fedora-security/audit f8, 1.73, 1.74 f9, 1.66, 1.67 fc7, 1.229, 1.230
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10523/audit
Modified Files:
f8 f9 fc7
Log Message:
note some cups CVEs
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.73
retrieving revision 1.74
diff -u -r1.73 -r1.74
--- f8 8 Jan 2008 18:48:12 -0000 1.73
+++ f8 9 Jan 2008 13:00:00 -0000 1.74
@@ -97,6 +97,8 @@
CVE-2007-5925 backport (mysql, fixed 5.0.54) #424931 [since FEDORA-2007-4465]
CVE-2007-5907 VULNERABLE (xen) #390111
CVE-2007-5906 VULNERABLE (xen) #390111
+CVE-2007-5849 ignore (cups, fixed 1.3.5) minimal impact, see #415131
+CVE-2007-5848 version (cups, fixed 1.2.0)
CVE-2007-5795 backport (emacs) #367591 [since FEDORA-2007-2946]
CVE-2007-5770 backport (ruby) #373391 [since FEDORA-2007-2812]
GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.66
retrieving revision 1.67
diff -u -r1.66 -r1.67
--- f9 8 Jan 2008 18:48:12 -0000 1.66
+++ f9 9 Jan 2008 13:00:00 -0000 1.67
@@ -96,6 +96,8 @@
CVE-2007-5925 backport (mysql, fixed 5.0.54) [since mysql-5.0.45-6.fc9]
CVE-2007-5907 VULNERABLE (xen) #390121
CVE-2007-5906 VULNERABLE (xen) #390121
+CVE-2007-5849 version (cups, fixed 1.3.5) [since cups-1.3.5-1.fc9]
+CVE-2007-5848 version (cups, fixed 1.2.0)
CVE-2007-5795 backport (emacs) #367601 [since emacs-22.1-8.fc9]
GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031
CVE-2007-5770 backport (ruby) #373401 [since ruby-1.8.6.111-1]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.229
retrieving revision 1.230
diff -u -r1.229 -r1.230
--- fc7 8 Jan 2008 18:48:12 -0000 1.229
+++ fc7 9 Jan 2008 13:00:00 -0000 1.230
@@ -97,6 +97,8 @@
CVE-2007-5925 backport (mysql, fixed 5.0.54) #424921 [since FEDORA-2007-4471]
CVE-2007-5907 VULNERABLE (xen) #390101
CVE-2007-5906 VULNERABLE (xen) #390101
+CVE-2007-5849 ignore (cups, fixed 1.3.5) minimal impact, see #415131
+CVE-2007-5848 version (cups, fixed 1.2.0)
CVE-2007-5846 backport (net-snmp) [since FEDORA-2007-3019]
CVE-2007-5795 backport (emacs) #367581 [since FEDORA-2007-3056]
CVE-2007-5770 backport (ruby) #373381 [since FEDORA-2007-2685]
16 years, 4 months
fedora-security/audit f8, 1.72, 1.73 f9, 1.65, 1.66 fc7, 1.228, 1.229
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22642
Modified Files:
f8 f9 fc7
Log Message:
dovecot
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.72
retrieving revision 1.73
diff -u -r1.72 -r1.73
--- f8 8 Jan 2008 18:07:33 -0000 1.72
+++ f8 8 Jan 2008 18:48:12 -0000 1.73
@@ -17,6 +17,7 @@
CVE-2007-6611 fixed (mantis) #427278 [since FEDORA-2008-0282]
CVE-2007-6601 VULNERABLE (postgresql, fixed 8.2.6) #427773
CVE-2007-6600 VULNERABLE (postgresql, fixed 8.2.6) #427773
+CVE-2007-6598 ignore (dovecot) Needs knowledge of victim's password
CVE-2007-6596 VULNERABLE (clamav) #427287 Might be considered a mail client flaw
CVE-2007-6595 VULNERABLE (clamav) #427287
CVE-2007-6465 version (ganglia, fixed 3.0.6) [since FEDORA-2007-4562]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.65
retrieving revision 1.66
diff -u -r1.65 -r1.66
--- f9 8 Jan 2008 18:07:33 -0000 1.65
+++ f9 8 Jan 2008 18:48:12 -0000 1.66
@@ -19,6 +19,7 @@
CVE-2007-6611 version (mantis) #427280 [since mantis-1.1.0-1.fc9]
CVE-2007-6601 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
CVE-2007-6600 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
+CVE-2007-6598 ignore (dovecot) Needs knowledge of victim's password
CVE-2007-6596 VULNERABLE (clamav) #427289 Might be considered a mail client flaw
CVE-2007-6595 VULNERABLE (clamav) #427289
CVE-2007-6465 version (ganglia, fixed 3.0.6) [since ganglia-3.0.6-1.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.228
retrieving revision 1.229
diff -u -r1.228 -r1.229
--- fc7 8 Jan 2008 13:58:50 -0000 1.228
+++ fc7 8 Jan 2008 18:48:12 -0000 1.229
@@ -17,6 +17,7 @@
CVE-2007-6611 fixed (mantis) #427279 [since FEDORA-2008-0353]
CVE-2007-6601 VULNERABLE (postgresql, fixed 8.2.6) #427772
CVE-2007-6600 VULNERABLE (postgresql, fixed 8.2.6) #427772
+CVE-2007-6598 ignore (dovecot) Needs knowledge of victim's password
CVE-2007-6596 VULNERABLE (clamav) #427288 Might be considered a mail client flaw
CVE-2007-6595 VULNERABLE (clamav) #427288
CVE-2007-6465 version (ganglia, fixed 3.0.6) [since FEDORA-2007-4584]
16 years, 5 months
fedora-security/audit f8, 1.71, 1.72 f9, 1.64, 1.65
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21469
Modified Files:
f8 f9
Log Message:
jetty
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.71
retrieving revision 1.72
diff -u -r1.71 -r1.72
--- f8 8 Jan 2008 13:58:50 -0000 1.71
+++ f8 8 Jan 2008 18:07:33 -0000 1.72
@@ -11,6 +11,7 @@
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199]
CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427982
CVE-2008-0003 VULNERABLE (tog-pegasus, fixed 2.7.0) #427829
+CVE-2007-6672 VULNERABLE (jetty) #428017
CVE-2007-6613 fixed (libcdio) #427199 [since FEDORA-2008-0136]
GENERIC-MAP-NOMATCH fixed (wordpress) #426433 [since FEDORA-2008-0103]
CVE-2007-6611 fixed (mantis) #427278 [since FEDORA-2008-0282]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.64
retrieving revision 1.65
diff -u -r1.64 -r1.65
--- f9 8 Jan 2008 13:58:50 -0000 1.64
+++ f9 8 Jan 2008 18:07:33 -0000 1.65
@@ -11,6 +11,7 @@
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9]
CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427984
CVE-2008-0003 version (tog-pegasus, fixed 2.7.0)
+CVE-2007-6672 VULNERABLE (jetty) #428018
CVE-2007-6631 fixed (libnemesi, not fixed 0.6.4-rc1) #426910 [since libnemesi-0.6.4-0.1.rc2.fc9] This wasn't released yet
CVE-2007-6630 version (netembryo, fixed 0.0.5) #427470 There was not release in stable branches yet [since netembryo-0.0.5-1.fc9]
CVE-2007-6613 version (libcdio) #427200 [since libcdio-0.79-2.fc9]
16 years, 5 months
fedora-security/tools/lib/Libexig Bugzilla.pm, 1.1.2.1, 1.1.2.2
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/tools/lib/Libexig
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1535/Libexig
Modified Files:
Tag: lkundrak-tools-ng
Bugzilla.pm
Log Message:
add add_comment method
turn add_private_comment to simple wrapper around add_comment
Index: Bugzilla.pm
===================================================================
RCS file: /cvs/fedora/fedora-security/tools/lib/Libexig/Attic/Bugzilla.pm,v
retrieving revision 1.1.2.1
retrieving revision 1.1.2.2
diff -u -r1.1.2.1 -r1.1.2.2
--- Bugzilla.pm 6 Jan 2008 03:31:53 -0000 1.1.2.1
+++ Bugzilla.pm 8 Jan 2008 16:15:51 -0000 1.1.2.2
@@ -147,17 +147,24 @@
return undef;
}
-# Add private comment (unless dryrun) to a bug
-sub add_private_comment
+# Add comment to a bug (unless in dryrun mode)
+# Arguments: bug id, comment, make comment private (0/1)
+sub add_comment
{
my $self = shift;
- return 0 if $self->{dryrun};
-
my $bug = shift or die 'No bug!';
my $comment = shift or die 'No comment!';
+ my $private; $private = shift or $private= 0;
+
+ if ($self->{dryrun}) {
+ print STDERR 'Would add following comment to bug: #'.$bug."\n";
+ print STDERR "$comment\n";
+ return 0;
+ }
- my $call = $self->{rpc}->call('bugzilla.addComment', $bug, $comment, @{$self->{creds}}, 1);
+ my $call = $self->{rpc}->call('bugzilla.addComment', $bug, $comment,
+ @{$self->{creds}}, $private);
my $result = $call->result
or die $call->faultstring;
@@ -167,4 +174,14 @@
return undef;
}
+# Add private comment to a bug
+sub add_private_comment
+{
+ my $self = shift;
+ my $bug = shift;
+ my $comment = shift;
+
+ $self->add_comment($bug, $comment, 1);
+}
+
1;
16 years, 5 months
fedora-security/audit f8, 1.70, 1.71 f9, 1.63, 1.64 fc7, 1.227, 1.228
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6667/audit
Modified Files:
f8 f9 fc7
Log Message:
recent httpd issue
formatting fixes
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.70
retrieving revision 1.71
diff -u -r1.70 -r1.71
--- f8 8 Jan 2008 13:17:33 -0000 1.70
+++ f8 8 Jan 2008 13:58:50 -0000 1.71
@@ -9,12 +9,13 @@
GENERIC-MAP-NOMATCH backport (python-cherrypy) [since FEDORA-2008-0299]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199]
-CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427829
+CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427982
+CVE-2008-0003 VULNERABLE (tog-pegasus, fixed 2.7.0) #427829
CVE-2007-6613 fixed (libcdio) #427199 [since FEDORA-2008-0136]
GENERIC-MAP-NOMATCH fixed (wordpress) #426433 [since FEDORA-2008-0103]
CVE-2007-6611 fixed (mantis) #427278 [since FEDORA-2008-0282]
-CVE-2007-6601 VULNERABLE (postgresql, 8.2.6) #427773
-CVE-2007-6600 VULNERABLE (postgresql, 8.2.6) #427773
+CVE-2007-6601 VULNERABLE (postgresql, fixed 8.2.6) #427773
+CVE-2007-6600 VULNERABLE (postgresql, fixed 8.2.6) #427773
CVE-2007-6596 VULNERABLE (clamav) #427287 Might be considered a mail client flaw
CVE-2007-6595 VULNERABLE (clamav) #427287
CVE-2007-6465 version (ganglia, fixed 3.0.6) [since FEDORA-2007-4562]
@@ -23,6 +24,9 @@
CVE-2007-6441 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4590]
CVE-2007-6439 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4590]
CVE-2007-6438 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4590]
+CVE-2007-6422 VULNERABLE (httpd, fixed 2.2.7) #427982
+CVE-2007-6421 VULNERABLE (httpd, fixed 2.2.7) #427982
+CVE-2007-6388 VULNERABLE (httpd, fixed 2.2.7) #427982
CVE-2007-6337 VULNERABLE (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115]
CVE-2007-6336 VULNERABLE (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115]
CVE-2007-6335 VULNERABLE (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115]
@@ -67,7 +71,7 @@
CVE-2007-6111 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4590]
CVE-2007-6110 backport (htdig) [since FEDORA-2007-3958]
CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3639]
-CVE-2007-6067 VULNERABLE (postgresql, 8.2.6) #427773
+CVE-2007-6067 VULNERABLE (postgresql, fixed 8.2.6) #427773
CVE-2007-6061 VULNERABLE (audacity) #393251
CVE-2007-6015 version (samba, fixed 3.0.28) [since FEDORA-2007-4275]
CVE-2007-6013 VULNERABLE (wordpress)
@@ -104,7 +108,7 @@
CVE-2007-5624 version (nagios, fixed 2.10) #362801 [since FEDORA-2007-4145]
CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731 [since FEDORA-2007-2876] nagios-plugins-1.4.8-9.fc8
CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-3636]
-CVE-2007-5503 version (cairo, 1.4.12) [since FEDORA-2007-3913]
+CVE-2007-5503 version (cairo, fixed 1.4.12) [since FEDORA-2007-3913]
CVE-2007-5501 version (kernel) [since FEDORA-2007-3837]
CVE-2007-5500 version (kernel) [since FEDORA-2007-3837]
CVE-2007-5497 VULNERABLE (e2fsprogs) #414581 [since FEDORA-2007-4447]
@@ -134,13 +138,13 @@
CVE-2007-5079 VULNERABLE (gdm) #363021 Red Hat specific problem
CVE-2007-5037 version (inotify-tools, fixed 3.11) #299771
CVE-2007-5007 version (balsa, before 2.3.20) #297601
-CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7)
+CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7) #427982
CVE-2007-4999 version (pidgin, fixed 2.2.2)
CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5)
CVE-2007-4841 version (thunderbird) [since FEDORA-2007-3414] windows only anyway
CVE-2007-4829 VULNERABLE (perl-Archive-Tar, not fixed upstream) #364281
-CVE-2007-4772 VULNERABLE (postgresql, 8.2.6) #427773
-CVE-2007-4769 VULNERABLE (postgresql, 8.2.6) #427773
+CVE-2007-4772 VULNERABLE (postgresql, fixed 8.2.6) #427773
+CVE-2007-4769 VULNERABLE (postgresql, fixed 8.2.6) #427773
CVE-2007-4752 version (openssh, fixed 4.7) #280461
CVE-2007-4619 version (flac, fixed 1.2) #332581
CVE-2007-4575 backport (openoffice.org, fixed 2.3.1) [since FEDORA-2007-4172]
@@ -174,7 +178,7 @@
CVE-2007-3382 version (tomcat5) [since FEDORA-2007-3474]
CVE-2007-3280 ignore (postgresql) bogus CVE assignment
CVE-2007-3279 ignore (postgresql) bogus CVE assignment
-CVE-2007-3278 version (postgresql, 8.2.5)
+CVE-2007-3278 version (postgresql, fixed 8.2.5)
CVE-2007-3145 ignore (galeon) in 2.0.3 the truncation still occurs, but at reasonable length
CVE-2007-2807 backport (eggdrop) [since FEDORA-2007-4305]
CVE-2007-2450 version (tomcat5) #363081 [since FEDORA-2007-3474]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.63
retrieving revision 1.64
diff -u -r1.63 -r1.64
--- f9 8 Jan 2008 13:17:33 -0000 1.63
+++ f9 8 Jan 2008 13:58:50 -0000 1.64
@@ -9,14 +9,15 @@
GENERIC-MAP-NOMATCH backport (python-cherrypy) [since python-cherrypy-2.2.1-8.fc9]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9]
-CVE-2008-0003 version (tog-pegasus, 2.7.0)
+CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427984
+CVE-2008-0003 version (tog-pegasus, fixed 2.7.0)
CVE-2007-6631 fixed (libnemesi, not fixed 0.6.4-rc1) #426910 [since libnemesi-0.6.4-0.1.rc2.fc9] This wasn't released yet
CVE-2007-6630 version (netembryo, fixed 0.0.5) #427470 There was not release in stable branches yet [since netembryo-0.0.5-1.fc9]
CVE-2007-6613 version (libcdio) #427200 [since libcdio-0.79-2.fc9]
GENERIC-MAP-NOMATCH VULNERABLE (wordpress) #426434
CVE-2007-6611 version (mantis) #427280 [since mantis-1.1.0-1.fc9]
-CVE-2007-6601 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
-CVE-2007-6600 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
+CVE-2007-6601 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
+CVE-2007-6600 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
CVE-2007-6596 VULNERABLE (clamav) #427289 Might be considered a mail client flaw
CVE-2007-6595 VULNERABLE (clamav) #427289
CVE-2007-6465 version (ganglia, fixed 3.0.6) [since ganglia-3.0.6-1.fc9]
@@ -25,6 +26,9 @@
CVE-2007-6441 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9]
CVE-2007-6439 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9]
CVE-2007-6438 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9]
+CVE-2007-6422 VULNERABLE (httpd, fixed 2.2.7) #427984
+CVE-2007-6421 VULNERABLE (httpd, fixed 2.2.7) #427984
+CVE-2007-6388 VULNERABLE (httpd, fixed 2.2.7) #427984
CVE-2007-6337 version (clamav, fixed 0.92) #426213 [since clamav-0.92-3.fc9]
CVE-2007-6336 version (clamav, fixed 0.92) #426213 [since clamav-0.92-3.fc9]
CVE-2007-6335 version (clamav, fixed 0.92) #426213 [since clamav-0.92-3.fc9]
@@ -66,7 +70,7 @@
CVE-2007-6111 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9]
CVE-2007-6110 version (htdig) [since htdig-3.2.0b6-13.fc9]
CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2)
-CVE-2007-6067 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
+CVE-2007-6067 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
CVE-2007-6061 VULNERABLE (audacity) #393251
CVE-2007-6035 version (cacti, fixed 0.8.7a) #392001 [since cacti-0.8.7a-1.fc9]
CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28)
@@ -102,7 +106,7 @@
CVE-2007-5624 version (nagios, fixed 2.10) #362811 [since nagios-2.10-3.fc9]
CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731
CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6
-CVE-2007-5503 version (cairo, 1.4.12) [since cairo-1.5.4-1.fc9]
+CVE-2007-5503 version (cairo, fixed 1.4.12) [since cairo-1.5.4-1.fc9]
CVE-2007-5497 backport (e2fsprogs) #414591 [since e2fsprogs-1.40.2-14.fc9]
CVE-2007-5461 VULNERABLE (tomcat5, not fixed 5.5.25) #334531
CVE-2007-5395 version (link-grammar) #372361 [since link-grammar-4.2.5-1.fc9]
@@ -127,12 +131,12 @@
CVE-2007-5079 VULNERABLE (gdm) #363041 Red Hat specific problem
CVE-2007-5037 version (inotify-tools, fixed 3.11) #299771
CVE-2007-5007 version (balsa, before 2.3.20) #297601
-CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7)
+CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7) #427984
CVE-2007-4999 version (pidgin, fixed 2.2.2)
CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5)
CVE-2007-4829 VULNERABLE (perl-Archive-Tar, not fixed upstream) #364291
-CVE-2007-4772 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
-CVE-2007-4769 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
+CVE-2007-4772 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
+CVE-2007-4769 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
CVE-2007-4575 version (openoffice.org, fixed 2.3.1) [since openoffice.org-2.3.1-9.1.fc9]
CVE-2007-4752 version (openssh, fixed 4.7) #280461
CVE-2007-4619 version (flac, fixed 1.2) #332581
@@ -158,7 +162,7 @@
CVE-2007-3387 version (poppler, fixed 0.5.91) #251512
CVE-2007-3280 ignore (postgresql) bogus CVE assignment
CVE-2007-3279 ignore (postgresql) bogus CVE assignment
-CVE-2007-3278 version (postgresql, 8.2.5)
+CVE-2007-3278 version (postgresql, fixed 8.2.5)
CVE-2007-3145 ignore (galeon) in 2.0.3 the truncation still occurs, but at reasonable length
CVE-2007-2450 VULNERABLE (tomcat5, not fixed 5.5.24) #244812
CVE-2007-2449 VULNERABLE (tomcat5, not fixed 5.5.24) #244812
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.227
retrieving revision 1.228
diff -u -r1.227 -r1.228
--- fc7 8 Jan 2008 13:17:33 -0000 1.227
+++ fc7 8 Jan 2008 13:58:50 -0000 1.228
@@ -10,12 +10,13 @@
GENERIC-MAP-NOMATCH backport (python-cherrypy) [since FEDORA-2008-0333]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198]
-CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427828
+CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427983
+CVE-2008-0003 VULNERABLE (tog-pegasus, fixed 2.7.0) #427828
CVE-2007-6613 fixed (libcdio) #427198 [since FEDORA-2008-0104]
GENERIC-MAP-NOMATCH fixed (wordpress) #426432 [since FEDORA-2008-0126]
CVE-2007-6611 fixed (mantis) #427279 [since FEDORA-2008-0353]
-CVE-2007-6601 VULNERABLE (postgresql, 8.2.6) #427772
-CVE-2007-6600 VULNERABLE (postgresql, 8.2.6) #427772
+CVE-2007-6601 VULNERABLE (postgresql, fixed 8.2.6) #427772
+CVE-2007-6600 VULNERABLE (postgresql, fixed 8.2.6) #427772
CVE-2007-6596 VULNERABLE (clamav) #427288 Might be considered a mail client flaw
CVE-2007-6595 VULNERABLE (clamav) #427288
CVE-2007-6465 version (ganglia, fixed 3.0.6) [since FEDORA-2007-4584]
@@ -24,6 +25,9 @@
CVE-2007-6441 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4690]
CVE-2007-6439 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4690]
CVE-2007-6438 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4690]
+CVE-2007-6422 VULNERABLE (httpd, fixed 2.2.7) #427983
+CVE-2007-6421 VULNERABLE (httpd, fixed 2.2.7) #427983
+CVE-2007-6388 VULNERABLE (httpd, fixed 2.2.7) #427983
CVE-2007-6337 VULNERABLE (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170]
CVE-2007-6336 VULNERABLE (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170]
CVE-2007-6335 VULNERABLE (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170]
@@ -68,7 +72,7 @@
CVE-2007-6111 version (wireshark, fixed 0.99.7) [since FEDORA-2007-4690]
CVE-2007-6110 backport (htdig) [since FEDORA-2007-3907]
CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) [since FEDORA-2007-3666]
-CVE-2007-6067 VULNERABLE (postgresql, 8.2.6) #427772
+CVE-2007-6067 VULNERABLE (postgresql, fixed 8.2.6) #427772
CVE-2007-6061 VULNERABLE (audacity) #393251
CVE-2007-6035 version (cacti, fixed 0.8.7a) #391981 [since FEDORA-2007-3683]
CVE-2007-6015 version (samba, fixed 3.0.28) [since FEDORA-2007-4269]
@@ -115,7 +119,7 @@
CVE-2007-5589 version (phpmyadmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-2738]
CVE-2007-5585 backport (rss-glx) #336331 [since FEDORA-2007-2652]
CVE-2007-5585 backport (tempest) #336331 [since FEDORA-2007-2652]
-CVE-2007-5503 VULNERABLE (cairo, 1.4.12) [since FEDORA-2007-3818]
+CVE-2007-5503 VULNERABLE (cairo, fixed 1.4.12) [since FEDORA-2007-3818]
CVE-2007-5501 version (kernel) [since FEDORA-2007-3751]
CVE-2007-5500 version (kernel) [since FEDORA-2007-3751]
CVE-2007-5497 VULNERABLE (e2fsprogs) #414571 [since FEDORA-2007-4461]
@@ -168,7 +172,7 @@
CVE-2007-5034 version (elinks) #297981 [since FEDORA-2007-2224]
CVE-2007-5007 version (balsa) #297601 [since FEDORA-2007-2302]
GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031
-CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7)
+CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7) #427983
CVE-2007-4999 version (pidgin, fixed 2.2.2) [since FEDORA-2007-2714]
CVE-2007-4996 version (pidgin, fixed 2.2.1) [since FEDORA-2007-2368]
CVE-2007-4995 backport (openssl, fixed 0.9.8f) [since FEDORA-2007-2530]
@@ -187,8 +191,8 @@
CVE-2007-4829 VULNERABLE (perl-Archive-Tar) #315321
CVE-2007-4828 version (mediawiki, fixed 1.11.0, 1.10.2, 1.9.4) #287881 [since FEDORA-2007-2189]
CVE-2007-4826 version (quagga, fixed 0.99.9) [since FEDORA-2007-2196]
-CVE-2007-4772 VULNERABLE (postgresql, 8.2.6) #427772
-CVE-2007-4769 VULNERABLE (postgresql, 8.2.6) #427772
+CVE-2007-4772 VULNERABLE (postgresql, fixed 8.2.6) #427772
+CVE-2007-4769 VULNERABLE (postgresql, fixed 8.2.6) #427772
CVE-2007-4768 VULNERABLE (pcre, fixed 7.3) #378411
CVE-2007-4767 VULNERABLE (pcre, fixed 7.3) #378411
CVE-2007-4766 VULNERABLE (pcre, fixed 7.3) #378411
@@ -347,7 +351,7 @@
CVE-2007-3294 ignore (php-extras) win only
CVE-2007-3280 ignore (postgresql) bogus CVE assignment
CVE-2007-3279 ignore (postgresql) bogus CVE assignment
-CVE-2007-3278 version (postgresql, 8.2.5)
+CVE-2007-3278 version (postgresql, fixed 8.2.5)
CVE-2007-3257 backport (evolution) #244283 [since FEDORA-2007-0464]
CVE-2007-3241 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894]
CVE-2007-3240 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894]
@@ -379,7 +383,7 @@
CVE-2007-2958 version (claws-mail) #254121 [since FEDORA-2007-2009]
CVE-2007-2958 backport (sylpheed) #254123 [since FEDORA-2007-1841]
CVE-2007-2956 backport (qtpfsgui) #251674 [since FEDORA-2007-1581]
-CVE-2007-2949 version (gimp, fixed, 2.2.16) [since FEDORA-2007-0725]
+CVE-2007-2949 version (gimp, fixed 2.2.16) [since FEDORA-2007-0725]
CVE-2007-2926 version (bind, fixed 9.4.1) [since FEDORA-2007-1247]
CVE-2007-2925 version (bind, fixed 9.4.1) [since FEDORA-2007-1247]
CVE-2007-2894 backport (bochs) #241799 [since FEDORA-2007-1778]
16 years, 5 months
fedora-security/audit f8, 1.69, 1.70 f9, 1.62, 1.63 fc7, 1.226, 1.227
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4971/audit
Modified Files:
f8 f9 fc7
Log Message:
note cairo
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.69
retrieving revision 1.70
diff -u -r1.69 -r1.70
--- f8 8 Jan 2008 10:33:18 -0000 1.69
+++ f8 8 Jan 2008 13:17:33 -0000 1.70
@@ -104,6 +104,7 @@
CVE-2007-5624 version (nagios, fixed 2.10) #362801 [since FEDORA-2007-4145]
CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731 [since FEDORA-2007-2876] nagios-plugins-1.4.8-9.fc8
CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-3636]
+CVE-2007-5503 version (cairo, 1.4.12) [since FEDORA-2007-3913]
CVE-2007-5501 version (kernel) [since FEDORA-2007-3837]
CVE-2007-5500 version (kernel) [since FEDORA-2007-3837]
CVE-2007-5497 VULNERABLE (e2fsprogs) #414581 [since FEDORA-2007-4447]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.62
retrieving revision 1.63
diff -u -r1.62 -r1.63
--- f9 8 Jan 2008 10:33:18 -0000 1.62
+++ f9 8 Jan 2008 13:17:33 -0000 1.63
@@ -102,6 +102,7 @@
CVE-2007-5624 version (nagios, fixed 2.10) #362811 [since nagios-2.10-3.fc9]
CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731
CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6
+CVE-2007-5503 version (cairo, 1.4.12) [since cairo-1.5.4-1.fc9]
CVE-2007-5497 backport (e2fsprogs) #414591 [since e2fsprogs-1.40.2-14.fc9]
CVE-2007-5461 VULNERABLE (tomcat5, not fixed 5.5.25) #334531
CVE-2007-5395 version (link-grammar) #372361 [since link-grammar-4.2.5-1.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.226
retrieving revision 1.227
diff -u -r1.226 -r1.227
--- fc7 8 Jan 2008 10:33:18 -0000 1.226
+++ fc7 8 Jan 2008 13:17:33 -0000 1.227
@@ -115,6 +115,7 @@
CVE-2007-5589 version (phpmyadmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-2738]
CVE-2007-5585 backport (rss-glx) #336331 [since FEDORA-2007-2652]
CVE-2007-5585 backport (tempest) #336331 [since FEDORA-2007-2652]
+CVE-2007-5503 VULNERABLE (cairo, 1.4.12) [since FEDORA-2007-3818]
CVE-2007-5501 version (kernel) [since FEDORA-2007-3751]
CVE-2007-5500 version (kernel) [since FEDORA-2007-3751]
CVE-2007-5497 VULNERABLE (e2fsprogs) #414571 [since FEDORA-2007-4461]
16 years, 5 months
fedora-security/audit f8, 1.68, 1.69 f9, 1.61, 1.62 fc7, 1.225, 1.226
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10004/audit
Modified Files:
f8 f9 fc7
Log Message:
some updates
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.68
retrieving revision 1.69
diff -u -r1.68 -r1.69
--- f8 8 Jan 2008 08:26:57 -0000 1.68
+++ f8 8 Jan 2008 10:33:18 -0000 1.69
@@ -36,7 +36,7 @@
CVE-2007-6348 ignore (squirrelmail) trojaned version was not shipped
CVE-2007-6328 ignore (dosbox) design decision
CVE-2007-6321 VULNERABLE (roundcubemail) #423291
-CVE-2007-6318 fixed (wordpress) #426433 [since FEDORA-2008-0103]
+CVE-2007-6318 VULNERABLE (wordpress)
CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built
CVE-2007-6303 backport (mysql, fixed 5.0.52) #424931 [since FEDORA-2007-4465]
CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4163] SA-2007-031
@@ -70,7 +70,7 @@
CVE-2007-6067 VULNERABLE (postgresql, 8.2.6) #427773
CVE-2007-6061 VULNERABLE (audacity) #393251
CVE-2007-6015 version (samba, fixed 3.0.28) [since FEDORA-2007-4275]
-CVE-2007-6013 fixed (wordpress) #426433 [since FEDORA-2008-0103]
+CVE-2007-6013 VULNERABLE (wordpress)
CVE-2007-6035 version (cacti, fixed 0.8.7a) #391991 [since FEDORA-2007-3667]
CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636]
CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636]
@@ -165,7 +165,7 @@
CVE-2007-3919 backport (xen, fixed 3.1.0-13) #361991
CVE-2007-3844 version (firefox, fixed 2.0.0.6)
CVE-2007-3843 version (kernel) #246595 No idea which version fixed this
-CVE-2007-3568 VULNERABLE (imlib)
+CVE-2007-3568 backport (imlib) [since FEDORA-2007-4594]
CVE-2007-3544 fixed (wordpress, NOT fixed 2.2.1) #245211 [since FEDORA-2007-0894] Incomplete fix for CVE-2007-3543
CVE-2007-3387 version (poppler, fixed 0.5.91) #251512
CVE-2007-3386 version (tomcat5) [since FEDORA-2007-3474]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.61
retrieving revision 1.62
diff -u -r1.61 -r1.62
--- f9 8 Jan 2008 08:26:57 -0000 1.61
+++ f9 8 Jan 2008 10:33:18 -0000 1.62
@@ -11,10 +11,10 @@
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9]
CVE-2008-0003 version (tog-pegasus, 2.7.0)
CVE-2007-6631 fixed (libnemesi, not fixed 0.6.4-rc1) #426910 [since libnemesi-0.6.4-0.1.rc2.fc9] This wasn't released yet
-CVE-2007-6630 VULNERABLE (netembryo, not fixed 0.0.4) #427470 There was not release in stable branches yet
-CVE-2007-6613 VULNERABLE (libcdio) #427200
+CVE-2007-6630 version (netembryo, fixed 0.0.5) #427470 There was not release in stable branches yet [since netembryo-0.0.5-1.fc9]
+CVE-2007-6613 version (libcdio) #427200 [since libcdio-0.79-2.fc9]
GENERIC-MAP-NOMATCH VULNERABLE (wordpress) #426434
-CVE-2007-6611 VULNERABLE (mantis) #427280
+CVE-2007-6611 version (mantis) #427280 [since mantis-1.1.0-1.fc9]
CVE-2007-6601 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
CVE-2007-6600 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
CVE-2007-6596 VULNERABLE (clamav) #427289 Might be considered a mail client flaw
@@ -42,7 +42,7 @@
CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built
CVE-2007-6303 backport (mysql, fixed 5.0.52) [since mysql-5.0.45-6.fc9]
CVE-2007-6299 version (drupal, fixed 5.4) [since drupal-5.4-1.fc9] SA-2007-031
-CVE-2007-6285 VULNERABLE (autofs) #426401
+CVE-2007-6285 backport (autofs) #426401 [since autofs-5.0.2-25]
CVE-2007-6283 backport (bind) #423081 [since bind-9.5.0-21.b1.fc9]
CVE-2007-6239 version (squid, fixed 2.6.17) [since squid-2.6.STABLE17-1.fc9]
CVE-2007-6210 backport (zabbix) #407181 [since zabbix-1.4.2-4.fc9]
@@ -52,7 +52,7 @@
CVE-2007-6206 VULNERABLE (kernel) Core dump owner issue
CVE-2007-6203 ignore (httpd) #409831 User can't unput garbage before method name
CVE-2007-6201 version (wesnoth, fixed 1.2.8) [since wesnoth-1.2.8-3.fc9]
-CVE-2007-6183 VULNERABLE (ruby-gnome2) #405611
+CVE-2007-6183 backport (ruby-gnome2) #405611 [since ruby-gnome2-0.16.0-22.fc9]
CVE-2007-6121 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9]
CVE-2007-6120 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9]
CVE-2007-6119 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9]
@@ -121,7 +121,7 @@
CVE-2007-5201 VULNERABLE (duplicity, no upstream fix) #362841
CVE-2007-5200 version (hugin) #362871 [since hugin-0.6.1-11.fc9]
CVE-2007-5198 VULNERABLE (nagios-plugins, fixed 1.4.10) #362901
-CVE-2007-5197 VULNERABLE (mono, fixed 1.2.5.1) #367551
+CVE-2007-5197 version (mono, fixed 1.2.5.1) #367551 [since mono-1.2.5.1-3.fc9]
CVE-2007-5116 backport (perl) #378151 [since perl-5.8.8-31.fc9]
CVE-2007-5079 VULNERABLE (gdm) #363041 Red Hat specific problem
CVE-2007-5037 version (inotify-tools, fixed 3.11) #299771
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.225
retrieving revision 1.226
diff -u -r1.225 -r1.226
--- fc7 8 Jan 2008 08:26:57 -0000 1.225
+++ fc7 8 Jan 2008 10:33:18 -0000 1.226
@@ -37,7 +37,7 @@
CVE-2007-6348 ignore (squirrelmail) trojaned version was not shipped
CVE-2007-6328 ignore (dosbox) design decision
CVE-2007-6321 VULNERABLE (roundcubemail) #423281
-CVE-2007-6318 fixed (wordpress) #426432 [since FEDORA-2008-0126]
+CVE-2007-6318 VULNERABLE (wordpress)
CVE-2007-6304 ignore (mysql, fixed 5.0.52) federated engine not built
CVE-2007-6303 backport (mysql, fixed 5.0.52) #424921 [since FEDORA-2007-4471]
CVE-2007-6299 version (drupal, fixed 5.4) [since FEDORA-2007-4136] SA-2007-031
@@ -72,7 +72,7 @@
CVE-2007-6061 VULNERABLE (audacity) #393251
CVE-2007-6035 version (cacti, fixed 0.8.7a) #391981 [since FEDORA-2007-3683]
CVE-2007-6015 version (samba, fixed 3.0.28) [since FEDORA-2007-4269]
-CVE-2007-6013 fixed (wordpress) #426432 [since FEDORA-2008-0126]
+CVE-2007-6013 VULNERABLE (wordpress)
CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627]
CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627]
CVE-2007-5970 ignore (mysql, fixed 5.1.23) mysql 5.1+ only, affects partitioning
@@ -303,7 +303,7 @@
CVE-2007-3656 version (mozilla) #248518 [since FEDORA-2007-1138]
CVE-2007-3642 version (kernel, fixed 2.6.22.1) [since FEDORA-2007-1130]
CVE-2007-3628 version (php-pear-Structures-DataGrid-DataSource-MDB2, fixed 0.1.10)
-CVE-2007-3568 VULNERABLE (imlib)
+CVE-2007-3568 backport (imlib) [since FEDORA-2007-4561]
CVE-2007-3555 version (moodle) #247528 [since FEDORA-2007-1445]
CVE-2007-3546 ignore (nessus-core) Windows only
CVE-2007-3528 version (dar, fixed 2.3.4) #246760 [since FEDORA-2007-0904]
16 years, 5 months
fedora-security/audit f8, 1.67, 1.68 f9, 1.60, 1.61 fc7, 1.224, 1.225
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13827/audit
Modified Files:
f8 f9 fc7
Log Message:
python-cherrypy
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.67
retrieving revision 1.68
diff -u -r1.67 -r1.68
--- f8 8 Jan 2008 07:17:12 -0000 1.67
+++ f8 8 Jan 2008 08:26:57 -0000 1.68
@@ -7,6 +7,7 @@
# Up to date CVE as of CVE email 20071215
# Up to date F8 as of 20071221
+GENERIC-MAP-NOMATCH backport (python-cherrypy) [since FEDORA-2008-0299]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199]
CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427829
CVE-2007-6613 fixed (libcdio) #427199 [since FEDORA-2008-0136]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -r1.60 -r1.61
--- f9 8 Jan 2008 07:17:12 -0000 1.60
+++ f9 8 Jan 2008 08:26:57 -0000 1.61
@@ -7,6 +7,7 @@
# Up to date CVE as of CVE email 20071211
# Up to date F9 as of 20071029
+GENERIC-MAP-NOMATCH backport (python-cherrypy) [since python-cherrypy-2.2.1-8.fc9]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9]
CVE-2008-0003 version (tog-pegasus, 2.7.0)
CVE-2007-6631 fixed (libnemesi, not fixed 0.6.4-rc1) #426910 [since libnemesi-0.6.4-0.1.rc2.fc9] This wasn't released yet
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.224
retrieving revision 1.225
diff -u -r1.224 -r1.225
--- fc7 8 Jan 2008 07:17:12 -0000 1.224
+++ fc7 8 Jan 2008 08:26:57 -0000 1.225
@@ -8,6 +8,7 @@
# Up to date CVE as of CVE email 200711215
# Up to date FC7 as of 20071221
+GENERIC-MAP-NOMATCH backport (python-cherrypy) [since FEDORA-2008-0333]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198]
CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427828
CVE-2007-6613 fixed (libcdio) #427198 [since FEDORA-2008-0104]
16 years, 5 months
fedora-security/audit f8, 1.66, 1.67 f9, 1.59, 1.60 fc7, 1.223, 1.224
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5127/audit
Modified Files:
f8 f9 fc7
Log Message:
asterisk cve id
postgresql fixed in rawhide
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.66
retrieving revision 1.67
diff -u -r1.66 -r1.67
--- f8 7 Jan 2008 18:33:33 -0000 1.66
+++ f8 8 Jan 2008 07:17:12 -0000 1.67
@@ -7,7 +7,7 @@
# Up to date CVE as of CVE email 20071215
# Up to date F8 as of 20071221
-GENERIC-MAP-NOMATCH VULNERABLE (asterisk, fixed 1.4.17) AST-2008-001 [pending asterisk-1.4.17-1.fc8]
+CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199]
CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427829
CVE-2007-6613 fixed (libcdio) #427199 [since FEDORA-2008-0136]
GENERIC-MAP-NOMATCH fixed (wordpress) #426433 [since FEDORA-2008-0103]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -r1.59 -r1.60
--- f9 7 Jan 2008 18:33:33 -0000 1.59
+++ f9 8 Jan 2008 07:17:12 -0000 1.60
@@ -7,15 +7,15 @@
# Up to date CVE as of CVE email 20071211
# Up to date F9 as of 20071029
-GENERIC-MAP-NOMATCH version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9]
+CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9]
CVE-2008-0003 version (tog-pegasus, 2.7.0)
CVE-2007-6631 fixed (libnemesi, not fixed 0.6.4-rc1) #426910 [since libnemesi-0.6.4-0.1.rc2.fc9] This wasn't released yet
CVE-2007-6630 VULNERABLE (netembryo, not fixed 0.0.4) #427470 There was not release in stable branches yet
CVE-2007-6613 VULNERABLE (libcdio) #427200
GENERIC-MAP-NOMATCH VULNERABLE (wordpress) #426434
CVE-2007-6611 VULNERABLE (mantis) #427280
-CVE-2007-6601 VULNERABLE (postgresql, 8.2.6) #427774
-CVE-2007-6600 VULNERABLE (postgresql, 8.2.6) #427774
+CVE-2007-6601 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
+CVE-2007-6600 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
CVE-2007-6596 VULNERABLE (clamav) #427289 Might be considered a mail client flaw
CVE-2007-6595 VULNERABLE (clamav) #427289
CVE-2007-6465 version (ganglia, fixed 3.0.6) [since ganglia-3.0.6-1.fc9]
@@ -65,7 +65,7 @@
CVE-2007-6111 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9]
CVE-2007-6110 version (htdig) [since htdig-3.2.0b6-13.fc9]
CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2)
-CVE-2007-6067 VULNERABLE (postgresql, 8.2.6) #427774
+CVE-2007-6067 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
CVE-2007-6061 VULNERABLE (audacity) #393251
CVE-2007-6035 version (cacti, fixed 0.8.7a) #392001 [since cacti-0.8.7a-1.fc9]
CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28)
@@ -129,8 +129,8 @@
CVE-2007-4999 version (pidgin, fixed 2.2.2)
CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5)
CVE-2007-4829 VULNERABLE (perl-Archive-Tar, not fixed upstream) #364291
-CVE-2007-4772 VULNERABLE (postgresql, 8.2.6) #427774
-CVE-2007-4769 VULNERABLE (postgresql, 8.2.6) #427774
+CVE-2007-4772 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
+CVE-2007-4769 version (postgresql, 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
CVE-2007-4575 version (openoffice.org, fixed 2.3.1) [since openoffice.org-2.3.1-9.1.fc9]
CVE-2007-4752 version (openssh, fixed 4.7) #280461
CVE-2007-4619 version (flac, fixed 1.2) #332581
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.223
retrieving revision 1.224
diff -u -r1.223 -r1.224
--- fc7 7 Jan 2008 18:33:33 -0000 1.223
+++ fc7 8 Jan 2008 07:17:12 -0000 1.224
@@ -8,7 +8,7 @@
# Up to date CVE as of CVE email 200711215
# Up to date FC7 as of 20071221
-GENERIC-MAP-NOMATCH VULNERABLE (asterisk, fixed 1.4.17) AST-2008-001 [pending asterisk-1.4.17-1.fc7]
+CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198]
CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427828
CVE-2007-6613 fixed (libcdio) #427198 [since FEDORA-2008-0104]
GENERIC-MAP-NOMATCH fixed (wordpress) #426432 [since FEDORA-2008-0126]
16 years, 5 months
fedora-security/audit f8, 1.65, 1.66 f9, 1.58, 1.59 fc7, 1.222, 1.223
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17312/audit
Modified Files:
f8 f9 fc7
Log Message:
tog-pegasus issue
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.65
retrieving revision 1.66
diff -u -r1.65 -r1.66
--- f8 7 Jan 2008 15:34:10 -0000 1.65
+++ f8 7 Jan 2008 18:33:33 -0000 1.66
@@ -8,6 +8,7 @@
# Up to date F8 as of 20071221
GENERIC-MAP-NOMATCH VULNERABLE (asterisk, fixed 1.4.17) AST-2008-001 [pending asterisk-1.4.17-1.fc8]
+CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427829
CVE-2007-6613 fixed (libcdio) #427199 [since FEDORA-2008-0136]
GENERIC-MAP-NOMATCH fixed (wordpress) #426433 [since FEDORA-2008-0103]
CVE-2007-6611 fixed (mantis) #427278 [since FEDORA-2008-0282]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.58
retrieving revision 1.59
diff -u -r1.58 -r1.59
--- f9 7 Jan 2008 15:34:10 -0000 1.58
+++ f9 7 Jan 2008 18:33:33 -0000 1.59
@@ -8,6 +8,7 @@
# Up to date F9 as of 20071029
GENERIC-MAP-NOMATCH version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9]
+CVE-2008-0003 version (tog-pegasus, 2.7.0)
CVE-2007-6631 fixed (libnemesi, not fixed 0.6.4-rc1) #426910 [since libnemesi-0.6.4-0.1.rc2.fc9] This wasn't released yet
CVE-2007-6630 VULNERABLE (netembryo, not fixed 0.0.4) #427470 There was not release in stable branches yet
CVE-2007-6613 VULNERABLE (libcdio) #427200
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.222
retrieving revision 1.223
diff -u -r1.222 -r1.223
--- fc7 7 Jan 2008 15:34:10 -0000 1.222
+++ fc7 7 Jan 2008 18:33:33 -0000 1.223
@@ -9,6 +9,7 @@
# Up to date FC7 as of 20071221
GENERIC-MAP-NOMATCH VULNERABLE (asterisk, fixed 1.4.17) AST-2008-001 [pending asterisk-1.4.17-1.fc7]
+CVE-2008-0003 VULNERABLE (tog-pegasus, 2.7.0) #427828
CVE-2007-6613 fixed (libcdio) #427198 [since FEDORA-2008-0104]
GENERIC-MAP-NOMATCH fixed (wordpress) #426432 [since FEDORA-2008-0126]
CVE-2007-6611 fixed (mantis) #427279 [since FEDORA-2008-0353]
16 years, 5 months