA-2007-3100]

16 years, 3 months

1
0
0 / 0

fedora-security/audit f8, 1.87, 1.88 f9, 1.80, 1.81 fc7, 1.243, 1.244

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3315 Modified Files: f8 f9 fc7 Log Message: check-updates, ngircd issue Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.87 retrieving revision 1.88 diff -u -r1.87 -r1.88 --- f8 16 Jan 2008 08:10:07 -0000 1.87 +++ f8 16 Jan 2008 08:13:01 -0000 1.88 @@ -7,10 +7,11 @@ # Up to date CVE as of CVE email 20071215 # Up to date F8 as of 20080111 +CVE-2008-0285 ignore (ngircd) Not yet in Fedora, review request #234926 CVE-2008-0274 version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0485] CVE-2008-0273 version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0485] CVE-2008-0272 version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0485] -GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428728 +GENERIC-MAP-NOMATCH fixed (python-paramiko) #428728 [since FEDORA-2008-0722] CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0299] **CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1) CVE-2008-0225 VULNERABLE (xine-lib, fixed 1.1.9.1) @@ -20,7 +21,7 @@ CVE-2008-0193 ignore (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3. **CVE-2008-0192 version (wordpress, not fixed 2.0.9) CVE-2008-0191 ignore (wordpress) File path is not a sensitive information -CVE-2008-0123 VULNERABLE (moodle) #428731 +CVE-2008-0123 fixed (moodle) #428731 [since FEDORA-2008-0610] CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199] CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427982 CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427829 [since FEDORA-2008-0572] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.80 retrieving revision 1.81 diff -u -r1.80 -r1.81 --- f9 16 Jan 2008 08:10:07 -0000 1.80 +++ f9 16 Jan 2008 08:13:01 -0000 1.81 @@ -11,6 +11,7 @@ CVE-2008-0273 version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-006 CVE-2008-0272 version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-005 GENERIC-MAP-NOMATCH fixed (python-paramiko) #428730 [since python-paramiko-1.7.1-3.fc9] +CVE-2008-0285 ignore (ngircd) Not yet in Fedora, review request #234926 CVE-2008-0252 backport (python-cherrypy) [since python-cherrypy-2.2.1-8.fc9] **CVE-2008-0238 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9] CVE-2008-0225 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.243 retrieving revision 1.244 diff -u -r1.243 -r1.244 --- fc7 16 Jan 2008 08:10:07 -0000 1.243 +++ fc7 16 Jan 2008 08:13:01 -0000 1.244 @@ -12,6 +12,7 @@ CVE-2008-0273 version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0469] CVE-2008-0272 version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0469] GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428729 +CVE-2008-0285 ignore (ngircd) Not yet in Fedora, review request #234926 CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0333] **CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1) CVE-2008-0225 VULNERABLE (xine-lib, fixed 1.1.9.1)

16 years, 3 months

1
0
0 / 0

fedora-security/audit f8, 1.86, 1.87 f9, 1.79, 1.80 fc7, 1.242, 1.243

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3252/audit Modified Files: f8 f9 fc7 Log Message: drupal cve ids assigned Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.86 retrieving revision 1.87 diff -u -r1.86 -r1.87 --- f8 15 Jan 2008 16:16:36 -0000 1.86 +++ f8 16 Jan 2008 08:10:07 -0000 1.87 @@ -7,9 +7,9 @@ # Up to date CVE as of CVE email 20071215 # Up to date F8 as of 20080111 -GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0485] -GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0485] -GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0485] +CVE-2008-0274 version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0485] +CVE-2008-0273 version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0485] +CVE-2008-0272 version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0485] GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428728 CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0299] **CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1) Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.79 retrieving revision 1.80 diff -u -r1.79 -r1.80 --- f9 15 Jan 2008 16:16:36 -0000 1.79 +++ f9 16 Jan 2008 08:10:07 -0000 1.80 @@ -7,9 +7,9 @@ # Up to date CVE as of CVE email 20071211 # Up to date F9 as of 20071029 -GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-007 -GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-006 -GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-005 +CVE-2008-0274 version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-007 +CVE-2008-0273 version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-006 +CVE-2008-0272 version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-005 GENERIC-MAP-NOMATCH fixed (python-paramiko) #428730 [since python-paramiko-1.7.1-3.fc9] CVE-2008-0252 backport (python-cherrypy) [since python-cherrypy-2.2.1-8.fc9] **CVE-2008-0238 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.242 retrieving revision 1.243 diff -u -r1.242 -r1.243 --- fc7 15 Jan 2008 16:16:36 -0000 1.242 +++ fc7 16 Jan 2008 08:10:07 -0000 1.243 @@ -8,9 +8,9 @@ # Up to date CVE as of CVE email 200711215 # Up to date FC7 as of 20080111 -GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0469] -GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0469] -GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0469] +CVE-2008-0274 version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0469] +CVE-2008-0273 version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0469] +CVE-2008-0272 version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0469] GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428729 CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0333] **CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1)

16 years, 3 months

1
0
0 / 0

fedora-security/audit f8, 1.85, 1.86 f9, 1.78, 1.79 fc7, 1.241, 1.242

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31306/audit Modified Files: f8 f9 fc7 Log Message: update wordpress notes based on http://bugs.gentoo.org/show_bug.cgi?id=205967 Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.85 retrieving revision 1.86 diff -u -r1.85 -r1.86 --- f8 15 Jan 2008 15:02:02 -0000 1.85 +++ f8 15 Jan 2008 16:16:36 -0000 1.86 @@ -17,7 +17,7 @@ **CVE-2008-0196 version (wordpress, not fixed 2.0.11) CVE-2008-0195 ignore (wordpress) File path is not a sensitive information **CVE-2008-0194 version (wordpress, not fixed 2.0.4) -**CVE-2008-0193 VULNERABLE (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) +CVE-2008-0193 ignore (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3. **CVE-2008-0192 version (wordpress, not fixed 2.0.9) CVE-2008-0191 ignore (wordpress) File path is not a sensitive information CVE-2008-0123 VULNERABLE (moodle) #428731 Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.78 retrieving revision 1.79 diff -u -r1.78 -r1.79 --- f9 15 Jan 2008 15:02:02 -0000 1.78 +++ f9 15 Jan 2008 16:16:36 -0000 1.79 @@ -17,7 +17,7 @@ **CVE-2008-0196 version (wordpress, not fixed 2.0.11) CVE-2008-0195 ignore (wordpress) File path is not a sensitive information **CVE-2008-0194 version (wordpress, not fixed 2.0.4) -**CVE-2008-0193 VULNERABLE (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) +CVE-2008-0193 version (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3.2 **CVE-2008-0192 version (wordpress, not fixed 2.0.9) CVE-2008-0191 ignore (wordpress) File path is not a sensitive information CVE-2008-0123 fixed (moodle) #428731 [since moodle-1.8.4-1.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.241 retrieving revision 1.242 diff -u -r1.241 -r1.242 --- fc7 15 Jan 2008 15:02:02 -0000 1.241 +++ fc7 15 Jan 2008 16:16:36 -0000 1.242 @@ -18,7 +18,7 @@ **CVE-2008-0196 version (wordpress, not fixed 2.0.11) CVE-2008-0195 ignore (wordpress) File path is not a sensitive information **CVE-2008-0194 version (wordpress, not fixed 2.0.4) -**CVE-2008-0193 VULNERABLE (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) +CVE-2008-0193 ignore (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3.2 **CVE-2008-0192 version (wordpress, not fixed 2.0.9) CVE-2008-0191 ignore (wordpress) File path is not a sensitive information CVE-2008-0123 VULNERABLE (moodle) #428731

16 years, 3 months

1
0
0 / 0

fedora-security/audit f8, 1.84, 1.85 f9, 1.77, 1.78 fc7, 1.240, 1.241

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22119/audit Modified Files: f8 f9 fc7 Log Message: mongrel issue does not affect us note one older issue Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.84 retrieving revision 1.85 diff -u -r1.84 -r1.85 --- f8 14 Jan 2008 21:06:46 -0000 1.84 +++ f8 15 Jan 2008 15:02:02 -0000 1.85 @@ -27,6 +27,7 @@ CVE-2007-6672 VULNERABLE (jetty) #428017 CVE-2007-6613 fixed (libcdio) #427199 [since FEDORA-2008-0136] GENERIC-MAP-NOMATCH fixed (wordpress) #426433 [since FEDORA-2008-0103] +CVE-2007-6612 ignore (rubygem-mongrel, only affects 1.0.4) affected version was not shipped CVE-2007-6611 fixed (mantis) #427278 [since FEDORA-2008-0282] CVE-2007-6601 fixed (postgresql, fixed 8.2.6) #427773 [since FEDORA-2008-0478] CVE-2007-6600 fixed (postgresql, fixed 8.2.6) #427773 [since FEDORA-2008-0478] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.77 retrieving revision 1.78 diff -u -r1.77 -r1.78 --- f9 14 Jan 2008 22:07:35 -0000 1.77 +++ f9 15 Jan 2008 15:02:02 -0000 1.78 @@ -29,6 +29,7 @@ CVE-2007-6630 version (netembryo, fixed 0.0.5) #427470 There was not release in stable branches yet [since netembryo-0.0.5-1.fc9] CVE-2007-6613 version (libcdio) #427200 [since libcdio-0.79-2.fc9] GENERIC-MAP-NOMATCH VULNERABLE (wordpress) #426434 +CVE-2007-6612 ignore (rubygem-mongrel, only affects 1.0.4) affected version was not shipped CVE-2007-6611 version (mantis) #427280 [since mantis-1.1.0-1.fc9] CVE-2007-6601 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] CVE-2007-6600 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.240 retrieving revision 1.241 diff -u -r1.240 -r1.241 --- fc7 14 Jan 2008 21:06:46 -0000 1.240 +++ fc7 15 Jan 2008 15:02:02 -0000 1.241 @@ -27,6 +27,7 @@ CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427828 [since FEDORA-2008-0506] CVE-2007-6613 fixed (libcdio) #427198 [since FEDORA-2008-0104] GENERIC-MAP-NOMATCH fixed (wordpress) #426432 [since FEDORA-2008-0126] +CVE-2007-6612 ignore (rubygem-mongrel, only affects 1.0.4) affected version was not shipped CVE-2007-6611 fixed (mantis) #427279 [since FEDORA-2008-0353] CVE-2007-6601 fixed (postgresql, fixed 8.2.6) #427772 [since FEDORA-2008-0552] CVE-2007-6600 fixed (postgresql, fixed 8.2.6) #427772 [since FEDORA-2008-0552] @@ -469,6 +470,7 @@ CVE-2007-2245 version (phpMyAdmin, fixed 2.10.1) #237882 CVE-2007-2243 ignore (openssh, fixed 4.6) needs S/KEY support which is not shipped. CVE-2007-2241 backport (bind) [since FEDORA-2007-0300] +CVE-2007-2241 version (bind, fixed 9.4.1) CVE-2007-2176 ignore (firefox) only affects the java quicktime interaction CVE-2007-2172 version (kernel, fixed 2.6.21-rc6) CVE-2007-2165 version (proftpd) #237533 [since FEDORA-2007-2613]

16 years, 3 months

1
0
0 / 0

fedora-security/audit f9,1.76,1.77

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7479 Modified Files: f9 Log Message: This was so fast. Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.76 retrieving revision 1.77 diff -u -r1.76 -r1.77 --- f9 14 Jan 2008 21:06:46 -0000 1.76 +++ f9 14 Jan 2008 22:07:35 -0000 1.77 @@ -10,7 +10,7 @@ GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-007 GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-006 GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-005 -GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428730 +GENERIC-MAP-NOMATCH fixed (python-paramiko) #428730 [since python-paramiko-1.7.1-3.fc9] CVE-2008-0252 backport (python-cherrypy) [since python-cherrypy-2.2.1-8.fc9] **CVE-2008-0238 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9] CVE-2008-0225 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9]

16 years, 3 months

1
0
0 / 0

fedora-security/audit f8, 1.83, 1.84 f9, 1.75, 1.76 fc7, 1.239, 1.240

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29745 Modified Files: f8 f9 fc7 Log Message: moodle Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.83 retrieving revision 1.84 diff -u -r1.83 -r1.84 --- f8 14 Jan 2008 21:02:02 -0000 1.83 +++ f8 14 Jan 2008 21:06:46 -0000 1.84 @@ -20,6 +20,7 @@ **CVE-2008-0193 VULNERABLE (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) **CVE-2008-0192 version (wordpress, not fixed 2.0.9) CVE-2008-0191 ignore (wordpress) File path is not a sensitive information +CVE-2008-0123 VULNERABLE (moodle) #428731 CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199] CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427982 CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427829 [since FEDORA-2008-0572] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.75 retrieving revision 1.76 diff -u -r1.75 -r1.76 --- f9 14 Jan 2008 21:02:02 -0000 1.75 +++ f9 14 Jan 2008 21:06:46 -0000 1.76 @@ -20,6 +20,7 @@ **CVE-2008-0193 VULNERABLE (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) **CVE-2008-0192 version (wordpress, not fixed 2.0.9) CVE-2008-0191 ignore (wordpress) File path is not a sensitive information +CVE-2008-0123 fixed (moodle) #428731 [since moodle-1.8.4-1.fc9] CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9] CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427984 CVE-2008-0003 version (tog-pegasus, fixed 2.7.0) Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.239 retrieving revision 1.240 diff -u -r1.239 -r1.240 --- fc7 14 Jan 2008 21:02:02 -0000 1.239 +++ fc7 14 Jan 2008 21:06:46 -0000 1.240 @@ -21,6 +21,7 @@ **CVE-2008-0193 VULNERABLE (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) **CVE-2008-0192 version (wordpress, not fixed 2.0.9) CVE-2008-0191 ignore (wordpress) File path is not a sensitive information +CVE-2008-0123 VULNERABLE (moodle) #428731 CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198] CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427983 CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427828 [since FEDORA-2008-0506]

16 years, 3 months

1
0
0 / 0

fedora-security/audit f8, 1.82, 1.83 f9, 1.74, 1.75 fc7, 1.238, 1.239

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29433 Modified Files: f8 f9 fc7 Log Message: paramiko Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.82 retrieving revision 1.83 diff -u -r1.82 -r1.83 --- f8 14 Jan 2008 12:49:26 -0000 1.82 +++ f8 14 Jan 2008 21:02:02 -0000 1.83 @@ -10,6 +10,7 @@ GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0485] GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0485] GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0485] +GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428728 CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0299] **CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1) CVE-2008-0225 VULNERABLE (xine-lib, fixed 1.1.9.1) Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.74 retrieving revision 1.75 diff -u -r1.74 -r1.75 --- f9 14 Jan 2008 12:49:26 -0000 1.74 +++ f9 14 Jan 2008 21:02:02 -0000 1.75 @@ -10,6 +10,7 @@ GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-007 GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-006 GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-005 +GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428730 CVE-2008-0252 backport (python-cherrypy) [since python-cherrypy-2.2.1-8.fc9] **CVE-2008-0238 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9] CVE-2008-0225 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.238 retrieving revision 1.239 diff -u -r1.238 -r1.239 --- fc7 14 Jan 2008 10:05:07 -0000 1.238 +++ fc7 14 Jan 2008 21:02:02 -0000 1.239 @@ -11,6 +11,7 @@ GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0469] GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0469] GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0469] +GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428729 CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0333] **CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1) CVE-2008-0225 VULNERABLE (xine-lib, fixed 1.1.9.1)

16 years, 3 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

security-commits January 2008