fedora-security/audit f9,1.145,1.146
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17062
Modified Files:
f9
Log Message:
Archive::Tar is now a core module
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.145
retrieving revision 1.146
diff -u -r1.145 -r1.146
--- f9 7 Mar 2008 20:34:58 -0000 1.145
+++ f9 11 Mar 2008 19:35:16 -0000 1.146
@@ -281,7 +281,7 @@
CVE-2007-5000 version (httpd, fixed 2.2.8) #427984 [since httpd-2.2.8-2]
CVE-2007-4999 version (pidgin, fixed 2.2.2)
CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5)
-CVE-2007-4829 VULNERABLE (perl-Archive-Tar, not fixed upstream) #364291
+CVE-2007-4829 VULNERABLE (perl, not fixed upstream) #364291
CVE-2007-4772 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
CVE-2007-4771 backport (icu) [since icu-3.8.1-3.fc9]
CVE-2007-4770 backport (icu) [since icu-3.8.1-3.fc9]
16 years, 2 months
fedora-security/audit f8, 1.154, 1.155 f9, 1.144, 1.145 fc7, 1.310, 1.311
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5190
Modified Files:
f8 f9 fc7
Log Message:
roundup
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.154
retrieving revision 1.155
diff -u -r1.154 -r1.155
--- f8 7 Mar 2008 18:46:47 -0000 1.154
+++ f8 7 Mar 2008 20:34:58 -0000 1.155
@@ -11,6 +11,7 @@
GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963]
GENERIC-MAP-NOMATCH VULNERABLE (viewvc) #435349
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+GENERIC-MAP-NOMATCH VULNERABLE (roundup) #436547
CVE-2008-1184 version (dnssec-tools, fixed 1.3.2) [since FEDORA-2008-1771]
CVE-2008-1161 version (xine-lib, fixed 1.1.10.1) [since FEDORA-2008-1543]
CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since FEDORA-2008-2189]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.144
retrieving revision 1.145
diff -u -r1.144 -r1.145
--- f9 7 Mar 2008 18:46:47 -0000 1.144
+++ f9 7 Mar 2008 20:34:58 -0000 1.145
@@ -11,6 +11,7 @@
GENERIC-MAP-NOMATCH VULNERABLE (wyrd) #433722
GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9]
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+GENERIC-MAP-NOMATCH VULNERABLE (roundup) #436549
CVE-2008-1142 ignore (rxvt) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296
CVE-2008-1184 version (dnssec-tools, fixed 1.3.2) [since dnssec-tools-1.3.2-1.fc9]
CVE-2008-1161 version (xine-lib, fixed 1.1.10.1) [since xine-lib-1.1.10.1-1.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.310
retrieving revision 1.311
diff -u -r1.310 -r1.311
--- fc7 7 Mar 2008 18:46:47 -0000 1.310
+++ fc7 7 Mar 2008 20:34:58 -0000 1.311
@@ -12,6 +12,7 @@
GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986]
GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159]
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+GENERIC-MAP-NOMATCH VULNERABLE (roundup) #436548
CVE-2008-1184 version (dnssec-tools, fixed 1.3.2) [since FEDORA-2008-1758]
CVE-2008-1161 version (xine-lib, fixed 1.1.10.1) [since FEDORA-2008-1581]
CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since FEDORA-2008-2229]
16 years, 2 months
fedora-security/audit f8, 1.153, 1.154 f9, 1.143, 1.144 fc7, 1.309, 1.310
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv18953/audit
Modified Files:
f8 f9 fc7
Log Message:
note ruby, xine-lib, rxvt CVE id
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.153
retrieving revision 1.154
diff -u -r1.153 -r1.154
--- f8 6 Mar 2008 09:25:45 -0000 1.153
+++ f8 7 Mar 2008 18:46:47 -0000 1.154
@@ -12,7 +12,9 @@
GENERIC-MAP-NOMATCH VULNERABLE (viewvc) #435349
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
CVE-2008-1184 version (dnssec-tools, fixed 1.3.2) [since FEDORA-2008-1771]
+CVE-2008-1161 version (xine-lib, fixed 1.1.10.1) [since FEDORA-2008-1543]
CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since FEDORA-2008-2189]
+CVE-2008-1145 VULNERABLE (ruby, fixed 1.8.6-p114) minimal impact, will be fixed in future update
CVE-2008-1133 ignore (drupal) #435816 drupal 6.x only
CVE-2008-1131 ignore (drupal) #435816 drupal 6.x only
CVE-2008-1111 VULNERABLE (lighttpd) #435807
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.143
retrieving revision 1.144
diff -u -r1.143 -r1.144
--- f9 6 Mar 2008 09:25:45 -0000 1.143
+++ f9 7 Mar 2008 18:46:47 -0000 1.144
@@ -11,9 +11,11 @@
GENERIC-MAP-NOMATCH VULNERABLE (wyrd) #433722
GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9]
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
-GENERIC-MAP-NOMATCH ignore (rxvt) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296
+CVE-2008-1142 ignore (rxvt) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296
CVE-2008-1184 version (dnssec-tools, fixed 1.3.2) [since dnssec-tools-1.3.2-1.fc9]
+CVE-2008-1161 version (xine-lib, fixed 1.1.10.1) [since xine-lib-1.1.10.1-1.fc9]
CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since phpMyAdmin-2.11.5-1.fc9]
+CVE-2008-1145 VULNERABLE (ruby, fixed 1.8.6-p114) minimal impact, will be fixed in future update
CVE-2008-1133 version (drupal, fixed 6.1) #435817 [since drupal-6.1-1.fc9]
CVE-2008-1131 version (drupal, fixed 6.1) #435817 [since drupal-6.1-1.fc9]
CVE-2008-1111 backport (lighttpd) #435809 [since lighttpd-1.4.18-6.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.309
retrieving revision 1.310
diff -u -r1.309 -r1.310
--- fc7 6 Mar 2008 09:25:45 -0000 1.309
+++ fc7 7 Mar 2008 18:46:47 -0000 1.310
@@ -13,7 +13,9 @@
GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159]
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
CVE-2008-1184 version (dnssec-tools, fixed 1.3.2) [since FEDORA-2008-1758]
+CVE-2008-1161 version (xine-lib, fixed 1.1.10.1) [since FEDORA-2008-1581]
CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since FEDORA-2008-2229]
+CVE-2008-1145 VULNERABLE (ruby, fixed 1.8.6-p114) minimal impact, will be fixed in future update
CVE-2008-1133 ignore (drupal) #435815 drupal 6.x only
CVE-2008-1131 ignore (drupal) #435815 drupal 6.x only
CVE-2008-1111 VULNERABLE (lighttpd) #435808
16 years, 2 months
fedora-security/audit f8, 1.152, 1.153 f9, 1.142, 1.143 fc7, 1.308, 1.309
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19921/audit
Modified Files:
f8 f9 fc7
Log Message:
note already fixed dnssec-tools
note some updates
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.152
retrieving revision 1.153
diff -u -r1.152 -r1.153
--- f8 5 Mar 2008 16:45:03 -0000 1.152
+++ f8 6 Mar 2008 09:25:45 -0000 1.153
@@ -11,7 +11,8 @@
GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963]
GENERIC-MAP-NOMATCH VULNERABLE (viewvc) #435349
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
-CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since ]
+CVE-2008-1184 version (dnssec-tools, fixed 1.3.2) [since FEDORA-2008-1771]
+CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since FEDORA-2008-2189]
CVE-2008-1133 ignore (drupal) #435816 drupal 6.x only
CVE-2008-1131 ignore (drupal) #435816 drupal 6.x only
CVE-2008-1111 VULNERABLE (lighttpd) #435807
@@ -19,7 +20,7 @@
CVE-2008-1072 VULNERABLE (wireshark) #435485
CVE-2008-1071 VULNERABLE (wireshark) #435485
CVE-2008-1070 VULNERABLE (wireshark) #435485
-CVE-2008-1066 version (php-Smarty) #435811 [since ]
+CVE-2008-1066 version (php-Smarty) #435811 [since FEDORA-2008-1911]
CVE-2008-0983 VULNERABLE (lighttpd) #435807
CVE-2008-0932 fixed (sword) #433724 [since FEDORA-2008-1922] why? diatheke.pl is not shipped...
CVE-2008-0928 fixed (qemu) #433561 [since FEDORA-2008-2001]
@@ -44,7 +45,7 @@
CVE-2008-0646 fixed (rb_libtorrent) [since FEDORA-2008-1198]
CVE-2008-0597 version (cups) only old CUPS versions affected
CVE-2008-0596 version (cups) only old CUPS versions affected
-CVE-2008-0595 VULNERABLE (dbus, fixed 1.1.20)
+CVE-2008-0595 backport (dbus, fixed 1.1.20) [since FEDORA-2008-2070]
CVE-2008-0594 fixed (firefox, fixed 2.0.0.12) #432043 [since FEDORA-2008-1535]
CVE-2008-0593 fixed (firefox, fixed 2.0.0.12) #432043 [since FEDORA-2008-1535]
CVE-2008-0593 fixed (seamonkey, fixed 1.1.8) #432046 [since FEDORA-2008-1459]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.142
retrieving revision 1.143
diff -u -r1.142 -r1.143
--- f9 6 Mar 2008 07:47:08 -0000 1.142
+++ f9 6 Mar 2008 09:25:45 -0000 1.143
@@ -12,6 +12,7 @@
GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9]
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
GENERIC-MAP-NOMATCH ignore (rxvt) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296
+CVE-2008-1184 version (dnssec-tools, fixed 1.3.2) [since dnssec-tools-1.3.2-1.fc9]
CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since phpMyAdmin-2.11.5-1.fc9]
CVE-2008-1133 version (drupal, fixed 6.1) #435817 [since drupal-6.1-1.fc9]
CVE-2008-1131 version (drupal, fixed 6.1) #435817 [since drupal-6.1-1.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.308
retrieving revision 1.309
diff -u -r1.308 -r1.309
--- fc7 5 Mar 2008 16:45:03 -0000 1.308
+++ fc7 6 Mar 2008 09:25:45 -0000 1.309
@@ -12,7 +12,8 @@
GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986]
GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159]
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
-CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since ]
+CVE-2008-1184 version (dnssec-tools, fixed 1.3.2) [since FEDORA-2008-1758]
+CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since FEDORA-2008-2229]
CVE-2008-1133 ignore (drupal) #435815 drupal 6.x only
CVE-2008-1131 ignore (drupal) #435815 drupal 6.x only
CVE-2008-1111 VULNERABLE (lighttpd) #435808
@@ -20,7 +21,7 @@
CVE-2008-1072 VULNERABLE (wireshark) #435487
CVE-2008-1071 VULNERABLE (wireshark) #435487
CVE-2008-1070 VULNERABLE (wireshark) #435487
-CVE-2008-1066 version (php-Smarty, fixed 2.6.19) #435812 [since ]
+CVE-2008-1066 version (php-Smarty, fixed 2.6.19) #435812 [since FEDORA-2008-1928]
CVE-2008-0983 VULNERABLE (lighttpd) #435808
CVE-2008-0932 fixed (sword) #433725 [since FEDORA-2008-1951] why? diatheke.pl is not shipped...
CVE-2008-0928 fixed (qemu) #433562 [since FEDORA-2008-1995]
@@ -44,7 +45,7 @@
CVE-2008-0646 fixed (rb_libtorrent) [since FEDORA-2008-1245]
CVE-2008-0597 version (cups) only old CUPS versions affected
CVE-2008-0596 version (cups) only old CUPS versions affected
-CVE-2008-0595 VULNERABLE (dbus, fixed 1.1.20)
+CVE-2008-0595 backport (dbus, fixed 1.1.20) [since FEDORA-2008-2043]
CVE-2008-0594 fixed (firefox, fixed 2.0.0.12) #432042 [since FEDORA-2008-1435]
CVE-2008-0593 fixed (firefox, fixed 2.0.0.12) #432042 [since FEDORA-2008-1435]
CVE-2008-0593 fixed (seamonkey, fixed 1.1.8) #432045 [since FEDORA-2008-1669]
@@ -117,7 +118,7 @@
CVE-2008-0005 fixed (httpd, fixed 2.2.8) #427983 [since FEDORA-2008-1695]
CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427828 [since FEDORA-2008-0506]
CVE-2008-0002 fixed (tomcat5) #432475 [since FEDORA-2008-1603]
-CVE-2007-6703 VULNERABLE (vdccm) #436026
+CVE-2007-6703 VULNERABLE (vdccm) #436026 [since FEDORA-2008-0680]
CVE-2007-6698 fixed (openldap, fixed 2.3.36) #431409 [since FEDORA-2008-1307]
CVE-2007-6697 fixed (SDL_image, fixed 1.2.7) #430239 [since FEDORA-2008-1231]
CVE-2007-6693 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4777]
@@ -311,7 +312,7 @@
CVE-2007-5037 version (inotify-tools) #299771 [since FEDORA-2007-3074]
CVE-2007-5034 version (elinks) #297981 [since FEDORA-2007-2224]
CVE-2007-5007 version (balsa) #297601 [since FEDORA-2007-2302]
-GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031
+GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031
CVE-2007-5000 fixed (httpd, fixed 2.2.8) #427983 [since FEDORA-2008-1695]
CVE-2007-4999 version (pidgin, fixed 2.2.2) [since FEDORA-2007-2714]
CVE-2007-4996 version (pidgin, fixed 2.2.1) [since FEDORA-2007-2368]
16 years, 2 months
fedora-security/audit f9,1.141,1.142
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4309
Modified Files:
f9
Log Message:
rxvt
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.141
retrieving revision 1.142
diff -u -r1.141 -r1.142
--- f9 5 Mar 2008 16:45:03 -0000 1.141
+++ f9 6 Mar 2008 07:47:08 -0000 1.142
@@ -11,6 +11,7 @@
GENERIC-MAP-NOMATCH VULNERABLE (wyrd) #433722
GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9]
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+GENERIC-MAP-NOMATCH ignore (rxvt) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469296
CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since phpMyAdmin-2.11.5-1.fc9]
CVE-2008-1133 version (drupal, fixed 6.1) #435817 [since drupal-6.1-1.fc9]
CVE-2008-1131 version (drupal, fixed 6.1) #435817 [since drupal-6.1-1.fc9]
16 years, 2 months
fedora-security/audit f8, 1.151, 1.152 f9, 1.140, 1.141 fc7, 1.307, 1.308
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19518/audit
Modified Files:
f8 f9 fc7
Log Message:
cleanups, note some new issues
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.151
retrieving revision 1.152
diff -u -r1.151 -r1.152
--- f8 5 Mar 2008 10:03:53 -0000 1.151
+++ f8 5 Mar 2008 16:45:03 -0000 1.152
@@ -10,14 +10,16 @@
GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963]
GENERIC-MAP-NOMATCH VULNERABLE (viewvc) #435349
-GENERIC-MAP-NOMATCH VULNERABLE (php-Smarty) #435811
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since ]
+CVE-2008-1133 ignore (drupal) #435816 drupal 6.x only
CVE-2008-1131 ignore (drupal) #435816 drupal 6.x only
CVE-2008-1111 VULNERABLE (lighttpd) #435807
CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since FEDORA-2008-1043]
CVE-2008-1072 VULNERABLE (wireshark) #435485
CVE-2008-1071 VULNERABLE (wireshark) #435485
CVE-2008-1070 VULNERABLE (wireshark) #435485
+CVE-2008-1066 version (php-Smarty) #435811 [since ]
CVE-2008-0983 VULNERABLE (lighttpd) #435807
CVE-2008-0932 fixed (sword) #433724 [since FEDORA-2008-1922] why? diatheke.pl is not shipped...
CVE-2008-0928 fixed (qemu) #433561 [since FEDORA-2008-2001]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.140
retrieving revision 1.141
diff -u -r1.140 -r1.141
--- f9 5 Mar 2008 10:03:53 -0000 1.140
+++ f9 5 Mar 2008 16:45:03 -0000 1.141
@@ -10,16 +10,17 @@
GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
GENERIC-MAP-NOMATCH VULNERABLE (wyrd) #433722
GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9]
-GENERIC-MAP-NOMATCH VULNERABLE (php-Smarty) #435813
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
-CVE-2008-1133 version (drupal) #435817 [since drupal-6.1-1.fc9]
-CVE-2008-1131 version (drupal) #435817 [since drupal-6.1-1.fc9]
-CVE-2008-1111 VULNERABLE (lighttpd) #435809
+CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since phpMyAdmin-2.11.5-1.fc9]
+CVE-2008-1133 version (drupal, fixed 6.1) #435817 [since drupal-6.1-1.fc9]
+CVE-2008-1131 version (drupal, fixed 6.1) #435817 [since drupal-6.1-1.fc9]
+CVE-2008-1111 backport (lighttpd) #435809 [since lighttpd-1.4.18-6.fc9]
CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since xine-lib-1.1.10-2.fc9]
CVE-2008-1072 VULNERABLE (wireshark) #435488
CVE-2008-1071 VULNERABLE (wireshark) #435488
CVE-2008-1070 VULNERABLE (wireshark) #435488
-CVE-2008-0983 VULNERABLE (lighttpd) #435809
+CVE-2008-1066 version (php-Smarty) #435813 [since php-Smarty-2.6.19-1.fc9]
+CVE-2008-0983 backport (lighttpd) #435809 [since lighttpd-1.4.18-6.fc9]
CVE-2008-0932 backport (sword) #433726 [since sword-1.5.10-3.fc9] why? diatheke.pl is not shipped...
CVE-2008-0928 backport (qemu) #433563 [since qemu-0.9.1-3.fc9]
CVE-2008-0928 backport (kvm) #433566 [since kvm-61-2.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.307
retrieving revision 1.308
diff -u -r1.307 -r1.308
--- fc7 5 Mar 2008 10:03:53 -0000 1.307
+++ fc7 5 Mar 2008 16:45:03 -0000 1.308
@@ -11,14 +11,16 @@
GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986]
GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159]
-GENERIC-MAP-NOMATCH VULNERABLE (php-Smarty) #435812
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+CVE-2008-1149 version (phpMyAdmin, fixed 2.11.5) [since ]
+CVE-2008-1133 ignore (drupal) #435815 drupal 6.x only
CVE-2008-1131 ignore (drupal) #435815 drupal 6.x only
CVE-2008-1111 VULNERABLE (lighttpd) #435808
CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since FEDORA-2008-1047]
CVE-2008-1072 VULNERABLE (wireshark) #435487
CVE-2008-1071 VULNERABLE (wireshark) #435487
CVE-2008-1070 VULNERABLE (wireshark) #435487
+CVE-2008-1066 version (php-Smarty, fixed 2.6.19) #435812 [since ]
CVE-2008-0983 VULNERABLE (lighttpd) #435808
CVE-2008-0932 fixed (sword) #433725 [since FEDORA-2008-1951] why? diatheke.pl is not shipped...
CVE-2008-0928 fixed (qemu) #433562 [since FEDORA-2008-1995]
16 years, 2 months
fedora-security/audit f8, 1.150, 1.151 f9, 1.139, 1.140 fc7, 1.306, 1.307
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28722/audit
Modified Files:
f8 f9 fc7
Log Message:
add evolution
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.150
retrieving revision 1.151
diff -u -r1.150 -r1.151
--- f8 5 Mar 2008 07:29:17 -0000 1.150
+++ f8 5 Mar 2008 10:03:53 -0000 1.151
@@ -109,6 +109,7 @@
CVE-2008-0123 fixed (moodle) #428731 [since FEDORA-2008-0610]
CVE-2008-0122 fixed (bind) #429149 [since FEDORA-2008-0904]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199]
+CVE-2008-0072 VULNERABLE (evolution) #436081
CVE-2008-0008 fixed (pulseaudio) #425481 [since FEDORA-2008-0994]
CVE-2008-0006 fixed (libXfont) #429132 [since FEDORA-2008-0794]
CVE-2008-0005 fixed (httpd, fixed 2.2.8) #427982 [since FEDORA-2008-1711]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.139
retrieving revision 1.140
diff -u -r1.139 -r1.140
--- f9 5 Mar 2008 07:29:17 -0000 1.139
+++ f9 5 Mar 2008 10:03:53 -0000 1.140
@@ -108,6 +108,7 @@
CVE-2008-0123 fixed (moodle) #428731 [since moodle-1.8.4-1.fc9]
CVE-2008-0122 backport (bind) #429534 [since bind-9.5.0-24.b1.fc9]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9]
+CVE-2008-0072 VULNERABLE (evolution) #436082
CVE-2008-0008 backport (pulseaudio) #425481 [since pulseaudio-0.9.8-5.fc9]
CVE-2008-0006 backport (libXfont) #429133 [since libXfont-1.3.1-3.fc9]
CVE-2008-0005 version (httpd, fixed 2.2.8) #427984 [since httpd-2.2.8-2]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.306
retrieving revision 1.307
diff -u -r1.306 -r1.307
--- fc7 5 Mar 2008 07:29:17 -0000 1.306
+++ fc7 5 Mar 2008 10:03:53 -0000 1.307
@@ -109,6 +109,7 @@
CVE-2008-0123 fixed (moodle) #428731 [since FEDORA-2008-0610]
CVE-2008-0122 fixed (bind) #429149 [since FEDORA-2008-0904]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198]
+CVE-2008-0072 VULNERABLE (evolution) #436080
CVE-2008-0008 fixed (pulseaudio) #425481 [since FEDORA-2008-0994]
CVE-2008-0006 fixed (libXfont) #429131 [since FEDORA-2008-0891]
CVE-2008-0005 fixed (httpd, fixed 2.2.8) #427983 [since FEDORA-2008-1695]
16 years, 2 months
fedora-security/audit f8, 1.149, 1.150 f9, 1.138, 1.139 fc7, 1.305, 1.306
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4447
Modified Files:
f8 f9 fc7
Log Message:
drupal,vdccm
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.149
retrieving revision 1.150
diff -u -r1.149 -r1.150
--- f8 4 Mar 2008 14:05:43 -0000 1.149
+++ f8 5 Mar 2008 07:29:17 -0000 1.150
@@ -114,6 +114,7 @@
CVE-2008-0005 fixed (httpd, fixed 2.2.8) #427982 [since FEDORA-2008-1711]
CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427829 [since FEDORA-2008-0572]
CVE-2008-0002 fixed (tomcat5) #432474 [since FEDORA-2008-1467]
+CVE-2007-6703 VULNERABLE (vdccm) #436025
CVE-2007-6698 version (openldap, fixed 2.3.36)
CVE-2007-6697 fixed (SDL_image, fixed 1.2.7) #430241 [since FEDORA-2008-1208]
CVE-2007-6693 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4778]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.138
retrieving revision 1.139
diff -u -r1.138 -r1.139
--- f9 4 Mar 2008 14:05:43 -0000 1.138
+++ f9 5 Mar 2008 07:29:17 -0000 1.139
@@ -12,6 +12,7 @@
GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9]
GENERIC-MAP-NOMATCH VULNERABLE (php-Smarty) #435813
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+CVE-2008-1133 version (drupal) #435817 [since drupal-6.1-1.fc9]
CVE-2008-1131 version (drupal) #435817 [since drupal-6.1-1.fc9]
CVE-2008-1111 VULNERABLE (lighttpd) #435809
CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since xine-lib-1.1.10-2.fc9]
@@ -112,6 +113,7 @@
CVE-2008-0005 version (httpd, fixed 2.2.8) #427984 [since httpd-2.2.8-2]
CVE-2008-0003 version (tog-pegasus, fixed 2.7.0)
CVE-2008-0002 VULNERABLE (tomcat5) #432476
+CVE-2007-6703 VULNERABLE (vdccm) #436027
CVE-2007-6698 version (openldap, fixed 2.3.36)
CVE-2007-6697 backport (SDL_image, fixed 1.2.7) #430238 [since SDL_image-1.2.6-4.fc9]
CVE-2007-6693 version (gallery2, fixed 2.2.4) [since gallery2-2.2.4-1]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.305
retrieving revision 1.306
diff -u -r1.305 -r1.306
--- fc7 4 Mar 2008 14:05:43 -0000 1.305
+++ fc7 5 Mar 2008 07:29:17 -0000 1.306
@@ -114,6 +114,7 @@
CVE-2008-0005 fixed (httpd, fixed 2.2.8) #427983 [since FEDORA-2008-1695]
CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427828 [since FEDORA-2008-0506]
CVE-2008-0002 fixed (tomcat5) #432475 [since FEDORA-2008-1603]
+CVE-2007-6703 VULNERABLE (vdccm) #436026
CVE-2007-6698 fixed (openldap, fixed 2.3.36) #431409 [since FEDORA-2008-1307]
CVE-2007-6697 fixed (SDL_image, fixed 1.2.7) #430239 [since FEDORA-2008-1231]
CVE-2007-6693 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4777]
16 years, 2 months
fedora-security/audit f8, 1.148, 1.149 f9, 1.137, 1.138 fc7, 1.304, 1.305
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10724/audit
Modified Files:
f8 f9 fc7
Log Message:
node drupal cve id
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.148
retrieving revision 1.149
diff -u -r1.148 -r1.149
--- f8 4 Mar 2008 09:48:15 -0000 1.148
+++ f8 4 Mar 2008 14:05:43 -0000 1.149
@@ -11,8 +11,8 @@
GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963]
GENERIC-MAP-NOMATCH VULNERABLE (viewvc) #435349
GENERIC-MAP-NOMATCH VULNERABLE (php-Smarty) #435811
-GENERIC-MAP-NOMATCH VULNERABLE (drupal) #435815
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+CVE-2008-1131 ignore (drupal) #435816 drupal 6.x only
CVE-2008-1111 VULNERABLE (lighttpd) #435807
CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since FEDORA-2008-1043]
CVE-2008-1072 VULNERABLE (wireshark) #435485
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.137
retrieving revision 1.138
diff -u -r1.137 -r1.138
--- f9 4 Mar 2008 09:48:15 -0000 1.137
+++ f9 4 Mar 2008 14:05:43 -0000 1.138
@@ -11,8 +11,8 @@
GENERIC-MAP-NOMATCH VULNERABLE (wyrd) #433722
GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9]
GENERIC-MAP-NOMATCH VULNERABLE (php-Smarty) #435813
-GENERIC-MAP-NOMATCH VULNERABLE (drupal) #435817
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+CVE-2008-1131 version (drupal) #435817 [since drupal-6.1-1.fc9]
CVE-2008-1111 VULNERABLE (lighttpd) #435809
CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since xine-lib-1.1.10-2.fc9]
CVE-2008-1072 VULNERABLE (wireshark) #435488
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.304
retrieving revision 1.305
diff -u -r1.304 -r1.305
--- fc7 4 Mar 2008 09:48:15 -0000 1.304
+++ fc7 4 Mar 2008 14:05:43 -0000 1.305
@@ -12,8 +12,8 @@
GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986]
GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159]
GENERIC-MAP-NOMATCH VULNERABLE (php-Smarty) #435812
-GENERIC-MAP-NOMATCH VULNERABLE (drupal) #435816
GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+CVE-2008-1131 ignore (drupal) #435815 drupal 6.x only
CVE-2008-1111 VULNERABLE (lighttpd) #435808
CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since FEDORA-2008-1047]
CVE-2008-1072 VULNERABLE (wireshark) #435487
16 years, 2 months
fedora-security/audit f8, 1.147, 1.148 f9, 1.136, 1.137 fc7, 1.303, 1.304
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25417
Modified Files:
f8 f9 fc7
Log Message:
smarty, drupal, mediawiki, lighttpd
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.147
retrieving revision 1.148
diff -u -r1.147 -r1.148
--- f8 3 Mar 2008 09:57:27 -0000 1.147
+++ f8 4 Mar 2008 09:48:15 -0000 1.148
@@ -10,11 +10,15 @@
GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963]
GENERIC-MAP-NOMATCH VULNERABLE (viewvc) #435349
+GENERIC-MAP-NOMATCH VULNERABLE (php-Smarty) #435811
+GENERIC-MAP-NOMATCH VULNERABLE (drupal) #435815
+GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+CVE-2008-1111 VULNERABLE (lighttpd) #435807
CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since FEDORA-2008-1043]
CVE-2008-1072 VULNERABLE (wireshark) #435485
CVE-2008-1071 VULNERABLE (wireshark) #435485
CVE-2008-1070 VULNERABLE (wireshark) #435485
-**CVE-2008-0983 VULNERABLE (lighttpd)
+CVE-2008-0983 VULNERABLE (lighttpd) #435807
CVE-2008-0932 fixed (sword) #433724 [since FEDORA-2008-1922] why? diatheke.pl is not shipped...
CVE-2008-0928 fixed (qemu) #433561 [since FEDORA-2008-2001]
CVE-2008-0928 fixed (kvm) #433564 [since FEDORA-2008-1973]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.136
retrieving revision 1.137
diff -u -r1.136 -r1.137
--- f9 3 Mar 2008 09:57:27 -0000 1.136
+++ f9 4 Mar 2008 09:48:15 -0000 1.137
@@ -10,11 +10,15 @@
GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
GENERIC-MAP-NOMATCH VULNERABLE (wyrd) #433722
GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9]
+GENERIC-MAP-NOMATCH VULNERABLE (php-Smarty) #435813
+GENERIC-MAP-NOMATCH VULNERABLE (drupal) #435817
+GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+CVE-2008-1111 VULNERABLE (lighttpd) #435809
CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since xine-lib-1.1.10-2.fc9]
CVE-2008-1072 VULNERABLE (wireshark) #435488
CVE-2008-1071 VULNERABLE (wireshark) #435488
CVE-2008-1070 VULNERABLE (wireshark) #435488
-**CVE-2008-0983 VULNERABLE (lighttpd)
+CVE-2008-0983 VULNERABLE (lighttpd) #435809
CVE-2008-0932 backport (sword) #433726 [since sword-1.5.10-3.fc9] why? diatheke.pl is not shipped...
CVE-2008-0928 backport (qemu) #433563 [since qemu-0.9.1-3.fc9]
CVE-2008-0928 backport (kvm) #433566 [since kvm-61-2.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.303
retrieving revision 1.304
diff -u -r1.303 -r1.304
--- fc7 3 Mar 2008 09:57:27 -0000 1.303
+++ fc7 4 Mar 2008 09:48:15 -0000 1.304
@@ -11,11 +11,15 @@
GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986]
GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159]
+GENERIC-MAP-NOMATCH VULNERABLE (php-Smarty) #435812
+GENERIC-MAP-NOMATCH VULNERABLE (drupal) #435816
+GENERIC-MAP-NOMATCH ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
+CVE-2008-1111 VULNERABLE (lighttpd) #435808
CVE-2008-1110 version (xine-lib, fixed 1.1.10) [since FEDORA-2008-1047]
CVE-2008-1072 VULNERABLE (wireshark) #435487
CVE-2008-1071 VULNERABLE (wireshark) #435487
CVE-2008-1070 VULNERABLE (wireshark) #435487
-**CVE-2008-0983 VULNERABLE (lighttpd)
+CVE-2008-0983 VULNERABLE (lighttpd) #435808
CVE-2008-0932 fixed (sword) #433725 [since FEDORA-2008-1951] why? diatheke.pl is not shipped...
CVE-2008-0928 fixed (qemu) #433562 [since FEDORA-2008-1995]
CVE-2008-0928 fixed (kvm) #433565 [since FEDORA-2008-1993]
16 years, 2 months