January 2008 - security-commits - Fedora Mailing-Lists

fedora-security/audit f8, 1.73, 1.74 f9, 1.66, 1.67 fc7, 1.229, 1.230

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10523/audit Modified Files: f8 f9 fc7 Log Message: note some cups CVEs Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.73 retrieving revision 1.74 diff -u -r1.73 -r1.74 --- f8 8 Jan 2008 18:48:12 -0000 1.73 +++ f8 9 Jan 2008 13:00:00 -0000 1.74 @@ -97,6 +97,8 @@ CVE-2007-5925 backport (mysql, fixed 5.0.54) #424931 [since FEDORA-2007-4465] CVE-2007-5907 VULNERABLE (xen) #390111 CVE-2007-5906 VULNERABLE (xen) #390111 +CVE-2007-5849 ignore (cups, fixed 1.3.5) minimal impact, see #415131 +CVE-2007-5848 version (cups, fixed 1.2.0) CVE-2007-5795 backport (emacs) #367591 [since FEDORA-2007-2946] CVE-2007-5770 backport (ruby) #373391 [since FEDORA-2007-2812] GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.66 retrieving revision 1.67 diff -u -r1.66 -r1.67 --- f9 8 Jan 2008 18:48:12 -0000 1.66 +++ f9 9 Jan 2008 13:00:00 -0000 1.67 @@ -96,6 +96,8 @@ CVE-2007-5925 backport (mysql, fixed 5.0.54) [since mysql-5.0.45-6.fc9] CVE-2007-5907 VULNERABLE (xen) #390121 CVE-2007-5906 VULNERABLE (xen) #390121 +CVE-2007-5849 version (cups, fixed 1.3.5) [since cups-1.3.5-1.fc9] +CVE-2007-5848 version (cups, fixed 1.2.0) CVE-2007-5795 backport (emacs) #367601 [since emacs-22.1-8.fc9] GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 CVE-2007-5770 backport (ruby) #373401 [since ruby-1.8.6.111-1] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.229 retrieving revision 1.230 diff -u -r1.229 -r1.230 --- fc7 8 Jan 2008 18:48:12 -0000 1.229 +++ fc7 9 Jan 2008 13:00:00 -0000 1.230 @@ -97,6 +97,8 @@ CVE-2007-5925 backport (mysql, fixed 5.0.54) #424921 [since FEDORA-2007-4471] CVE-2007-5907 VULNERABLE (xen) #390101 CVE-2007-5906 VULNERABLE (xen) #390101 +CVE-2007-5849 ignore (cups, fixed 1.3.5) minimal impact, see #415131 +CVE-2007-5848 version (cups, fixed 1.2.0) CVE-2007-5846 backport (net-snmp) [since FEDORA-2007-3019] CVE-2007-5795 backport (emacs) #367581 [since FEDORA-2007-3056] CVE-2007-5770 backport (ruby) #373381 [since FEDORA-2007-2685]

16 years, 4 months

1
0
0 / 0

fedora-security/audit f8, 1.72, 1.73 f9, 1.65, 1.66 fc7, 1.228, 1.229

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22642 Modified Files: f8 f9 fc7 Log Message: dovecot Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.72 retrieving revision 1.73 diff -u -r1.72 -r1.73 --- f8 8 Jan 2008 18:07:33 -0000 1.72 +++ f8 8 Jan 2008 18:48:12 -0000 1.73 @@ -17,6 +17,7 @@ CVE-2007-6611 fixed (mantis) #427278 [since FEDORA-2008-0282] CVE-2007-6601 VULNERABLE (postgresql, fixed 8.2.6) #427773 CVE-2007-6600 VULNERABLE (postgresql, fixed 8.2.6) #427773 +CVE-2007-6598 ignore (dovecot) Needs knowledge of victim's password CVE-2007-6596 VULNERABLE (clamav) #427287 Might be considered a mail client flaw CVE-2007-6595 VULNERABLE (clamav) #427287 CVE-2007-6465 version (ganglia, fixed 3.0.6) [since FEDORA-2007-4562] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.65 retrieving revision 1.66 diff -u -r1.65 -r1.66 --- f9 8 Jan 2008 18:07:33 -0000 1.65 +++ f9 8 Jan 2008 18:48:12 -0000 1.66 @@ -19,6 +19,7 @@ CVE-2007-6611 version (mantis) #427280 [since mantis-1.1.0-1.fc9] CVE-2007-6601 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] CVE-2007-6600 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] +CVE-2007-6598 ignore (dovecot) Needs knowledge of victim's password CVE-2007-6596 VULNERABLE (clamav) #427289 Might be considered a mail client flaw CVE-2007-6595 VULNERABLE (clamav) #427289 CVE-2007-6465 version (ganglia, fixed 3.0.6) [since ganglia-3.0.6-1.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.228 retrieving revision 1.229 diff -u -r1.228 -r1.229 --- fc7 8 Jan 2008 13:58:50 -0000 1.228 +++ fc7 8 Jan 2008 18:48:12 -0000 1.229 @@ -17,6 +17,7 @@ CVE-2007-6611 fixed (mantis) #427279 [since FEDORA-2008-0353] CVE-2007-6601 VULNERABLE (postgresql, fixed 8.2.6) #427772 CVE-2007-6600 VULNERABLE (postgresql, fixed 8.2.6) #427772 +CVE-2007-6598 ignore (dovecot) Needs knowledge of victim's password CVE-2007-6596 VULNERABLE (clamav) #427288 Might be considered a mail client flaw CVE-2007-6595 VULNERABLE (clamav) #427288 CVE-2007-6465 version (ganglia, fixed 3.0.6) [since FEDORA-2007-4584]

16 years, 5 months

1
0
0 / 0

fedora-security/audit f8, 1.71, 1.72 f9, 1.64, 1.65

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21469 Modified Files: f8 f9 Log Message: jetty Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.71 retrieving revision 1.72 diff -u -r1.71 -r1.72 --- f8 8 Jan 2008 13:58:50 -0000 1.71 +++ f8 8 Jan 2008 18:07:33 -0000 1.72 @@ -11,6 +11,7 @@ CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199] CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427982 CVE-2008-0003 VULNERABLE (tog-pegasus, fixed 2.7.0) #427829 +CVE-2007-6672 VULNERABLE (jetty) #428017 CVE-2007-6613 fixed (libcdio) #427199 [since FEDORA-2008-0136] GENERIC-MAP-NOMATCH fixed (wordpress) #426433 [since FEDORA-2008-0103] CVE-2007-6611 fixed (mantis) #427278 [since FEDORA-2008-0282] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.64 retrieving revision 1.65 diff -u -r1.64 -r1.65 --- f9 8 Jan 2008 13:58:50 -0000 1.64 +++ f9 8 Jan 2008 18:07:33 -0000 1.65 @@ -11,6 +11,7 @@ CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9] CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427984 CVE-2008-0003 version (tog-pegasus, fixed 2.7.0) +CVE-2007-6672 VULNERABLE (jetty) #428018 CVE-2007-6631 fixed (libnemesi, not fixed 0.6.4-rc1) #426910 [since libnemesi-0.6.4-0.1.rc2.fc9] This wasn't released yet CVE-2007-6630 version (netembryo, fixed 0.0.5) #427470 There was not release in stable branches yet [since netembryo-0.0.5-1.fc9] CVE-2007-6613 version (libcdio) #427200 [since libcdio-0.79-2.fc9]

16 years, 5 months

1
0
0 / 0

fedora-security/tools/lib/Libexig Bugzilla.pm, 1.1.2.1, 1.1.2.2

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/tools/lib/Libexig In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1535/Libexig Modified Files: Tag: lkundrak-tools-ng Bugzilla.pm Log Message: add add_comment method turn add_private_comment to simple wrapper around add_comment Index: Bugzilla.pm =================================================================== RCS file: /cvs/fedora/fedora-security/tools/lib/Libexig/Attic/Bugzilla.pm,v retrieving revision 1.1.2.1 retrieving revision 1.1.2.2 diff -u -r1.1.2.1 -r1.1.2.2 --- Bugzilla.pm 6 Jan 2008 03:31:53 -0000 1.1.2.1 +++ Bugzilla.pm 8 Jan 2008 16:15:51 -0000 1.1.2.2 @@ -147,17 +147,24 @@ return undef; } -# Add private comment (unless dryrun) to a bug -sub add_private_comment +# Add comment to a bug (unless in dryrun mode) +# Arguments: bug id, comment, make comment private (0/1) +sub add_comment { my $self = shift; - return 0 if $self->{dryrun}; - my $bug = shift or die 'No bug!'; my $comment = shift or die 'No comment!'; + my $private; $private = shift or $private= 0; + + if ($self->{dryrun}) { + print STDERR 'Would add following comment to bug: #'.$bug."\n"; + print STDERR "$comment\n"; + return 0; + } - my $call = $self->{rpc}->call('bugzilla.addComment', $bug, $comment, @{$self->{creds}}, 1); + my $call = $self->{rpc}->call('bugzilla.addComment', $bug, $comment, + @{$self->{creds}}, $private); my $result = $call->result or die $call->faultstring; @@ -167,4 +174,14 @@ return undef; } +# Add private comment to a bug +sub add_private_comment +{ + my $self = shift; + my $bug = shift; + my $comment = shift; + + $self->add_comment($bug, $comment, 1); +} + 1;

16 years, 5 months

1
0
0 / 0

fedora-security/audit f8, 1.70, 1.71 f9, 1.63, 1.64 fc7, 1.227, 1.228

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6667/audit Modified Files: f8 f9 fc7 Log Message: recent httpd issue formatting fixes Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.70 retrieving revision 1.71 diff -u -r1.70 -r1.71 --- f8 8 Jan 2008 13:17:33 -0000 1.70 +++ f8 8 Jan 2008 13:58:50 -0000 1.71 @@ -9,12 +9,13 @@ GENERIC-MAP-NOMATCH backport (python-cherrypy) [since FEDORA-2008-0299] CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199] -CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427829 +CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427982 +CVE-2008-0003 VULNERABLE (tog-pegasus, fixed 2.7.0) #427829 CVE-2007-6613 fixed (libcdio) #427199 [since FEDORA-2008-0136] GENERIC-MAP-NOMATCH fixed (wordpress) #426433 [since FEDORA-2008-0103] CVE-2007-6611 fixed (mantis) #427278 [since FEDORA-2008-0282] -CVE-2007-6601 VULNERABLE (postgresql, 8.2.6) #427773 -CVE-2007-6600 VULNERABLE (postgresql, 8.2.6) #427773 +CVE-2007-6601 VULNERABLE (postgresql, fixed 8.2.6) #427773 +CVE-2007-6600 VULNERABLE (postgresql, fixed 8.2.6) #427773 CVE-2007-6596 VULNERABLE (clamav) #427287 Might be considered a mail client flaw CVE-2007-6595 VULNERABLE (clamav) #427287 CVE-2007-6465 version (ganglia, fixed 3.0.6) [since FEDORA-2007-4562] @@ -23,6 +24,9 @@ CVE-2007-6441 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4590] CVE-2007-6439 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4590] CVE-2007-6438 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4590] +CVE-2007-6422 VULNERABLE (httpd, fixed 2.2.7) #427982 +CVE-2007-6421 VULNERABLE (httpd, fixed 2.2.7) #427982 +CVE-2007-6388 VULNERABLE (httpd, fixed 2.2.7) #427982 CVE-2007-6337 VULNERABLE (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115] CVE-2007-6336 VULNERABLE (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115] CVE-2007-6335 VULNERABLE (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115] @@ -67,7 +71,7 @@ CVE-2007-6111 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4590] CVE-2007-6110 backport (htdig) [since FEDORA-2007-3958] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3639] -CVE-2007-6067 VULNERABLE (postgresql, 8.2.6) #427773 +CVE-2007-6067 VULNERABLE (postgresql, fixed 8.2.6) #427773 CVE-2007-6061 VULNERABLE (audacity) #393251 CVE-2007-6015 version (samba, fixed 3.0.28) [since FEDORA-2007-4275] CVE-2007-6013 VULNERABLE (wordpress) @@ -104,7 +108,7 @@ CVE-2007-5624 version (nagios, fixed 2.10) #362801 [since FEDORA-2007-4145] CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731 [since FEDORA-2007-2876] nagios-plugins-1.4.8-9.fc8 CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-3636] -CVE-2007-5503 version (cairo, 1.4.12) [since FEDORA-2007-3913] +CVE-2007-5503 version (cairo, fixed 1.4.12) [since FEDORA-2007-3913] CVE-2007-5501 version (kernel) [since FEDORA-2007-3837] CVE-2007-5500 version (kernel) [since FEDORA-2007-3837] CVE-2007-5497 VULNERABLE (e2fsprogs) #414581 [since FEDORA-2007-4447] @@ -134,13 +138,13 @@ CVE-2007-5079 VULNERABLE (gdm) #363021 Red Hat specific problem CVE-2007-5037 version (inotify-tools, fixed 3.11) #299771 CVE-2007-5007 version (balsa, before 2.3.20) #297601 -CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7) +CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7) #427982 CVE-2007-4999 version (pidgin, fixed 2.2.2) CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5) CVE-2007-4841 version (thunderbird) [since FEDORA-2007-3414] windows only anyway CVE-2007-4829 VULNERABLE (perl-Archive-Tar, not fixed upstream) #364281 -CVE-2007-4772 VULNERABLE (postgresql, 8.2.6) #427773 -CVE-2007-4769 VULNERABLE (postgresql, 8.2.6) #427773 +CVE-2007-4772 VULNERABLE (postgresql, fixed 8.2.6) #427773 +CVE-2007-4769 VULNERABLE (postgresql, fixed 8.2.6) #427773 CVE-2007-4752 version (openssh, fixed 4.7) #280461 CVE-2007-4619 version (flac, fixed 1.2) #332581 CVE-2007-4575 backport (openoffice.org, fixed 2.3.1) [since FEDORA-2007-4172] @@ -174,7 +178,7 @@ CVE-2007-3382 version (tomcat5) [since FEDORA-2007-3474] CVE-2007-3280 ignore (postgresql) bogus CVE assignment CVE-2007-3279 ignore (postgresql) bogus CVE assignment -CVE-2007-3278 version (postgresql, 8.2.5) +CVE-2007-3278 version (postgresql, fixed 8.2.5) CVE-2007-3145 ignore (galeon) in 2.0.3 the truncation still occurs, but at reasonable length CVE-2007-2807 backport (eggdrop) [since FEDORA-2007-4305] CVE-2007-2450 version (tomcat5) #363081 [since FEDORA-2007-3474] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.63 retrieving revision 1.64 diff -u -r1.63 -r1.64 --- f9 8 Jan 2008 13:17:33 -0000 1.63 +++ f9 8 Jan 2008 13:58:50 -0000 1.64 @@ -9,14 +9,15 @@ GENERIC-MAP-NOMATCH backport (python-cherrypy) [since python-cherrypy-2.2.1-8.fc9] CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9] -CVE-2008-0003 version (tog-pegasus, 2.7.0) +CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427984 +CVE-2008-0003 version (tog-pegasus, fixed 2.7.0) CVE-2007-6631 fixed (libnemesi, not fixed 0.6.4-rc1) #426910 [since libnemesi-0.6.4-0.1.rc2.fc9] This wasn't released yet CVE-2007-6630 version (netembryo, fixed 0.0.5) #427470 There was not release in stable branches yet [since netembryo-0.0.5-1.fc9] CVE-2007-6613 version (libcdio) #427200 [since libcdio-0.79-2.fc9] GENERIC-MAP-NOMATCH VULNERABLE (wordpress) #426434 CVE-2007-6611 version (mantis) #427280 [since mantis-1.1.0-1.fc9] -CVE-2007-6601 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] -CVE-2007-6600 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] +CVE-2007-6601 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] +CVE-2007-6600 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] CVE-2007-6596 VULNERABLE (clamav) #427289 Might be considered a mail client flaw CVE-2007-6595 VULNERABLE (clamav) #427289 CVE-2007-6465 version (ganglia, fixed 3.0.6) [since ganglia-3.0.6-1.fc9] @@ -25,6 +26,9 @@ CVE-2007-6441 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] CVE-2007-6439 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] CVE-2007-6438 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] +CVE-2007-6422 VULNERABLE (httpd, fixed 2.2.7) #427984 +CVE-2007-6421 VULNERABLE (httpd, fixed 2.2.7) #427984 +CVE-2007-6388 VULNERABLE (httpd, fixed 2.2.7) #427984 CVE-2007-6337 version (clamav, fixed 0.92) #426213 [since clamav-0.92-3.fc9] CVE-2007-6336 version (clamav, fixed 0.92) #426213 [since clamav-0.92-3.fc9] CVE-2007-6335 version (clamav, fixed 0.92) #426213 [since clamav-0.92-3.fc9] @@ -66,7 +70,7 @@ CVE-2007-6111 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] CVE-2007-6110 version (htdig) [since htdig-3.2.0b6-13.fc9] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) -CVE-2007-6067 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] +CVE-2007-6067 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] CVE-2007-6061 VULNERABLE (audacity) #393251 CVE-2007-6035 version (cacti, fixed 0.8.7a) #392001 [since cacti-0.8.7a-1.fc9] CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28) @@ -102,7 +106,7 @@ CVE-2007-5624 version (nagios, fixed 2.10) #362811 [since nagios-2.10-3.fc9] CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731 CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 -CVE-2007-5503 version (cairo, 1.4.12) [since cairo-1.5.4-1.fc9] +CVE-2007-5503 version (cairo, fixed 1.4.12) [since cairo-1.5.4-1.fc9] CVE-2007-5497 backport (e2fsprogs) #414591 [since e2fsprogs-1.40.2-14.fc9] CVE-2007-5461 VULNERABLE (tomcat5, not fixed 5.5.25) #334531 CVE-2007-5395 version (link-grammar) #372361 [since link-grammar-4.2.5-1.fc9] @@ -127,12 +131,12 @@ CVE-2007-5079 VULNERABLE (gdm) #363041 Red Hat specific problem CVE-2007-5037 version (inotify-tools, fixed 3.11) #299771 CVE-2007-5007 version (balsa, before 2.3.20) #297601 -CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7) +CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7) #427984 CVE-2007-4999 version (pidgin, fixed 2.2.2) CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5) CVE-2007-4829 VULNERABLE (perl-Archive-Tar, not fixed upstream) #364291 -CVE-2007-4772 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] -CVE-2007-4769 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] +CVE-2007-4772 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] +CVE-2007-4769 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] CVE-2007-4575 version (openoffice.org, fixed 2.3.1) [since openoffice.org-2.3.1-9.1.fc9] CVE-2007-4752 version (openssh, fixed 4.7) #280461 CVE-2007-4619 version (flac, fixed 1.2) #332581 @@ -158,7 +162,7 @@ CVE-2007-3387 version (poppler, fixed 0.5.91) #251512 CVE-2007-3280 ignore (postgresql) bogus CVE assignment CVE-2007-3279 ignore (postgresql) bogus CVE assignment -CVE-2007-3278 version (postgresql, 8.2.5) +CVE-2007-3278 version (postgresql, fixed 8.2.5) CVE-2007-3145 ignore (galeon) in 2.0.3 the truncation still occurs, but at reasonable length CVE-2007-2450 VULNERABLE (tomcat5, not fixed 5.5.24) #244812 CVE-2007-2449 VULNERABLE (tomcat5, not fixed 5.5.24) #244812 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.227 retrieving revision 1.228 diff -u -r1.227 -r1.228 --- fc7 8 Jan 2008 13:17:33 -0000 1.227 +++ fc7 8 Jan 2008 13:58:50 -0000 1.228 @@ -10,12 +10,13 @@ GENERIC-MAP-NOMATCH backport (python-cherrypy) [since FEDORA-2008-0333] CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198] -CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427828 +CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427983 +CVE-2008-0003 VULNERABLE (tog-pegasus, fixed 2.7.0) #427828 CVE-2007-6613 fixed (libcdio) #427198 [since FEDORA-2008-0104] GENERIC-MAP-NOMATCH fixed (wordpress) #426432 [since FEDORA-2008-0126] CVE-2007-6611 fixed (mantis) #427279 [since FEDORA-2008-0353] -CVE-2007-6601 VULNERABLE (postgresql, 8.2.6) #427772 -CVE-2007-6600 VULNERABLE (postgresql, 8.2.6) #427772 +CVE-2007-6601 VULNERABLE (postgresql, fixed 8.2.6) #427772 +CVE-2007-6600 VULNERABLE (postgresql, fixed 8.2.6) #427772 CVE-2007-6596 VULNERABLE (clamav) #427288 Might be considered a mail client flaw CVE-2007-6595 VULNERABLE (clamav) #427288 CVE-2007-6465 version (ganglia, fixed 3.0.6) [since FEDORA-2007-4584] @@ -24,6 +25,9 @@ CVE-2007-6441 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4690] CVE-2007-6439 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4690] CVE-2007-6438 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4690] +CVE-2007-6422 VULNERABLE (httpd, fixed 2.2.7) #427983 +CVE-2007-6421 VULNERABLE (httpd, fixed 2.2.7) #427983 +CVE-2007-6388 VULNERABLE (httpd, fixed 2.2.7) #427983 CVE-2007-6337 VULNERABLE (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170] CVE-2007-6336 VULNERABLE (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170] CVE-2007-6335 VULNERABLE (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170] @@ -68,7 +72,7 @@ CVE-2007-6111 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4690] CVE-2007-6110 backport (htdig) [since FEDORA-2007-3907] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3666] -CVE-2007-6067 VULNERABLE (postgresql, 8.2.6) #427772 +CVE-2007-6067 VULNERABLE (postgresql, fixed 8.2.6) #427772 CVE-2007-6061 VULNERABLE (audacity) #393251 CVE-2007-6035 version (cacti, fixed 0.8.7a) #391981 [since FEDORA-2007-3683] CVE-2007-6015 version (samba, fixed 3.0.28) [since FEDORA-2007-4269] @@ -115,7 +119,7 @@ CVE-2007-5589 version (phpmyadmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-2738] CVE-2007-5585 backport (rss-glx) #336331 [since FEDORA-2007-2652] CVE-2007-5585 backport (tempest) #336331 [since FEDORA-2007-2652] -CVE-2007-5503 VULNERABLE (cairo, 1.4.12) [since FEDORA-2007-3818] +CVE-2007-5503 VULNERABLE (cairo, fixed 1.4.12) [since FEDORA-2007-3818] CVE-2007-5501 version (kernel) [since FEDORA-2007-3751] CVE-2007-5500 version (kernel) [since FEDORA-2007-3751] CVE-2007-5497 VULNERABLE (e2fsprogs) #414571 [since FEDORA-2007-4461] @@ -168,7 +172,7 @@ CVE-2007-5034 version (elinks) #297981 [since FEDORA-2007-2224] CVE-2007-5007 version (balsa) #297601 [since FEDORA-2007-2302] GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 -CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7) +CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7) #427983 CVE-2007-4999 version (pidgin, fixed 2.2.2) [since FEDORA-2007-2714] CVE-2007-4996 version (pidgin, fixed 2.2.1) [since FEDORA-2007-2368] CVE-2007-4995 backport (openssl, fixed 0.9.8f) [since FEDORA-2007-2530] @@ -187,8 +191,8 @@ CVE-2007-4829 VULNERABLE (perl-Archive-Tar) #315321 CVE-2007-4828 version (mediawiki, fixed 1.11.0, 1.10.2, 1.9.4) #287881 [since FEDORA-2007-2189] CVE-2007-4826 version (quagga, fixed 0.99.9) [since FEDORA-2007-2196] -CVE-2007-4772 VULNERABLE (postgresql, 8.2.6) #427772 -CVE-2007-4769 VULNERABLE (postgresql, 8.2.6) #427772 +CVE-2007-4772 VULNERABLE (postgresql, fixed 8.2.6) #427772 +CVE-2007-4769 VULNERABLE (postgresql, fixed 8.2.6) #427772 CVE-2007-4768 VULNERABLE (pcre, fixed 7.3) #378411 CVE-2007-4767 VULNERABLE (pcre, fixed 7.3) #378411 CVE-2007-4766 VULNERABLE (pcre, fixed 7.3) #378411 @@ -347,7 +351,7 @@ CVE-2007-3294 ignore (php-extras) win only CVE-2007-3280 ignore (postgresql) bogus CVE assignment CVE-2007-3279 ignore (postgresql) bogus CVE assignment -CVE-2007-3278 version (postgresql, 8.2.5) +CVE-2007-3278 version (postgresql, fixed 8.2.5) CVE-2007-3257 backport (evolution) #244283 [since FEDORA-2007-0464] CVE-2007-3241 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894] CVE-2007-3240 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894] @@ -379,7 +383,7 @@ CVE-2007-2958 version (claws-mail) #254121 [since FEDORA-2007-2009] CVE-2007-2958 backport (sylpheed) #254123 [since FEDORA-2007-1841] CVE-2007-2956 backport (qtpfsgui) #251674 [since FEDORA-2007-1581] -CVE-2007-2949 version (gimp, fixed, 2.2.16) [since FEDORA-2007-0725] +CVE-2007-2949 version (gimp, fixed 2.2.16) [since FEDORA-2007-0725] CVE-2007-2926 version (bind, fixed 9.4.1) [since FEDORA-2007-1247] CVE-2007-2925 version (bind, fixed 9.4.1) [since FEDORA-2007-1247] CVE-2007-2894 backport (bochs) #241799 [since FEDORA-2007-1778]

16 years, 5 months

1
0
0 / 0

fedora-security/audit f8, 1.69, 1.70 f9, 1.62, 1.63 fc7, 1.226, 1.227

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4971/audit Modified Files: f8 f9 fc7 Log Message: note cairo Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.69 retrieving revision 1.70 diff -u -r1.69 -r1.70 --- f8 8 Jan 2008 10:33:18 -0000 1.69 +++ f8 8 Jan 2008 13:17:33 -0000 1.70 @@ -104,6 +104,7 @@ CVE-2007-5624 version (nagios, fixed 2.10) #362801 [since FEDORA-2007-4145] CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731 [since FEDORA-2007-2876] nagios-plugins-1.4.8-9.fc8 CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-3636] +CVE-2007-5503 version (cairo, 1.4.12) [since FEDORA-2007-3913] CVE-2007-5501 version (kernel) [since FEDORA-2007-3837] CVE-2007-5500 version (kernel) [since FEDORA-2007-3837] CVE-2007-5497 VULNERABLE (e2fsprogs) #414581 [since FEDORA-2007-4447] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.62 retrieving revision 1.63 diff -u -r1.62 -r1.63 --- f9 8 Jan 2008 10:33:18 -0000 1.62 +++ f9 8 Jan 2008 13:17:33 -0000 1.63 @@ -102,6 +102,7 @@ CVE-2007-5624 version (nagios, fixed 2.10) #362811 [since nagios-2.10-3.fc9] CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731 CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 +CVE-2007-5503 version (cairo, 1.4.12) [since cairo-1.5.4-1.fc9] CVE-2007-5497 backport (e2fsprogs) #414591 [since e2fsprogs-1.40.2-14.fc9] CVE-2007-5461 VULNERABLE (tomcat5, not fixed 5.5.25) #334531 CVE-2007-5395 version (link-grammar) #372361 [since link-grammar-4.2.5-1.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.226 retrieving revision 1.227 diff -u -r1.226 -r1.227 --- fc7 8 Jan 2008 10:33:18 -0000 1.226 +++ fc7 8 Jan 2008 13:17:33 -0000 1.227 @@ -115,6 +115,7 @@ CVE-2007-5589 version (phpmyadmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-2738] CVE-2007-5585 backport (rss-glx) #336331 [since FEDORA-2007-2652] CVE-2007-5585 backport (tempest) #336331 [since FEDORA-2007-2652] +CVE-2007-5503 VULNERABLE (cairo, 1.4.12) [since FEDORA-2007-3818] CVE-2007-5501 version (kernel) [since FEDORA-2007-3751] CVE-2007-5500 version (kernel) [since FEDORA-2007-3751] CVE-2007-5497 VULNERABLE (e2fsprogs) #414571 [since FEDORA-2007-4461]

16 years, 5 months

1
0
0 / 0

fedora-security/audit f8, 1.68, 1.69 f9, 1.61, 1.62 fc7, 1.225, 1.226

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10004/audit Modified Files: f8 f9 fc7 Log Message: some updates Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.68 retrieving revision 1.69 diff -u -r1.68 -r1.69 --- f8 8 Jan 2008 08:26:57 -0000 1.68 +++ f8 8 Jan 2008 10:33:18 -0000 1.69 @@ -36,7 +36,7 @@ CVE-2007-6348 ignore (squirrelmail) trojaned version was not shipped CVE-2007-6328 ignore (dosbox) design decision CVE-2007-6321 VULNERABLE (roundcubemail) #423291 -CVE-2007-6318 fixed (wordpress) #426433 [since FEDORA-2008-0103] +CVE-2007-6318 VULNERABLE (wordpress) CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built CVE-2007-6303 backport (mysql, fixed 5.0.52) #424931 [since FEDORA-2007-4465] CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4163] SA-2007-031 @@ -70,7 +70,7 @@ CVE-2007-6067 VULNERABLE (postgresql, 8.2.6) #427773 CVE-2007-6061 VULNERABLE (audacity) #393251 CVE-2007-6015 version (samba, fixed 3.0.28) [since FEDORA-2007-4275] -CVE-2007-6013 fixed (wordpress) #426433 [since FEDORA-2008-0103] +CVE-2007-6013 VULNERABLE (wordpress) CVE-2007-6035 version (cacti, fixed 0.8.7a) #391991 [since FEDORA-2007-3667] CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] @@ -165,7 +165,7 @@ CVE-2007-3919 backport (xen, fixed 3.1.0-13) #361991 CVE-2007-3844 version (firefox, fixed 2.0.0.6) CVE-2007-3843 version (kernel) #246595 No idea which version fixed this -CVE-2007-3568 VULNERABLE (imlib) +CVE-2007-3568 backport (imlib) [since FEDORA-2007-4594] CVE-2007-3544 fixed (wordpress, NOT fixed 2.2.1) #245211 [since FEDORA-2007-0894] Incomplete fix for CVE-2007-3543 CVE-2007-3387 version (poppler, fixed 0.5.91) #251512 CVE-2007-3386 version (tomcat5) [since FEDORA-2007-3474] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.61 retrieving revision 1.62 diff -u -r1.61 -r1.62 --- f9 8 Jan 2008 08:26:57 -0000 1.61 +++ f9 8 Jan 2008 10:33:18 -0000 1.62 @@ -11,10 +11,10 @@ CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9] CVE-2008-0003 version (tog-pegasus, 2.7.0) CVE-2007-6631 fixed (libnemesi, not fixed 0.6.4-rc1) #426910 [since libnemesi-0.6.4-0.1.rc2.fc9] This wasn't released yet -CVE-2007-6630 VULNERABLE (netembryo, not fixed 0.0.4) #427470 There was not release in stable branches yet -CVE-2007-6613 VULNERABLE (libcdio) #427200 +CVE-2007-6630 version (netembryo, fixed 0.0.5) #427470 There was not release in stable branches yet [since netembryo-0.0.5-1.fc9] +CVE-2007-6613 version (libcdio) #427200 [since libcdio-0.79-2.fc9] GENERIC-MAP-NOMATCH VULNERABLE (wordpress) #426434 -CVE-2007-6611 VULNERABLE (mantis) #427280 +CVE-2007-6611 version (mantis) #427280 [since mantis-1.1.0-1.fc9] CVE-2007-6601 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] CVE-2007-6600 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] CVE-2007-6596 VULNERABLE (clamav) #427289 Might be considered a mail client flaw @@ -42,7 +42,7 @@ CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built CVE-2007-6303 backport (mysql, fixed 5.0.52) [since mysql-5.0.45-6.fc9] CVE-2007-6299 version (drupal, fixed 5.4) [since drupal-5.4-1.fc9] SA-2007-031 -CVE-2007-6285 VULNERABLE (autofs) #426401 +CVE-2007-6285 backport (autofs) #426401 [since autofs-5.0.2-25] CVE-2007-6283 backport (bind) #423081 [since bind-9.5.0-21.b1.fc9] CVE-2007-6239 version (squid, fixed 2.6.17) [since squid-2.6.STABLE17-1.fc9] CVE-2007-6210 backport (zabbix) #407181 [since zabbix-1.4.2-4.fc9] @@ -52,7 +52,7 @@ CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name CVE-2007-6201 version (wesnoth, fixed 1.2.8) [since wesnoth-1.2.8-3.fc9] -CVE-2007-6183 VULNERABLE (ruby-gnome2) #405611 +CVE-2007-6183 backport (ruby-gnome2) #405611 [since ruby-gnome2-0.16.0-22.fc9] CVE-2007-6121 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] CVE-2007-6120 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] CVE-2007-6119 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] @@ -121,7 +121,7 @@ CVE-2007-5201 VULNERABLE (duplicity, no upstream fix) #362841 CVE-2007-5200 version (hugin) #362871 [since hugin-0.6.1-11.fc9] CVE-2007-5198 VULNERABLE (nagios-plugins, fixed 1.4.10) #362901 -CVE-2007-5197 VULNERABLE (mono, fixed 1.2.5.1) #367551 +CVE-2007-5197 version (mono, fixed 1.2.5.1) #367551 [since mono-1.2.5.1-3.fc9] CVE-2007-5116 backport (perl) #378151 [since perl-5.8.8-31.fc9] CVE-2007-5079 VULNERABLE (gdm) #363041 Red Hat specific problem CVE-2007-5037 version (inotify-tools, fixed 3.11) #299771 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.225 retrieving revision 1.226 diff -u -r1.225 -r1.226 --- fc7 8 Jan 2008 08:26:57 -0000 1.225 +++ fc7 8 Jan 2008 10:33:18 -0000 1.226 @@ -37,7 +37,7 @@ CVE-2007-6348 ignore (squirrelmail) trojaned version was not shipped CVE-2007-6328 ignore (dosbox) design decision CVE-2007-6321 VULNERABLE (roundcubemail) #423281 -CVE-2007-6318 fixed (wordpress) #426432 [since FEDORA-2008-0126] +CVE-2007-6318 VULNERABLE (wordpress) CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built CVE-2007-6303 backport (mysql, fixed 5.0.52) #424921 [since FEDORA-2007-4471] CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4136] SA-2007-031 @@ -72,7 +72,7 @@ CVE-2007-6061 VULNERABLE (audacity) #393251 CVE-2007-6035 version (cacti, fixed 0.8.7a) #391981 [since FEDORA-2007-3683] CVE-2007-6015 version (samba, fixed 3.0.28) [since FEDORA-2007-4269] -CVE-2007-6013 fixed (wordpress) #426432 [since FEDORA-2008-0126] +CVE-2007-6013 VULNERABLE (wordpress) CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5970 ignore (mysql, fixed 5.1.23) mysql 5.1+ only, affects partitioning @@ -303,7 +303,7 @@ CVE-2007-3656 version (mozilla) #248518 [since FEDORA-2007-1138] CVE-2007-3642 version (kernel, fixed 2.6.22.1) [since FEDORA-2007-1130] CVE-2007-3628 version (php-pear-Structures-DataGrid-DataSource-MDB2, fixed 0.1.10) -CVE-2007-3568 VULNERABLE (imlib) +CVE-2007-3568 backport (imlib) [since FEDORA-2007-4561] CVE-2007-3555 version (moodle) #247528 [since FEDORA-2007-1445] CVE-2007-3546 ignore (nessus-core) Windows only CVE-2007-3528 version (dar, fixed 2.3.4) #246760 [since FEDORA-2007-0904]

16 years, 5 months

1
0
0 / 0

fedora-security/audit f8, 1.67, 1.68 f9, 1.60, 1.61 fc7, 1.224, 1.225

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13827/audit Modified Files: f8 f9 fc7 Log Message: python-cherrypy Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.67 retrieving revision 1.68 diff -u -r1.67 -r1.68 --- f8 8 Jan 2008 07:17:12 -0000 1.67 +++ f8 8 Jan 2008 08:26:57 -0000 1.68 @@ -7,6 +7,7 @@ # Up to date CVE as of CVE email 20071215 # Up to date F8 as of 20071221 +GENERIC-MAP-NOMATCH backport (python-cherrypy) [since FEDORA-2008-0299] CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199] CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427829 CVE-2007-6613 fixed (libcdio) #427199 [since FEDORA-2008-0136] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.60 retrieving revision 1.61 diff -u -r1.60 -r1.61 --- f9 8 Jan 2008 07:17:12 -0000 1.60 +++ f9 8 Jan 2008 08:26:57 -0000 1.61 @@ -7,6 +7,7 @@ # Up to date CVE as of CVE email 20071211 # Up to date F9 as of 20071029 +GENERIC-MAP-NOMATCH backport (python-cherrypy) [since python-cherrypy-2.2.1-8.fc9] CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9] CVE-2008-0003 version (tog-pegasus, 2.7.0) CVE-2007-6631 fixed (libnemesi, not fixed 0.6.4-rc1) #426910 [since libnemesi-0.6.4-0.1.rc2.fc9] This wasn't released yet Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.224 retrieving revision 1.225 diff -u -r1.224 -r1.225 --- fc7 8 Jan 2008 07:17:12 -0000 1.224 +++ fc7 8 Jan 2008 08:26:57 -0000 1.225 @@ -8,6 +8,7 @@ # Up to date CVE as of CVE email 200711215 # Up to date FC7 as of 20071221 +GENERIC-MAP-NOMATCH backport (python-cherrypy) [since FEDORA-2008-0333] CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198] CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427828 CVE-2007-6613 fixed (libcdio) #427198 [since FEDORA-2008-0104]

16 years, 5 months

1
0
0 / 0

fedora-security/audit f8, 1.66, 1.67 f9, 1.59, 1.60 fc7, 1.223, 1.224

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5127/audit Modified Files: f8 f9 fc7 Log Message: asterisk cve id postgresql fixed in rawhide Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.66 retrieving revision 1.67 diff -u -r1.66 -r1.67 --- f8 7 Jan 2008 18:33:33 -0000 1.66 +++ f8 8 Jan 2008 07:17:12 -0000 1.67 @@ -7,7 +7,7 @@ # Up to date CVE as of CVE email 20071215 # Up to date F8 as of 20071221 -GENERIC-MAP-NOMATCH VULNERABLE (asterisk, fixed 1.4.17) AST-2008-001 [pending asterisk-1.4.17-1.fc8] +CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199] CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427829 CVE-2007-6613 fixed (libcdio) #427199 [since FEDORA-2008-0136] GENERIC-MAP-NOMATCH fixed (wordpress) #426433 [since FEDORA-2008-0103] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.59 retrieving revision 1.60 diff -u -r1.59 -r1.60 --- f9 7 Jan 2008 18:33:33 -0000 1.59 +++ f9 8 Jan 2008 07:17:12 -0000 1.60 @@ -7,15 +7,15 @@ # Up to date CVE as of CVE email 20071211 # Up to date F9 as of 20071029 -GENERIC-MAP-NOMATCH version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9] +CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9] CVE-2008-0003 version (tog-pegasus, 2.7.0) CVE-2007-6631 fixed (libnemesi, not fixed 0.6.4-rc1) #426910 [since libnemesi-0.6.4-0.1.rc2.fc9] This wasn't released yet CVE-2007-6630 VULNERABLE (netembryo, not fixed 0.0.4) #427470 There was not release in stable branches yet CVE-2007-6613 VULNERABLE (libcdio) #427200 GENERIC-MAP-NOMATCH VULNERABLE (wordpress) #426434 CVE-2007-6611 VULNERABLE (mantis) #427280 -CVE-2007-6601 VULNERABLE (postgresql, 8.2.6) #427774 -CVE-2007-6600 VULNERABLE (postgresql, 8.2.6) #427774 +CVE-2007-6601 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] +CVE-2007-6600 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] CVE-2007-6596 VULNERABLE (clamav) #427289 Might be considered a mail client flaw CVE-2007-6595 VULNERABLE (clamav) #427289 CVE-2007-6465 version (ganglia, fixed 3.0.6) [since ganglia-3.0.6-1.fc9] @@ -65,7 +65,7 @@ CVE-2007-6111 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] CVE-2007-6110 version (htdig) [since htdig-3.2.0b6-13.fc9] CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) -CVE-2007-6067 VULNERABLE (postgresql, 8.2.6) #427774 +CVE-2007-6067 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] CVE-2007-6061 VULNERABLE (audacity) #393251 CVE-2007-6035 version (cacti, fixed 0.8.7a) #392001 [since cacti-0.8.7a-1.fc9] CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28) @@ -129,8 +129,8 @@ CVE-2007-4999 version (pidgin, fixed 2.2.2) CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5) CVE-2007-4829 VULNERABLE (perl-Archive-Tar, not fixed upstream) #364291 -CVE-2007-4772 VULNERABLE (postgresql, 8.2.6) #427774 -CVE-2007-4769 VULNERABLE (postgresql, 8.2.6) #427774 +CVE-2007-4772 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] +CVE-2007-4769 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] CVE-2007-4575 version (openoffice.org, fixed 2.3.1) [since openoffice.org-2.3.1-9.1.fc9] CVE-2007-4752 version (openssh, fixed 4.7) #280461 CVE-2007-4619 version (flac, fixed 1.2) #332581 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.223 retrieving revision 1.224 diff -u -r1.223 -r1.224 --- fc7 7 Jan 2008 18:33:33 -0000 1.223 +++ fc7 8 Jan 2008 07:17:12 -0000 1.224 @@ -8,7 +8,7 @@ # Up to date CVE as of CVE email 200711215 # Up to date FC7 as of 20071221 -GENERIC-MAP-NOMATCH VULNERABLE (asterisk, fixed 1.4.17) AST-2008-001 [pending asterisk-1.4.17-1.fc7] +CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198] CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427828 CVE-2007-6613 fixed (libcdio) #427198 [since FEDORA-2008-0104] GENERIC-MAP-NOMATCH fixed (wordpress) #426432 [since FEDORA-2008-0126]

16 years, 5 months

1
0
0 / 0

fedora-security/audit f8, 1.65, 1.66 f9, 1.58, 1.59 fc7, 1.222, 1.223

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17312/audit Modified Files: f8 f9 fc7 Log Message: tog-pegasus issue Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.65 retrieving revision 1.66 diff -u -r1.65 -r1.66 --- f8 7 Jan 2008 15:34:10 -0000 1.65 +++ f8 7 Jan 2008 18:33:33 -0000 1.66 @@ -8,6 +8,7 @@ # Up to date F8 as of 20071221 GENERIC-MAP-NOMATCH VULNERABLE (asterisk, fixed 1.4.17) AST-2008-001 [pending asterisk-1.4.17-1.fc8] +CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427829 CVE-2007-6613 fixed (libcdio) #427199 [since FEDORA-2008-0136] GENERIC-MAP-NOMATCH fixed (wordpress) #426433 [since FEDORA-2008-0103] CVE-2007-6611 fixed (mantis) #427278 [since FEDORA-2008-0282] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.58 retrieving revision 1.59 diff -u -r1.58 -r1.59 --- f9 7 Jan 2008 15:34:10 -0000 1.58 +++ f9 7 Jan 2008 18:33:33 -0000 1.59 @@ -8,6 +8,7 @@ # Up to date F9 as of 20071029 GENERIC-MAP-NOMATCH version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9] +CVE-2008-0003 version (tog-pegasus, 2.7.0) CVE-2007-6631 fixed (libnemesi, not fixed 0.6.4-rc1) #426910 [since libnemesi-0.6.4-0.1.rc2.fc9] This wasn't released yet CVE-2007-6630 VULNERABLE (netembryo, not fixed 0.0.4) #427470 There was not release in stable branches yet CVE-2007-6613 VULNERABLE (libcdio) #427200 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.222 retrieving revision 1.223 diff -u -r1.222 -r1.223 --- fc7 7 Jan 2008 15:34:10 -0000 1.222 +++ fc7 7 Jan 2008 18:33:33 -0000 1.223 @@ -9,6 +9,7 @@ # Up to date FC7 as of 20071221 GENERIC-MAP-NOMATCH VULNERABLE (asterisk, fixed 1.4.17) AST-2008-001 [pending asterisk-1.4.17-1.fc7] +CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427828 CVE-2007-6613 fixed (libcdio) #427198 [since FEDORA-2008-0104] GENERIC-MAP-NOMATCH fixed (wordpress) #426432 [since FEDORA-2008-0126] CVE-2007-6611 fixed (mantis) #427279 [since FEDORA-2008-0353]

16 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

security-commits January 2008