fedora-security/audit f8, 1.89, 1.90 fc7, 1.245, 1.246
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14165
Modified Files:
f8 fc7
Log Message:
moodle, paramiko, syslog-ng and e2fsprogs fixed
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.89
retrieving revision 1.90
diff -u -r1.89 -r1.90
--- f8 16 Jan 2008 15:40:25 -0000 1.89
+++ f8 17 Jan 2008 10:00:09 -0000 1.90
@@ -53,7 +53,7 @@
CVE-2007-6337 VULNERABLE (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115]
CVE-2007-6336 VULNERABLE (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115]
CVE-2007-6335 VULNERABLE (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115]
-CVE-2007-6437 VULNERABLE (syslog-ng) #426306 [since FEDORA-2008-0523]
+CVE-2007-6437 fixed (syslog-ng) #426306 [since FEDORA-2008-0523]
CVE-2007-6430 version (asterisk, fixed 1.4.16) [since FEDORA-2007-4651]
CVE-2007-6389 VULNERABLE (gnome-screensaver) #426170
CVE-2007-6353 VULNERABLE (exiv2) #425923
@@ -137,7 +137,7 @@
CVE-2007-5503 version (cairo, fixed 1.4.12) [since FEDORA-2007-3913]
CVE-2007-5501 version (kernel) [since FEDORA-2007-3837]
CVE-2007-5500 version (kernel) [since FEDORA-2007-3837]
-CVE-2007-5497 VULNERABLE (e2fsprogs) #414581 [since FEDORA-2007-4447]
+CVE-2007-5497 fixed (e2fsprogs) #414581 [since FEDORA-2007-4447]
CVE-2007-5461 version (tomcat5) #363001 [since FEDORA-2007-3474]
CVE-2007-5398 version (samba) [since FEDORA-2007-3403]
CVE-2007-5395 version (link-grammar) #372351 [since FEDORA-2007-3235]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.245
retrieving revision 1.246
diff -u -r1.245 -r1.246
--- fc7 16 Jan 2008 15:40:25 -0000 1.245
+++ fc7 17 Jan 2008 10:00:09 -0000 1.246
@@ -11,7 +11,7 @@
CVE-2008-0274 version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0469]
CVE-2008-0273 version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0469]
CVE-2008-0272 version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0469]
-GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428729
+GENERIC-MAP-NOMATCH fixed (python-paramiko) #428729 [since FEDORA-2008-0644]
CVE-2008-0285 ignore (ngircd) Not yet in Fedora, review request #234926
CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0333]
**CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1)
@@ -24,7 +24,7 @@
CVE-2008-0191 ignore (wordpress) File path is not a sensitive information
CVE-2008-0172 VULNERABLE (boost) #428974
CVE-2008-0171 VULNERABLE (boost) #428974
-CVE-2008-0123 VULNERABLE (moodle) #428731
+CVE-2008-0123 fixed (moodle) #428731 [since FEDORA-2008-0610]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198]
CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427983
CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427828 [since FEDORA-2008-0506]
@@ -53,7 +53,7 @@
CVE-2007-6337 VULNERABLE (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170]
CVE-2007-6336 VULNERABLE (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170]
CVE-2007-6335 VULNERABLE (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170]
-CVE-2007-6437 VULNERABLE (syslog-ng) #426305 [since FEDORA-2008-0559]
+CVE-2007-6437 fixed (syslog-ng) #426305 [since FEDORA-2008-0559]
CVE-2007-6430 version (asterisk, fixed 1.4.16) [since FEDORA-2007-4593]
CVE-2007-6389 VULNERABLE (gnome-screensaver) #426169
CVE-2007-6353 fixed (exiv2) #425922 [since FEDORA-2007-4551]
@@ -146,7 +146,7 @@
CVE-2007-5503 VULNERABLE (cairo, fixed 1.4.12) [since FEDORA-2007-3818]
CVE-2007-5501 version (kernel) [since FEDORA-2007-3751]
CVE-2007-5500 version (kernel) [since FEDORA-2007-3751]
-CVE-2007-5497 VULNERABLE (e2fsprogs) #414571 [since FEDORA-2007-4461]
+CVE-2007-5497 fixed (e2fsprogs) #414571 [since FEDORA-2007-4461]
CVE-2007-5461 version (tomcat5) #334511 [since FEDORA-2007-3456]
CVE-2007-5416 ignore (drupal) Vulnerability in PHP<5.1.3, we're safe
CVE-2007-5398 version (samba) [since FEDORA-2007-3402]
16 years, 3 months
fedora-security/tools/lib/Libexig Bugzilla.pm, 1.3, 1.4
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/tools/lib/Libexig
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10222/tools/lib/Libexig
Modified Files:
Bugzilla.pm
Log Message:
add possiblity to call arbitrary XMLRPC method
Index: Bugzilla.pm
===================================================================
RCS file: /cvs/fedora/fedora-security/tools/lib/Libexig/Bugzilla.pm,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- Bugzilla.pm 14 Jan 2008 16:33:12 -0000 1.3
+++ Bugzilla.pm 16 Jan 2008 17:27:01 -0000 1.4
@@ -240,4 +240,30 @@
$self->close_bug($bug, $resolution, $dupeid, $fixedin, $comment);
}
+# Call arbitrary Bugzilla XMLRPC method
+#
+# Arguments: method, method-specific arguments
+sub rpccall
+{
+ my $self = shift;
+ my $method = shift or die 'No XMLRPC method specified!';
+
+ print "Calling bugzilla.$method with arguments:\n", Dumper(\@_)
+ if $self->{'debug'};
+
+ my $call = $self->{rpc}->call('bugzilla.'.$method, @_);
+ my $result = $call->result;
+
+ if (!defined($result)) {
+ print STDERR "XMLRPC call to bugzilla.$method failed:\n";
+ print STDERR $call->faultstring;
+ return undef;
+ }
+
+ print "Bugzilla answer to bugzilla.$method:\n", Dumper($result), "\n"
+ if $self->{'debug'};
+
+ return $result;
+}
+
1;
16 years, 3 months
fedora-security/audit f8, 1.88, 1.89 f9, 1.81, 1.82 fc7, 1.244, 1.245
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26562
Modified Files:
f8 f9 fc7
Log Message:
boost regex flaws
old coolkey issue
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.88
retrieving revision 1.89
diff -u -r1.88 -r1.89
--- f8 16 Jan 2008 08:13:01 -0000 1.88
+++ f8 16 Jan 2008 15:40:25 -0000 1.89
@@ -21,6 +21,8 @@
CVE-2008-0193 ignore (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3.
**CVE-2008-0192 version (wordpress, not fixed 2.0.9)
CVE-2008-0191 ignore (wordpress) File path is not a sensitive information
+CVE-2008-0172 VULNERABLE (boost) #428975
+CVE-2008-0171 VULNERABLE (boost) #428975
CVE-2008-0123 fixed (moodle) #428731 [since FEDORA-2008-0610]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199]
CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427982
@@ -186,6 +188,7 @@
CVE-2007-4352 backport (koffice) #372601 [since FEDORA-2007-3093]
CVE-2007-4352 backport (tetex) #372661 [since FEDORA-2007-3308]
CVE-2007-4351 version (cups) #362971 [since FEDORA-2007-2982]
+CVE-2007-4129 backport (coolkey) [since coolkey-1.1.0-5.fc8]
CVE-2007-4045 backport (cups) [since FEDORA-2007-2982]
CVE-2007-4033 backport (tetex) [since FEDORA-2007-3308]
CVE-2007-3999 VULNERABLE (nfs-utils-lib) #362091
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.81
retrieving revision 1.82
diff -u -r1.81 -r1.82
--- f9 16 Jan 2008 08:13:01 -0000 1.81
+++ f9 16 Jan 2008 15:40:25 -0000 1.82
@@ -21,6 +21,8 @@
CVE-2008-0193 version (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3.2
**CVE-2008-0192 version (wordpress, not fixed 2.0.9)
CVE-2008-0191 ignore (wordpress) File path is not a sensitive information
+CVE-2008-0172 VULNERABLE (boost) #428976
+CVE-2008-0171 VULNERABLE (boost) #428976
CVE-2008-0123 fixed (moodle) #428731 [since moodle-1.8.4-1.fc9]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9]
CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427984
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.244
retrieving revision 1.245
diff -u -r1.244 -r1.245
--- fc7 16 Jan 2008 08:13:01 -0000 1.244
+++ fc7 16 Jan 2008 15:40:25 -0000 1.245
@@ -22,6 +22,8 @@
CVE-2008-0193 ignore (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3.2
**CVE-2008-0192 version (wordpress, not fixed 2.0.9)
CVE-2008-0191 ignore (wordpress) File path is not a sensitive information
+CVE-2008-0172 VULNERABLE (boost) #428974
+CVE-2008-0171 VULNERABLE (boost) #428974
CVE-2008-0123 VULNERABLE (moodle) #428731
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198]
CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427983
@@ -286,6 +288,7 @@
CVE-2007-4137 backport (qt) #292941 [since FEDORA-2007-2216]
CVE-2007-4134 version (star, fixed 1.5a84) #254128 [since FEDORA-2007-1852]
CVE-2007-4131 backport (tar) #253684 [since FEDORA-2007-1890]
+CVE-2007-4129 VULNERABLE (coolkey) #280091
CVE-2007-4066 backport (libvorbis) #245991 [since FEDORA-2007-1765]
CVE-2007-4065 backport (libvorbis) #245991 [since FEDORA-2007-1765]
CVE-2007-4045 backport (cups) [since FEDORA-2007-3100]
16 years, 3 months
fedora-security/audit f8, 1.87, 1.88 f9, 1.80, 1.81 fc7, 1.243, 1.244
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3315
Modified Files:
f8 f9 fc7
Log Message:
check-updates, ngircd issue
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.87
retrieving revision 1.88
diff -u -r1.87 -r1.88
--- f8 16 Jan 2008 08:10:07 -0000 1.87
+++ f8 16 Jan 2008 08:13:01 -0000 1.88
@@ -7,10 +7,11 @@
# Up to date CVE as of CVE email 20071215
# Up to date F8 as of 20080111
+CVE-2008-0285 ignore (ngircd) Not yet in Fedora, review request #234926
CVE-2008-0274 version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0485]
CVE-2008-0273 version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0485]
CVE-2008-0272 version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0485]
-GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428728
+GENERIC-MAP-NOMATCH fixed (python-paramiko) #428728 [since FEDORA-2008-0722]
CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0299]
**CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1)
CVE-2008-0225 VULNERABLE (xine-lib, fixed 1.1.9.1)
@@ -20,7 +21,7 @@
CVE-2008-0193 ignore (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3.
**CVE-2008-0192 version (wordpress, not fixed 2.0.9)
CVE-2008-0191 ignore (wordpress) File path is not a sensitive information
-CVE-2008-0123 VULNERABLE (moodle) #428731
+CVE-2008-0123 fixed (moodle) #428731 [since FEDORA-2008-0610]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199]
CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427982
CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427829 [since FEDORA-2008-0572]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.80
retrieving revision 1.81
diff -u -r1.80 -r1.81
--- f9 16 Jan 2008 08:10:07 -0000 1.80
+++ f9 16 Jan 2008 08:13:01 -0000 1.81
@@ -11,6 +11,7 @@
CVE-2008-0273 version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-006
CVE-2008-0272 version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-005
GENERIC-MAP-NOMATCH fixed (python-paramiko) #428730 [since python-paramiko-1.7.1-3.fc9]
+CVE-2008-0285 ignore (ngircd) Not yet in Fedora, review request #234926
CVE-2008-0252 backport (python-cherrypy) [since python-cherrypy-2.2.1-8.fc9]
**CVE-2008-0238 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9]
CVE-2008-0225 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.243
retrieving revision 1.244
diff -u -r1.243 -r1.244
--- fc7 16 Jan 2008 08:10:07 -0000 1.243
+++ fc7 16 Jan 2008 08:13:01 -0000 1.244
@@ -12,6 +12,7 @@
CVE-2008-0273 version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0469]
CVE-2008-0272 version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0469]
GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428729
+CVE-2008-0285 ignore (ngircd) Not yet in Fedora, review request #234926
CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0333]
**CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1)
CVE-2008-0225 VULNERABLE (xine-lib, fixed 1.1.9.1)
16 years, 3 months
fedora-security/audit f8, 1.86, 1.87 f9, 1.79, 1.80 fc7, 1.242, 1.243
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3252/audit
Modified Files:
f8 f9 fc7
Log Message:
drupal cve ids assigned
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.86
retrieving revision 1.87
diff -u -r1.86 -r1.87
--- f8 15 Jan 2008 16:16:36 -0000 1.86
+++ f8 16 Jan 2008 08:10:07 -0000 1.87
@@ -7,9 +7,9 @@
# Up to date CVE as of CVE email 20071215
# Up to date F8 as of 20080111
-GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0485]
-GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0485]
-GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0485]
+CVE-2008-0274 version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0485]
+CVE-2008-0273 version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0485]
+CVE-2008-0272 version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0485]
GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428728
CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0299]
**CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1)
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.79
retrieving revision 1.80
diff -u -r1.79 -r1.80
--- f9 15 Jan 2008 16:16:36 -0000 1.79
+++ f9 16 Jan 2008 08:10:07 -0000 1.80
@@ -7,9 +7,9 @@
# Up to date CVE as of CVE email 20071211
# Up to date F9 as of 20071029
-GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-007
-GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-006
-GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-005
+CVE-2008-0274 version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-007
+CVE-2008-0273 version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-006
+CVE-2008-0272 version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-005
GENERIC-MAP-NOMATCH fixed (python-paramiko) #428730 [since python-paramiko-1.7.1-3.fc9]
CVE-2008-0252 backport (python-cherrypy) [since python-cherrypy-2.2.1-8.fc9]
**CVE-2008-0238 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.242
retrieving revision 1.243
diff -u -r1.242 -r1.243
--- fc7 15 Jan 2008 16:16:36 -0000 1.242
+++ fc7 16 Jan 2008 08:10:07 -0000 1.243
@@ -8,9 +8,9 @@
# Up to date CVE as of CVE email 200711215
# Up to date FC7 as of 20080111
-GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0469]
-GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0469]
-GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0469]
+CVE-2008-0274 version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0469]
+CVE-2008-0273 version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0469]
+CVE-2008-0272 version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0469]
GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428729
CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0333]
**CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1)
16 years, 3 months
fedora-security/audit f8, 1.85, 1.86 f9, 1.78, 1.79 fc7, 1.241, 1.242
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31306/audit
Modified Files:
f8 f9 fc7
Log Message:
update wordpress notes based on http://bugs.gentoo.org/show_bug.cgi?id=205967
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.85
retrieving revision 1.86
diff -u -r1.85 -r1.86
--- f8 15 Jan 2008 15:02:02 -0000 1.85
+++ f8 15 Jan 2008 16:16:36 -0000 1.86
@@ -17,7 +17,7 @@
**CVE-2008-0196 version (wordpress, not fixed 2.0.11)
CVE-2008-0195 ignore (wordpress) File path is not a sensitive information
**CVE-2008-0194 version (wordpress, not fixed 2.0.4)
-**CVE-2008-0193 VULNERABLE (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x)
+CVE-2008-0193 ignore (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3.
**CVE-2008-0192 version (wordpress, not fixed 2.0.9)
CVE-2008-0191 ignore (wordpress) File path is not a sensitive information
CVE-2008-0123 VULNERABLE (moodle) #428731
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.78
retrieving revision 1.79
diff -u -r1.78 -r1.79
--- f9 15 Jan 2008 15:02:02 -0000 1.78
+++ f9 15 Jan 2008 16:16:36 -0000 1.79
@@ -17,7 +17,7 @@
**CVE-2008-0196 version (wordpress, not fixed 2.0.11)
CVE-2008-0195 ignore (wordpress) File path is not a sensitive information
**CVE-2008-0194 version (wordpress, not fixed 2.0.4)
-**CVE-2008-0193 VULNERABLE (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x)
+CVE-2008-0193 version (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3.2
**CVE-2008-0192 version (wordpress, not fixed 2.0.9)
CVE-2008-0191 ignore (wordpress) File path is not a sensitive information
CVE-2008-0123 fixed (moodle) #428731 [since moodle-1.8.4-1.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.241
retrieving revision 1.242
diff -u -r1.241 -r1.242
--- fc7 15 Jan 2008 15:02:02 -0000 1.241
+++ fc7 15 Jan 2008 16:16:36 -0000 1.242
@@ -18,7 +18,7 @@
**CVE-2008-0196 version (wordpress, not fixed 2.0.11)
CVE-2008-0195 ignore (wordpress) File path is not a sensitive information
**CVE-2008-0194 version (wordpress, not fixed 2.0.4)
-**CVE-2008-0193 VULNERABLE (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x)
+CVE-2008-0193 ignore (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3.2
**CVE-2008-0192 version (wordpress, not fixed 2.0.9)
CVE-2008-0191 ignore (wordpress) File path is not a sensitive information
CVE-2008-0123 VULNERABLE (moodle) #428731
16 years, 3 months
fedora-security/audit f8, 1.84, 1.85 f9, 1.77, 1.78 fc7, 1.240, 1.241
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22119/audit
Modified Files:
f8 f9 fc7
Log Message:
mongrel issue does not affect us
note one older issue
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.84
retrieving revision 1.85
diff -u -r1.84 -r1.85
--- f8 14 Jan 2008 21:06:46 -0000 1.84
+++ f8 15 Jan 2008 15:02:02 -0000 1.85
@@ -27,6 +27,7 @@
CVE-2007-6672 VULNERABLE (jetty) #428017
CVE-2007-6613 fixed (libcdio) #427199 [since FEDORA-2008-0136]
GENERIC-MAP-NOMATCH fixed (wordpress) #426433 [since FEDORA-2008-0103]
+CVE-2007-6612 ignore (rubygem-mongrel, only affects 1.0.4) affected version was not shipped
CVE-2007-6611 fixed (mantis) #427278 [since FEDORA-2008-0282]
CVE-2007-6601 fixed (postgresql, fixed 8.2.6) #427773 [since FEDORA-2008-0478]
CVE-2007-6600 fixed (postgresql, fixed 8.2.6) #427773 [since FEDORA-2008-0478]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.77
retrieving revision 1.78
diff -u -r1.77 -r1.78
--- f9 14 Jan 2008 22:07:35 -0000 1.77
+++ f9 15 Jan 2008 15:02:02 -0000 1.78
@@ -29,6 +29,7 @@
CVE-2007-6630 version (netembryo, fixed 0.0.5) #427470 There was not release in stable branches yet [since netembryo-0.0.5-1.fc9]
CVE-2007-6613 version (libcdio) #427200 [since libcdio-0.79-2.fc9]
GENERIC-MAP-NOMATCH VULNERABLE (wordpress) #426434
+CVE-2007-6612 ignore (rubygem-mongrel, only affects 1.0.4) affected version was not shipped
CVE-2007-6611 version (mantis) #427280 [since mantis-1.1.0-1.fc9]
CVE-2007-6601 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
CVE-2007-6600 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.240
retrieving revision 1.241
diff -u -r1.240 -r1.241
--- fc7 14 Jan 2008 21:06:46 -0000 1.240
+++ fc7 15 Jan 2008 15:02:02 -0000 1.241
@@ -27,6 +27,7 @@
CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427828 [since FEDORA-2008-0506]
CVE-2007-6613 fixed (libcdio) #427198 [since FEDORA-2008-0104]
GENERIC-MAP-NOMATCH fixed (wordpress) #426432 [since FEDORA-2008-0126]
+CVE-2007-6612 ignore (rubygem-mongrel, only affects 1.0.4) affected version was not shipped
CVE-2007-6611 fixed (mantis) #427279 [since FEDORA-2008-0353]
CVE-2007-6601 fixed (postgresql, fixed 8.2.6) #427772 [since FEDORA-2008-0552]
CVE-2007-6600 fixed (postgresql, fixed 8.2.6) #427772 [since FEDORA-2008-0552]
@@ -469,6 +470,7 @@
CVE-2007-2245 version (phpMyAdmin, fixed 2.10.1) #237882
CVE-2007-2243 ignore (openssh, fixed 4.6) needs S/KEY support which is not shipped.
CVE-2007-2241 backport (bind) [since FEDORA-2007-0300]
+CVE-2007-2241 version (bind, fixed 9.4.1)
CVE-2007-2176 ignore (firefox) only affects the java quicktime interaction
CVE-2007-2172 version (kernel, fixed 2.6.21-rc6)
CVE-2007-2165 version (proftpd) #237533 [since FEDORA-2007-2613]
16 years, 3 months
fedora-security/audit f9,1.76,1.77
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7479
Modified Files:
f9
Log Message:
This was so fast.
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.76
retrieving revision 1.77
diff -u -r1.76 -r1.77
--- f9 14 Jan 2008 21:06:46 -0000 1.76
+++ f9 14 Jan 2008 22:07:35 -0000 1.77
@@ -10,7 +10,7 @@
GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-007
GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-006
GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-005
-GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428730
+GENERIC-MAP-NOMATCH fixed (python-paramiko) #428730 [since python-paramiko-1.7.1-3.fc9]
CVE-2008-0252 backport (python-cherrypy) [since python-cherrypy-2.2.1-8.fc9]
**CVE-2008-0238 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9]
CVE-2008-0225 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9]
16 years, 3 months
fedora-security/audit f8, 1.83, 1.84 f9, 1.75, 1.76 fc7, 1.239, 1.240
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29745
Modified Files:
f8 f9 fc7
Log Message:
moodle
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.83
retrieving revision 1.84
diff -u -r1.83 -r1.84
--- f8 14 Jan 2008 21:02:02 -0000 1.83
+++ f8 14 Jan 2008 21:06:46 -0000 1.84
@@ -20,6 +20,7 @@
**CVE-2008-0193 VULNERABLE (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x)
**CVE-2008-0192 version (wordpress, not fixed 2.0.9)
CVE-2008-0191 ignore (wordpress) File path is not a sensitive information
+CVE-2008-0123 VULNERABLE (moodle) #428731
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199]
CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427982
CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427829 [since FEDORA-2008-0572]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.75
retrieving revision 1.76
diff -u -r1.75 -r1.76
--- f9 14 Jan 2008 21:02:02 -0000 1.75
+++ f9 14 Jan 2008 21:06:46 -0000 1.76
@@ -20,6 +20,7 @@
**CVE-2008-0193 VULNERABLE (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x)
**CVE-2008-0192 version (wordpress, not fixed 2.0.9)
CVE-2008-0191 ignore (wordpress) File path is not a sensitive information
+CVE-2008-0123 fixed (moodle) #428731 [since moodle-1.8.4-1.fc9]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9]
CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427984
CVE-2008-0003 version (tog-pegasus, fixed 2.7.0)
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.239
retrieving revision 1.240
diff -u -r1.239 -r1.240
--- fc7 14 Jan 2008 21:02:02 -0000 1.239
+++ fc7 14 Jan 2008 21:06:46 -0000 1.240
@@ -21,6 +21,7 @@
**CVE-2008-0193 VULNERABLE (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x)
**CVE-2008-0192 version (wordpress, not fixed 2.0.9)
CVE-2008-0191 ignore (wordpress) File path is not a sensitive information
+CVE-2008-0123 VULNERABLE (moodle) #428731
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198]
CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427983
CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427828 [since FEDORA-2008-0506]
16 years, 3 months
fedora-security/audit f8, 1.82, 1.83 f9, 1.74, 1.75 fc7, 1.238, 1.239
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29433
Modified Files:
f8 f9 fc7
Log Message:
paramiko
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.82
retrieving revision 1.83
diff -u -r1.82 -r1.83
--- f8 14 Jan 2008 12:49:26 -0000 1.82
+++ f8 14 Jan 2008 21:02:02 -0000 1.83
@@ -10,6 +10,7 @@
GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0485]
GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0485]
GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0485]
+GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428728
CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0299]
**CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1)
CVE-2008-0225 VULNERABLE (xine-lib, fixed 1.1.9.1)
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.74
retrieving revision 1.75
diff -u -r1.74 -r1.75
--- f9 14 Jan 2008 12:49:26 -0000 1.74
+++ f9 14 Jan 2008 21:02:02 -0000 1.75
@@ -10,6 +10,7 @@
GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-007
GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-006
GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-005
+GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428730
CVE-2008-0252 backport (python-cherrypy) [since python-cherrypy-2.2.1-8.fc9]
**CVE-2008-0238 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9]
CVE-2008-0225 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.238
retrieving revision 1.239
diff -u -r1.238 -r1.239
--- fc7 14 Jan 2008 10:05:07 -0000 1.238
+++ fc7 14 Jan 2008 21:02:02 -0000 1.239
@@ -11,6 +11,7 @@
GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0469]
GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0469]
GENERIC-MAP-NOMATCH version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0469]
+GENERIC-MAP-NOMATCH VULNERABLE (python-paramiko) #428729
CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0333]
**CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1)
CVE-2008-0225 VULNERABLE (xine-lib, fixed 1.1.9.1)
16 years, 3 months