[Bug 229265] CVE-2006-5276 Vulnerability in Snort DCE/RPC Preprocessor
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: CVE-2006-5276 Vulnerability in Snort DCE/RPC Preprocessor
https://bugzilla.redhat.com/show_bug.cgi?id=229265
bugzilla(a)redhat.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|normal |medium
Product|Fedora Extras |Fedora
------- Additional Comments From updates(a)fedoraproject.org 2007-09-07 13:20 EST -------
snort-2.7.0.1-3.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
16 years, 7 months
[Bug 235013] New: CVE-2007-1804: pulseaudio 0.9.5 DoS
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235013
Summary: CVE-2007-1804: pulseaudio 0.9.5 DoS
Product: Fedora Extras
Version: fc6
Platform: All
OS/Version: Linux
Status: NEW
Severity: medium
Priority: medium
Component: pulseaudio
AssignedTo: drzeus-bugzilla(a)drzeus.cx
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: fedora-security-list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1804
"PulseAudio 0.9.5 allows remote attackers to cause a denial of service (daemon
crash) via (1) a PA_PSTREAM_DESCRIPTOR_LENGTH value of FRAME_SIZE_MAX_ALLOW sent
on TCP port 9875, which triggers a p->export assertion failure in do_read; (2) a
PA_PSTREAM_DESCRIPTOR_LENGTH value of 0 sent on TCP port 9875, which triggers a
length assertion failure in pa_memblock_new; or (3) an empty packet on UDP port
9875, which triggers a t assertion failure in pa_sdp_parse; and allows remote
authenticated users to cause a denial of service (daemon crash) via a crafted
packet on TCP port 9875 that (4) triggers a maxlength assertion failure in
pa_memblockq_new, (5) triggers a size assertion failure in pa_xmalloc, or (6)
plays a certain sound file."
FC5, FC6, devel have 0.9.5 at the moment.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
16 years, 7 months
fedora-security/audit fc6,1.252,1.253 fc7,1.93,1.94
by fedora-extras-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28608/audit
Modified Files:
fc6 fc7
Log Message:
PHP wireshark kerberos
Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.252
retrieving revision 1.253
diff -u -r1.252 -r1.253
--- fc6 5 Sep 2007 08:30:51 -0000 1.252
+++ fc6 7 Sep 2007 08:42:54 -0000 1.253
@@ -4,9 +4,18 @@
# *CVE are items that need verification for Fedora Core 6
# (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
-# Up to date CVE as of CVE email 20070823
+# Up to date CVE as of CVE email 20070907
# Up to date FC6 as of 20070905
+CVE-2007-4743 VULNERABLE (krb5) incomplete CVE-2007-3999 fix
+CVE-2007-4721 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
+CVE-2007-4663 ignore (php, fixed 5.2.4) #277991 safe_mode
+CVE-2007-4662 ignore (php, fixed 5.2.4) #278101 triggerable only by modification to openssl.conf
+CVE-2007-4661 ignore (php, fixed 5.2.4) 5.2.3, incomplete CVE-2007-2872 fix
+CVE-2007-4660 VULNERABLE (php, fixed 5.2.4)
+CVE-2007-4659 ignore (php, fixed 5.2.4) #276531 (FC7/php-5.2 only)
+CVE-2007-4658 VULNERABLE (php, fixed 5.2.4) #278011
+CVE-2007-4657 VULNERABLE (php, fixed 5.2.4)
CVE-2007-4565 backport (fetchmail) #260881 [since FEDORA-2007-689]
CVE-2007-4357 ignore (firefox) status bar can be overwrittten
CVE-2007-4255 ignore (php) msql extension not shipped
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.93
retrieving revision 1.94
diff -u -r1.93 -r1.94
--- fc7 5 Sep 2007 08:30:51 -0000 1.93
+++ fc7 7 Sep 2007 08:42:54 -0000 1.94
@@ -5,9 +5,18 @@
# (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
# A couple of first F7 updates were marked as FEDORA-2007-0001
-# Up to date CVE as of CVE email 20070829
+# Up to date CVE as of CVE email 20070907
# Up to date FC7 as of 20070905
+CVE-2007-4743 VULNERABLE (krb5) incomplete CVE-2007-3999 fix
+CVE-2007-4721 version (wireshark, fixed 0.99.6) [since FEDORA-2007-0982]
+CVE-2007-4663 ignore (php, fixed 5.2.4) #277991 safe_mode
+CVE-2007-4662 ignore (php, fixed 5.2.4) #278101 triggerable only by modification to openssl.conf
+CVE-2007-4661 ignore (php, fixed 5.2.4) 5.2.3, incomplete CVE-2007-2872 fix
+CVE-2007-4660 VULNERABLE (php, fixed 5.2.4)
+CVE-2007-4659 VULNERABLE (php, fixed 5.2.4) #276531 Tracking bug!
+CVE-2007-4658 VULNERABLE (php, fixed 5.2.4) #278011
+CVE-2007-4657 VULNERABLE (php, fixed 5.2.4)
CVE-2007-4650 version (gallery2) #267421 [since FEDORA-2007-2020]
CVE-2007-4629 version (mapserver, fixed 4.10.3) #272081 [since FEDORA-2007-2018]
CVE-2007-4631 VULNERABLE (qgit) #268381
--
fedora-extras-commits mailing list
fedora-extras-commits(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits
16 years, 7 months
fedora-security/audit fc6,1.251,1.252 fc7,1.92,1.93
by fedora-extras-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15692
Modified Files:
fc6 fc7
Log Message:
releng pushed loooots of stuff
Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.251
retrieving revision 1.252
diff -u -r1.251 -r1.252
--- fc6 4 Sep 2007 21:12:24 -0000 1.251
+++ fc6 5 Sep 2007 08:30:51 -0000 1.252
@@ -5,9 +5,9 @@
# (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
# Up to date CVE as of CVE email 20070823
-# Up to date FC6 as of 20070827
+# Up to date FC6 as of 20070905
-CVE-2007-4565 VULNERABLE (fetchmail) #260881
+CVE-2007-4565 backport (fetchmail) #260881 [since FEDORA-2007-689]
CVE-2007-4357 ignore (firefox) status bar can be overwrittten
CVE-2007-4255 ignore (php) msql extension not shipped
CVE-2007-4251 ignore (openoffice.org) just a crash
@@ -16,12 +16,15 @@
CVE-2007-4224 ignore (kdebase) too obvious -- mouse pointer indicates script activity
CVE-2007-4211 version (dovecot, fixed 1.0.3) #251009 [since FEDORA-2007-664]
CVE-2007-4134 VULNERABLE (star, fixed 1.5a84) #254129
-CVE-2007-4131 VULNERABLE (tar) #253684
-CVE-2007-4029 VULNERABLE (libvorbis) #250600
+CVE-2007-4131 backport (tar) #253684 [since FEDORA-2007-683]
+CVE-2007-4029 backport (libvorbis) #250600 [since FEDORA-2007-677]
CVE-2007-4168 backport (libexif) #243892 [since FEDORA-2007-614]
+CVE-2007-4000 backport (krb5) [since FEDORA-2007-690]
+CVE-2007-3999 backport (krb5) [since FEDORA-2007-690]
CVE-2007-3962 ignore (gftp) multiple buffer overflows in fsplib, not on Linux
CVE-2007-3961 ignore (gftp) off-by-one error in fsplib
CVE-2007-3852 backport (sysstat) #252296 [since FEDORA-2007-675]
+CVE-2007-3848 version (kernel) [since FEDORA-2007-679]
CVE-2007-3847 VULNERABLE (httpd) #250756
CVE-2007-3845 ignore (firefox) windows specific
CVE-2007-3844 VULNERABLE (firefox) #250648 "fixed on next update"
@@ -50,7 +53,7 @@
CVE-2007-3389 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
CVE-2007-3387 VULNERABLE (poppler) #251513
CVE-2007-3387 backport (tetex) #251515 [since FEDORA-2007-669]
-CVE-2007-3387 VULNERABLE (kdegraphics) #251511
+CVE-2007-3387 backport (kdegraphics) #251511 [since FEDORA-2007-685]
CVE-2007-3387 backport (cups) #251519 [since FEDORA-2007-644]
CVE-2007-3384 ignore (tomcat) only affects 3.3.x and just affects an example
CVE-2007-3381 version (gdm, fixed 2.18.4) #250277 [since FEDORA-2007-653]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.92
retrieving revision 1.93
diff -u -r1.92 -r1.93
--- fc7 4 Sep 2007 21:12:24 -0000 1.92
+++ fc7 5 Sep 2007 08:30:51 -0000 1.93
@@ -6,22 +6,22 @@
# A couple of first F7 updates were marked as FEDORA-2007-0001
# Up to date CVE as of CVE email 20070829
-# Up to date FC7 as of 20070829
+# Up to date FC7 as of 20070905
-CVE-2007-4650 VULNERABLE (gallery2) #267421
-CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081
+CVE-2007-4650 version (gallery2) #267421 [since FEDORA-2007-2020]
+CVE-2007-4629 version (mapserver, fixed 4.10.3) #272081 [since FEDORA-2007-2018]
CVE-2007-4631 VULNERABLE (qgit) #268381
-CVE-2007-4565 VULNERABLE (fetchmail) #260861
+CVE-2007-4565 backport (fetchmail) #260861 [since FEDORA-2007-1983]
CVE-2007-4560 VULNERABLE (clamav) #260583
CVE-2007-4559 VULNERABLE (python) tarfile module - directory traversal
CVE-2007-4558 version (star, fixed 1.5a84) [since FEDORA-2007-1852]
CVE-2007-4543 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853]
-CVE-2007-4542 VULNERABLE (mapserver, fixed 4.10.3) #256561
+CVE-2007-4542 version (mapserver, fixed 4.10.3) #256561 [since FEDORA-2007-2018]
CVE-2007-4539 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853]
CVE-2007-4538 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853]
-CVE-2007-4534 VULNERABLE (vavoom) #256621
-CVE-2007-4533 VULNERABLE (vavoom) #256621
-CVE-2007-4532 VULNERABLE (vavoom) #256621
+CVE-2007-4534 backport (vavoom) #256621 [since CVE-2007-4533]
+CVE-2007-4533 backport (vavoom) #256621 [since CVE-2007-4533]
+CVE-2007-4532 backport (vavoom) #256621 [since CVE-2007-4533]
CVE-2007-4510 VULNERABLE (clamav, fixed 0.91.2) #253780
CVE-2007-4462 version (po4a) #253541 [since FEDORA-2007-1763]
CVE-2007-4460 backport (id3lib) #253553 [since FEDORA-2007-1774]
@@ -42,12 +42,14 @@
CVE-2007-4168 backport (libexif) #243892 [since FEDORA-2007-0414]
CVE-2007-4153 ignore (wordpress) "remote authenticated administrators"
CVE-2007-4154 ignore (wordpress) "remote authenticated administrators"
-CVE-2007-4139 VULNERABLE (wordpress) #250751
+CVE-2007-4139 version (wordpress) #250751 [since FEDORA-2007-1885]
CVE-2007-4134 version (star, fixed 1.5a84) #254128 [since FEDORA-2007-1852]
-CVE-2007-4131 VULNERABLE (tar) #253684
+CVE-2007-4131 backport (tar) #253684 [since FEDORA-2007-1890]
CVE-2007-4066 backport (libvorbis) #245991 [since FEDORA-2007-1765]
CVE-2007-4065 backport (libvorbis) #245991 [since FEDORA-2007-1765]
CVE-2007-4029 backport (libvorbis) #245991 [since FEDORA-2007-1765]
+CVE-2007-4000 backport (krb5) [since FEDORA-2007-2017]
+CVE-2007-3999 backport (krb5) [since FEDORA-2007-2017]
CVE-2007-3962 ignore (gftp) multiple buffer overflows in fsplib, not on Linux
CVE-2007-3961 ignore (gftp) off-by-one error in fsplib
CVE-2007-3852 backport (sysstat) #252295 [since FEDORA-2007-1697]
@@ -142,7 +144,7 @@
CVE-2007-3023 VULNERABLE (clamav, fixed 0.90.3) #245219
CVE-2007-3007 ignore (php) safe mode isn't safe
*CVE-2007-2975 (openfire)
-CVE-2007-2958 VULNERABLE (claws-mail) #254121
+CVE-2007-2958 version (claws-mail) #254121 [since FEDORA-2007-2009]
CVE-2007-2958 backport (sylpheed) #254123 [since FEDORA-2007-1841]
CVE-2007-2956 backport (qtpfsgui) #251674 [since FEDORA-2007-1581]
CVE-2007-2949 version (gimp, fixed, 2.2.16) [since FEDORA-2007-0725]
--
fedora-extras-commits mailing list
fedora-extras-commits(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits
16 years, 7 months
fedora-security/audit epel5,1.1,1.2
by fedora-extras-commits@redhat.com
Author: kevin
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16925
Modified Files:
epel5
Log Message:
Process a bunch of epel5 entries
Index: epel5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/epel5,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- epel5 1 Sep 2007 18:49:37 -0000 1.1
+++ epel5 5 Sep 2007 04:53:03 -0000 1.2
@@ -109,58 +109,58 @@
*CVE-2006-5864 patch (gv, fixed 3.6.2-2) #215136
*CVE-2006-5848 version (trac, fixed 0.10.1) #215077
*CVE-2006-5815 version (proftpd, fixed 1.3.0a) #214820
-*CVE-2006-5602 version (xsupplicant, fixed 1.2.6)
-*CVE-2006-5601 version (xsupplicant, fixed 1.2.8) #212700
-*CVE-2006-5455 patch (bugzilla, fixed 2.22-7) #212355
-*CVE-2006-5454 patch (bugzilla, fixed 2.22-7) #212355
-*CVE-2006-5453 patch (bugzilla, fixed 2.22-7) #212355
-*CVE-2006-5295 version (clamav, fixed 0.88.5) #210973
-*CVE-2006-5129 version (moodle, fixed 1.6.3) #206516
-*CVE-2006-5111 version (libksba, fixed 0.9.14)
-*CVE-2006-4943 version (moodle, fixed 1.6.3) #206516
-*CVE-2006-4942 version (moodle, fixed 1.6.3) #206516
-*CVE-2006-4941 version (moodle, fixed 1.6.3) #206516
-*CVE-2006-4940 version (moodle, fixed 1.6.3) #206516
-*CVE-2006-4939 version (moodle, fixed 1.6.3) #206516
-*CVE-2006-4938 version (moodle, fixed 1.6.3) #206516
-*CVE-2006-4937 version (moodle, fixed 1.6.3) #206516
-*CVE-2006-4936 version (moodle, fixed 1.6.3) #206516
-*CVE-2006-4935 version (moodle, fixed 1.6.3) #206516
-*CVE-2006-4786 version (moodle, fixed 1.6.3) #206516
-*CVE-2006-4785 version (moodle, fixed 1.6.3) #206516
-*CVE-2006-4784 version (moodle, fixed 1.6.3) #206516
-*CVE-2006-4684 version (zope, fixed 2.9.2)
-*CVE-2006-4249 patch (plone, fixed 2.5.1-3) #213983
-*CVE-2006-4248 ignore (thttpd, Debian specific issue)
-*CVE-2006-4247 patch (plone, fixed 2.5-4) #209163
-*CVE-2006-4192 patch (libmodplug, fixed 0.8-3)
-*CVE-2006-4182 version (clamav, fixed 0.88.5) #210973
-*CVE-2006-4018 version (clamav, fixed 0.88.4-1) #201688
-*CVE-2006-3458 patch (zope, fixed 2.9.3-3) #198106
-*CVE-2006-3178 ignore (chmlib, extract_chmLib not shipped)
-*CVE-2006-2489 version (nagios, fixed 2.3.1)
-*CVE-2006-2427 ignore (clamav) not an issue bz#192076
-*CVE-2006-2237 backport (awstats, fixed 6.5-5) bz#190923
-*CVE-2006-2162 version (nagios, fixed 2.3.1) bz#190612
-*CVE-2006-2017 version (dnsmasq, fixed 2.30)
-*CVE-2006-1989 version (clamav, fixed 0.88.2)
-*CVE-2006-1945 backport (awstats, fixed 6.5-4) bz#190922 awstats-6.5-CVE-2006-1945.patch
-*CVE-2006-1711 version (plone, fixed 2.1.2) bz#188886
-*CVE-2006-1630 version (clamav, fixed 0.88.1) bz#188286
-*CVE-2006-1629 version (openvpn, fixed 2.0.6) bz#188050
-*CVE-2006-1615 version (clamav, fixed 0.88.1) bz#188286
-*CVE-2006-1614 version (clamav, fixed 0.88.1) bz#188286
-*CVE-2006-1566 ignore (libtunepimp, Debian-specific problem)
-*CVE-2006-1498 version (mediawiki, fixed 1.5.8) bz#188122
-*CVE-2006-1390 ignore (nethack, Gentoo-specific problem) bz#187353
-*CVE-2006-1079 patch (thttpd, fixed 2.25b-11) bz#191095
-*CVE-2006-1078 patch (thttpd, fixed 2.25b-11) bz#191095
-*CVE-2006-0847 version (python-cherrypy, fixed 2.1.1)
-*CVE-2006-0814 ignore (lighttpd, Windows-specific problem)
-*CVE-2006-0760 version (lighttpd, fixed 1.4.10)
-*CVE-2006-0458 version (irssi, fixed 0.8.10) bz#184509
-*CVE-2006-0322 version (mediawiki, fixed 1.5.8)
-*CVE-2006-0162 version (clamav, fixed 0.88)
-*CVE-2006-0106 version (wine, fixed 0.9.10)
-*CVE-2006-0071 ignore (pinentry, Gentoo-specific problem)
-*CVE-2005-4803 version (graphviz, fixed 2.2.1)
+CVE-2006-5602 version (xsupplicant, fixed 1.2.6)
+CVE-2006-5601 version (xsupplicant, fixed 1.2.8) #212700
+CVE-2006-5455 patch (bugzilla, fixed 2.22-7) #212355
+CVE-2006-5454 patch (bugzilla, fixed 2.22-7) #212355
+CVE-2006-5453 patch (bugzilla, fixed 2.22-7) #212355
+CVE-2006-5295 version (clamav, fixed 0.88.5) #210973
+CVE-2006-5129 version (moodle, fixed 1.6.3) #206516
+CVE-2006-5111 version (libksba, fixed 0.9.14)
+CVE-2006-4943 version (moodle, fixed 1.6.3) #206516
+CVE-2006-4942 version (moodle, fixed 1.6.3) #206516
+CVE-2006-4941 version (moodle, fixed 1.6.3) #206516
+CVE-2006-4940 version (moodle, fixed 1.6.3) #206516
+CVE-2006-4939 version (moodle, fixed 1.6.3) #206516
+CVE-2006-4938 version (moodle, fixed 1.6.3) #206516
+CVE-2006-4937 version (moodle, fixed 1.6.3) #206516
+CVE-2006-4936 version (moodle, fixed 1.6.3) #206516
+CVE-2006-4935 version (moodle, fixed 1.6.3) #206516
+CVE-2006-4786 version (moodle, fixed 1.6.3) #206516
+CVE-2006-4785 version (moodle, fixed 1.6.3) #206516
+CVE-2006-4784 version (moodle, fixed 1.6.3) #206516
+CVE-2006-4684 version (zope, fixed 2.9.2)
+CVE-2006-4249 version (plone, fixed 2.5.1-3) #213983
+CVE-2006-4248 ignore (thttpd, Debian specific issue)
+CVE-2006-4247 patch (plone, fixed 2.5-4) #209163
+CVE-2006-4192 version (libmodplug, fixed 0.8-3)
+CVE-2006-4182 version (clamav, fixed 0.88.5) #210973
+CVE-2006-4018 version (clamav, fixed 0.88.4-1) #201688
+CVE-2006-3458 version (zope, fixed 2.9.3-3) #198106
+CVE-2006-3178 ignore (chmlib, extract_chmLib not shipped)
+CVE-2006-2489 version (nagios, fixed 2.3.1)
+CVE-2006-2427 ignore (clamav) not an issue bz#192076
+CVE-2006-2237 version (awstats, fixed 6.5-5) bz#190923
+CVE-2006-2162 version (nagios, fixed 2.3.1) bz#190612
+CVE-2006-2017 version (dnsmasq, fixed 2.30)
+CVE-2006-1989 version (clamav, fixed 0.88.2)
+CVE-2006-1945 version (awstats, fixed 6.5-4) bz#190922
+CVE-2006-1711 version (plone, fixed 2.1.2) bz#188886
+CVE-2006-1630 version (clamav, fixed 0.88.1) bz#188286
+CVE-2006-1629 version (openvpn, fixed 2.0.6) bz#188050
+CVE-2006-1615 version (clamav, fixed 0.88.1) bz#188286
+CVE-2006-1614 version (clamav, fixed 0.88.1) bz#188286
+CVE-2006-1566 ignore (libtunepimp, Debian-specific problem)
+CVE-2006-1498 version (mediawiki, fixed 1.5.8) bz#188122
+CVE-2006-1390 ignore (nethack, Gentoo-specific problem) bz#187353
+CVE-2006-1079 version (thttpd, fixed 2.25b-11) bz#191095
+CVE-2006-1078 version (thttpd, fixed 2.25b-11) bz#191095
+CVE-2006-0847 version (python-cherrypy, fixed 2.1.1)
+CVE-2006-0814 ignore (lighttpd, Windows-specific problem)
+CVE-2006-0760 version (lighttpd, fixed 1.4.10)
+CVE-2006-0458 version (irssi, fixed 0.8.10) bz#184509
+CVE-2006-0322 version (mediawiki, fixed 1.5.8)
+CVE-2006-0162 version (clamav, fixed 0.88)
+CVE-2006-0106 version (wine, fixed 0.9.10)
+CVE-2006-0071 ignore (pinentry, Gentoo-specific problem)
+CVE-2005-4803 version (graphviz, fixed 2.2.1)
--
fedora-extras-commits mailing list
fedora-extras-commits(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits
16 years, 7 months
fedora-security/audit fc6,1.250,1.251 fc7,1.91,1.92
by fedora-extras-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15261
Modified Files:
fc6 fc7
Log Message:
gd
Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.250
retrieving revision 1.251
diff -u -r1.250 -r1.251
--- fc6 28 Aug 2007 16:44:20 -0000 1.250
+++ fc6 4 Sep 2007 21:12:24 -0000 1.251
@@ -35,6 +35,13 @@
CVE-2007-3642 version (kernel, fixed 2.6.22) [since FEDORA-2007-655]
CVE-2007-3508 ignore (glibc) not an issue
CVE-2007-3506 backport (freetype, fixed 2.3.4) #235479 [since FEDORA-2007-561]
+CVE-2007-3478 VULNERABLE (gd, fixed 2.0.35) #277421
+CVE-2007-3477 VULNERABLE (gd, fixed 2.0.35) #277421
+CVE-2007-3476 VULNERABLE (gd, fixed 2.0.35) #277421
+CVE-2007-3475 VULNERABLE (gd, fixed 2.0.35) #277421
+CVE-2007-3474 VULNERABLE (gd, fixed 2.0.35) #277421
+CVE-2007-3473 VULNERABLE (gd, fixed 2.0.35) #277421
+CVE-2007-3472 VULNERABLE (gd, fixed 2.0.35) #277421
CVE-2007-3409 version (perl-Net-DNS, fixed 0.60) #245809
CVE-2007-3393 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
CVE-2007-3392 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.91
retrieving revision 1.92
diff -u -r1.91 -r1.92
--- fc7 4 Sep 2007 17:00:52 -0000 1.91
+++ fc7 4 Sep 2007 21:12:24 -0000 1.92
@@ -86,13 +86,13 @@
CVE-2007-3508 ignore (glibc) not an issue
CVE-2007-3506 version (freetype, fixed 2.3.4) #235479 [since FEDORA-2007-0033]
CVE-2007-3507 version (flac123, fixed 0.0.10) #246322 [since FEDORA-2007-1045]
-CVE-2007-3478 ** (gd)
-CVE-2007-3477 ** (gd)
-CVE-2007-3476 ** (gd)
-CVE-2007-3475 ** (gd)
-CVE-2007-3474 ** (gd)
-CVE-2007-3473 ** (gd)
-CVE-2007-3472 ** (gd)
+CVE-2007-3478 VULNERABLE (gd, fixed 2.0.35) #277411
+CVE-2007-3477 VULNERABLE (gd, fixed 2.0.35) #277411
+CVE-2007-3476 VULNERABLE (gd, fixed 2.0.35) #277411
+CVE-2007-3475 VULNERABLE (gd, fixed 2.0.35) #277411
+CVE-2007-3474 VULNERABLE (gd, fixed 2.0.35) #277411
+CVE-2007-3473 VULNERABLE (gd, fixed 2.0.35) #277411
+CVE-2007-3472 VULNERABLE (gd, fixed 2.0.35) #277411
CVE-2007-3410 backport (HelixPlayer) #245838 [since FEDORA-2007-0756]
CVE-2007-3409 version (perl-Net-DNS, fixed 0.60) #245807
CVE-2007-3393 version (wireshark, fixed 0.99.6) [since FEDORA-2007-0982]
--
fedora-extras-commits mailing list
fedora-extras-commits(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits
16 years, 7 months
fedora-security/audit fc7,1.90,1.91
by fedora-extras-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7775
Modified Files:
fc7
Log Message:
CVE for gallery2
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.90
retrieving revision 1.91
diff -u -r1.90 -r1.91
--- fc7 4 Sep 2007 12:44:08 -0000 1.90
+++ fc7 4 Sep 2007 17:00:52 -0000 1.91
@@ -8,7 +8,7 @@
# Up to date CVE as of CVE email 20070829
# Up to date FC7 as of 20070829
-CVE-MAP-NOMATCH VULNERABLE (gallery2) #267421
+CVE-2007-4650 VULNERABLE (gallery2) #267421
CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081
CVE-2007-4631 VULNERABLE (qgit) #268381
CVE-2007-4565 VULNERABLE (fetchmail) #260861
--
fedora-extras-commits mailing list
fedora-extras-commits(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits
16 years, 7 months
fedora-security/audit fc7,1.89,1.90
by fedora-extras-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv30461
Modified Files:
fc7
Log Message:
Gallery2 WebdAv problems
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.89
retrieving revision 1.90
diff -u -r1.89 -r1.90
--- fc7 1 Sep 2007 18:12:28 -0000 1.89
+++ fc7 4 Sep 2007 12:44:08 -0000 1.90
@@ -8,6 +8,7 @@
# Up to date CVE as of CVE email 20070829
# Up to date FC7 as of 20070829
+CVE-MAP-NOMATCH VULNERABLE (gallery2) #267421
CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081
CVE-2007-4631 VULNERABLE (qgit) #268381
CVE-2007-4565 VULNERABLE (fetchmail) #260861
--
fedora-extras-commits mailing list
fedora-extras-commits(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits
16 years, 7 months
fedora-security/audit epel4,NONE,1.1 epel5,NONE,1.1
by fedora-extras-commits@redhat.com
Author: kevin
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7006
Added Files:
epel4 epel5
Log Message:
Initial epel4 and epel5 audit files to check.
--- NEW FILE epel4 ---
#
# ** are items that need attention
# *CVE are items that need verification for EPEL-4
# (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
# Up to date CVE as of CVE email 20070829
# Up to date EPEL4 as of
#
*CVE-2007-4631 VULNERABLE (qgit) #268381
*CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081
*CVE-2007-4560 VULNERABLE (clamav) #260583
*CVE-2007-4543 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853]
*CVE-2007-4542 VULNERABLE (mapserver, fixed 4.10.3) #256561
*CVE-2007-4539 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853]
*CVE-2007-4538 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853]
*CVE-2007-4510 VULNERABLE (clamav, fixed 0.91.2) #253780
*CVE-2007-4462 version (po4a) #253541 [since FEDORA-2007-1763]
*CVE-2007-4400 VULNERABLE (konversation) #253545
*CVE-2007-4323 backport (denyhosts) #252291 [since FEDORA-2007-0589]
*CVE-2007-4321 backport (fail2ban) #252290 [since FEDORA-2007-0621] version since FEDORA-2007-1643
*CVE-2007-3950 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
*CVE-2007-3949 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
*CVE-2007-3948 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
*CVE-2007-3947 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
*CVE-2007-3946 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
*CVE-2007-3725 ** (clamav)
*CVE-2007-3555 version (moodle) #247528 [since FEDORA-2007-1445]
*CVE-2007-3209 ignore (mail-notification, shipped with SSL enabled)
*CVE-2007-3153 version (c-ares, fixed 1.4.0) #243591 [since FEDORA-2007-0724]
*CVE-2007-3152 version (c-ares, fixed 1.4.0) #243591 [since FEDORA-2007-0724]
*CVE-2007-3123 VULNERABLE (clamav, fixed 0.90.3) #245219
*CVE-2007-3122 VULNERABLE (clamav, fixed 0.90.3) #245219
*CVE-2007-3113 VULNERABLE (cacti) #243592
*CVE-2007-3112 VULNERABLE (cacti) #243592
*CVE-2007-3025 ignore (clamav, Solaris only)
*CVE-2007-3024 VULNERABLE (clamav, fixed 0.90.3) #245219
*CVE-2007-3023 VULNERABLE (clamav, fixed 0.90.3) #245219
*CVE-2007-2958 VULNERABLE (claws-mail) #254121
*CVE-2007-2865 version (phpPgAdmin, fixed 4.1.2) #241489 [since FEDORA-2007-0469]
*CVE-2007-2721 patch (jasper, fixed 1.900.1-2) #240397
*CVE-2007-2650 version (clamav, fixed 0.90.3) #240395 [since FEDORA-2007-1154]
*CVE-2007-2637 patch (moin, fixed 1.5.7-2)
*CVE-2007-2423 patch (moin, fixed 1.5.7-2) #238722
*CVE-2007-2413 version (perl-Imager, fixed 0.57) #238615
*CVE-2007-2245 VULNERABLE (phpMyAdmin, fixed 2.10.1) #237882
*CVE-2007-2165 VULNERABLE (proftpd) #237533
*CVE-2007-2029 VULNERABLE (clamav, fixed 0.90.3) #245219
*CVE-2007-2016 ignore (phpMyAdmin, < 2.8.0.2 never shipped)
*CVE-2007-1997 version (clamav, fixed in 0.90.2)
*CVE-2007-1870 version (lighttpd, fixed 1.4.14) #236489
*CVE-2007-1869 version (lighttpd, fixed 1.4.14) #236489
*CVE-2007-1745 version (clamav, fixed in 0.90.2) #236703
*CVE-2007-1614 version (zziplib, fixed 0.13.49) #233700
*CVE-2007-1558 version (claws-mail, fixed 2.9.1) #237293
*CVE-2007-1547 version (nas, fixed 1.8a-2) #233353
*CVE-2007-1546 version (nas, fixed 1.8a-2) #233353
*CVE-2007-1545 version (nas, fixed 1.8a-2) #233353
*CVE-2007-1544 version (nas, fixed 1.8a-2) #233353
*CVE-2007-1543 version (nas, fixed 1.8a-2) #233353
*CVE-2007-1429 version (moodle, fixed 1.6.5) #232103
*CVE-2007-1406 version (trac, fixed 0.10.3.1) #231729
*CVE-2007-1405 version (trac, fixed 0.10.3.1) #231729
*CVE-2007-1395 version (phpMyAdmin, fixed 2.10.0.2)
*CVE-2007-1359 patch (mod_security, fixed 2.1.0-3) #231728
*CVE-2007-1325 version (phpMyAdmin, fixed 2.10.0.2)
*CVE-2007-1055 version (mediawiki, fixed 1.8.3)
*CVE-2007-1054 version (mediawiki, fixed 1.9.3) [since FEDORA-2007-1442]
*CVE-2007-0902 patch (moin, fixed 1.5.7-2) #228764
*CVE-2007-0901 patch (moin, fixed 1.5.7-2) #228764
*CVE-2007-0898 version (clamav, fixed 0.90) #229202
*CVE-2007-0897 version (clamav, fixed 0.90) #229202
*CVE-2007-0894 version (mediawiki, fixed 1.8.4) #228763
*CVE-2007-0857 version (moin, fixed 1.5.7) #228139
*CVE-2007-0619 version (chmlib, fixed 0.3.9) #225919
*CVE-2007-0341 ignore (phpMyAdmin, 2.8.x only)
*CVE-2007-0242 patch (qt4, fixed 4.2.3-7)
*CVE-2007-0240 patch (zope, fixed 2.9.6-2) #233378
*CVE-2007-0177 version (mediawiki, fixed 1.8.3) #221958
*CVE-2007-0095 VULNERABLE (phpMyAdmin) #221694
*CVE-2007-0007 version (gnucash, fixed 2.0.5) since [FEDORA-2007-256] #223233
*CVE-2006-6944 version (phpMyAdmin, fixed 2.9.1.1)
*CVE-2006-6943 version (phpMyAdmin, fixed 2.9.1.1)
*CVE-2006-6942 version (phpMyAdmin, fixed 2.9.1.1)
*CVE-2006-6799 patch (cacti, fixed 0.8.6i-5) #222410
*CVE-2006-6693 ignore (zabbix, fixed 1.1.3, < 1.1.4 not shipped)
*CVE-2006-6692 ignore (zabbix, fixed 1.1.3, < 1.1.4 not shipped)
*CVE-2006-6626 version (moodle, fixed 1.6.5) #220041
*CVE-2006-6625 version (moodle, fixed 1.6.5) #220041
*CVE-2006-6563 backport (proftpd, fixed 1.3.0a-3) #219938
*CVE-2006-6481 version (clamav, fixed 0.88.7)
*CVE-2006-6406 version (clamav, fixed 0.88.7) #219095
*CVE-2006-6374 ** (phpMyAdmin) #218853
*CVE-2006-6373 version (phpMyAdmin, fixed 2.9.1.1) #218853
*CVE-2006-6301 version (denyhosts, fixed 2.6-2) #218824
*CVE-2006-6171 patch (proftpd, fixed 1.3.0a-1) #214820
*CVE-2006-6170 patch (proftpd, fixed 1.3.0a-1) #214820
*CVE-2006-5874 version (clamav, fixed 0.88.1)
*CVE-2006-5864 patch (gv, fixed 3.6.2-2) #215136
*CVE-2006-5848 version (trac, fixed 0.10.1) #215077
*CVE-2006-5815 version (proftpd, fixed 1.3.0a) #214820
*CVE-2006-5602 version (xsupplicant, fixed 1.2.6)
*CVE-2006-5601 version (xsupplicant, fixed 1.2.8) #212700
*CVE-2006-5455 patch (bugzilla, fixed 2.22-7) #212355
*CVE-2006-5454 patch (bugzilla, fixed 2.22-7) #212355
*CVE-2006-5453 patch (bugzilla, fixed 2.22-7) #212355
*CVE-2006-5295 version (clamav, fixed 0.88.5) #210973
*CVE-2006-5129 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4943 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4942 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4941 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4940 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4939 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4938 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4937 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4936 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4935 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4786 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4785 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4784 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4684 version (zope, fixed 2.9.2)
*CVE-2006-4249 patch (plone, fixed 2.5.1-3) #213983
*CVE-2006-4248 ignore (thttpd, Debian specific issue)
*CVE-2006-4247 patch (plone, fixed 2.5-4) #209163
*CVE-2006-4182 version (clamav, fixed 0.88.5) #210973
*CVE-2006-4018 version (clamav, fixed 0.88.4-1) #201688
*CVE-2006-3458 patch (zope, fixed 2.9.3-3) #198106
*CVE-2006-3178 ignore (chmlib, extract_chmLib not shipped)
*CVE-2006-2489 version (nagios, fixed 2.3.1)
*CVE-2006-2427 ignore (clamav) not an issue bz#192076
*CVE-2006-2237 backport (awstats, fixed 6.5-5) bz#190923
*CVE-2006-2162 version (nagios, fixed 2.3.1) bz#190612
*CVE-2006-2017 version (dnsmasq, fixed 2.30)
*CVE-2006-1989 version (clamav, fixed 0.88.2)
*CVE-2006-1945 backport (awstats, fixed 6.5-4) bz#190922 awstats-6.5-CVE-2006-1945.patch
*CVE-2006-1711 version (plone, fixed 2.1.2) bz#188886
*CVE-2006-1630 version (clamav, fixed 0.88.1) bz#188286
*CVE-2006-1629 version (openvpn, fixed 2.0.6) bz#188050
*CVE-2006-1615 version (clamav, fixed 0.88.1) bz#188286
*CVE-2006-1614 version (clamav, fixed 0.88.1) bz#188286
*CVE-2006-1566 ignore (libtunepimp, Debian-specific problem)
*CVE-2006-1498 version (mediawiki, fixed 1.5.8) bz#188122
*CVE-2006-1079 patch (thttpd, fixed 2.25b-11) bz#191095
*CVE-2006-1078 patch (thttpd, fixed 2.25b-11) bz#191095
*CVE-2006-0814 ignore (lighttpd, Windows-specific problem)
*CVE-2006-0760 version (lighttpd, fixed 1.4.10)
*CVE-2006-0458 version (irssi, fixed 0.8.10) bz#184509
*CVE-2006-0322 version (mediawiki, fixed 1.5.8)
*CVE-2006-0162 version (clamav, fixed 0.88)
*CVE-2006-0126 version (rxvt-unicode, fixed 7.5)
*CVE-2006-0106 version (wine, fixed 0.9.10)
*CVE-2006-0071 ignore (pinentry, Gentoo-specific problem)
*CVE-2005-4803 version (graphviz, fixed 2.2.1)
*CVE-2004-1096 version (perl-Archive-Zip, fixed 1.14)
--- NEW FILE epel5 ---
#
# ** are items that need attention
# *CVE are items that need verification for EPEL-5
# (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
# Up to date CVE as of CVE email 20070829
# Up to date EPEL5 as of
#
*CVE-2007-4631 VULNERABLE (qgit) #268381
*CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081
*CVE-2007-4560 VULNERABLE (clamav) #260583
*CVE-2007-4543 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853]
*CVE-2007-4542 VULNERABLE (mapserver, fixed 4.10.3) #256561
*CVE-2007-4539 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853]
*CVE-2007-4538 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853]
*CVE-2007-4510 VULNERABLE (clamav, fixed 0.91.2) #253780
*CVE-2007-4462 version (po4a) #253541 [since FEDORA-2007-1763]
*CVE-2007-4400 VULNERABLE (konversation) #253545
*CVE-2007-4323 backport (denyhosts) #252291 [since FEDORA-2007-0589]
*CVE-2007-4321 backport (fail2ban) #252290 [since FEDORA-2007-0621] version since FEDORA-2007-1643
*CVE-2007-3950 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
*CVE-2007-3949 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
*CVE-2007-3948 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
*CVE-2007-3947 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
*CVE-2007-3946 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
*CVE-2007-3725 ** (clamav)
*CVE-2007-3628 version (php-pear-Structures-DataGrid-DataSource-MDB2, fixed 0.1.10)
*CVE-2007-3555 version (moodle) #247528 [since FEDORA-2007-1445]
*CVE-2007-3528 version (dar, fixed 2.3.4) #246760 [since FEDORA-2007-0904]
*CVE-2007-3387 version (xpdf, fixed 3.02pl1) [since FEDORA-2007-1383]
*CVE-2007-3209 ignore (mail-notification, shipped with SSL enabled)
*CVE-2007-3153 version (c-ares, fixed 1.4.0) #243591 [since FEDORA-2007-0724]
*CVE-2007-3152 version (c-ares, fixed 1.4.0) #243591 [since FEDORA-2007-0724]
*CVE-2007-3123 VULNERABLE (clamav, fixed 0.90.3) #245219
*CVE-2007-3122 VULNERABLE (clamav, fixed 0.90.3) #245219
*CVE-2007-3113 VULNERABLE (cacti) #243592
*CVE-2007-3112 VULNERABLE (cacti) #243592
*CVE-2007-3025 ignore (clamav, Solaris only)
*CVE-2007-3024 VULNERABLE (clamav, fixed 0.90.3) #245219
*CVE-2007-3023 VULNERABLE (clamav, fixed 0.90.3) #245219
*CVE-2007-2865 version (phpPgAdmin, fixed 4.1.2) #241489 [since FEDORA-2007-0469]
*CVE-2007-2721 patch (jasper, fixed 1.900.1-2) #240397
*CVE-2007-2650 version (clamav, fixed 0.90.3) #240395 [since FEDORA-2007-1154]
*CVE-2007-2637 patch (moin, fixed 1.5.7-2)
*CVE-2007-2423 patch (moin, fixed 1.5.7-2) #238722
*CVE-2007-2413 version (perl-Imager, fixed 0.57) #238615
*CVE-2007-2245 VULNERABLE (phpMyAdmin, fixed 2.10.1) #237882
*CVE-2007-2165 VULNERABLE (proftpd) #237533
*CVE-2007-2029 VULNERABLE (clamav, fixed 0.90.3) #245219
*CVE-2007-2016 ignore (phpMyAdmin, < 2.8.0.2 never shipped)
*CVE-2007-1997 version (clamav, fixed in 0.90.2)
*CVE-2007-1870 version (lighttpd, fixed 1.4.14) #236489
*CVE-2007-1869 version (lighttpd, fixed 1.4.14) #236489
*CVE-2007-1745 version (clamav, fixed in 0.90.2) #236703
*CVE-2007-1614 version (zziplib, fixed 0.13.49) #233700
*CVE-2007-1547 version (nas, fixed 1.8a-2) #233353
*CVE-2007-1546 version (nas, fixed 1.8a-2) #233353
*CVE-2007-1545 version (nas, fixed 1.8a-2) #233353
*CVE-2007-1544 version (nas, fixed 1.8a-2) #233353
*CVE-2007-1543 version (nas, fixed 1.8a-2) #233353
*CVE-2007-1515 version (imp, fixed 4.1.4)
*CVE-2007-1474 version (horde, fixed 3.1.4)
*CVE-2007-1474 ignore (imp, < 4.x only)
*CVE-2007-1473 version (horde, fixed 3.1.4)
*CVE-2007-1429 version (moodle, fixed 1.6.5) #232103
*CVE-2007-1406 version (trac, fixed 0.10.3.1) #231729
*CVE-2007-1405 version (trac, fixed 0.10.3.1) #231729
*CVE-2007-1399 version (php-pecl-zip, fixed 1.8.5)
*CVE-2007-1395 version (phpMyAdmin, fixed 2.10.0.2)
*CVE-2007-1359 patch (mod_security, fixed 2.1.0-3) #231728
*CVE-2007-1325 version (phpMyAdmin, fixed 2.10.0.2)
*CVE-2007-1263 version (gpgme, fixed 1.1.4)
*CVE-2007-1055 version (mediawiki, fixed 1.8.3)
*CVE-2007-1054 version (mediawiki, fixed 1.9.3) [since FEDORA-2007-1442]
*CVE-2007-0902 patch (moin, fixed 1.5.7-2) #228764
*CVE-2007-0901 patch (moin, fixed 1.5.7-2) #228764
*CVE-2007-0898 version (clamav, fixed 0.90) #229202
*CVE-2007-0897 version (clamav, fixed 0.90) #229202
*CVE-2007-0894 version (mediawiki, fixed 1.8.4) #228763
*CVE-2007-0857 version (moin, fixed 1.5.7) #228139
*CVE-2007-0619 version (chmlib, fixed 0.3.9) #225919
*CVE-2007-0469 version (rubygems, fixed 0.9.1)
*CVE-2007-0341 ignore (phpMyAdmin, 2.8.x only)
*CVE-2007-0242 patch (qt4, fixed 4.2.3-7)
*CVE-2007-0240 patch (zope, fixed 2.9.6-2) #233378
*CVE-2007-0177 version (mediawiki, fixed 1.8.3) #221958
*CVE-2007-0095 VULNERABLE (phpMyAdmin) #221694
*CVE-2007-0007 version (gnucash, fixed 2.0.5) since [FEDORA-2007-256] #223233
*CVE-2006-6944 version (phpMyAdmin, fixed 2.9.1.1)
*CVE-2006-6943 version (phpMyAdmin, fixed 2.9.1.1)
*CVE-2006-6942 version (phpMyAdmin, fixed 2.9.1.1)
*CVE-2006-6799 patch (cacti, fixed 0.8.6i-5) #222410
*CVE-2006-6693 ignore (zabbix, fixed 1.1.3, < 1.1.4 not shipped)
*CVE-2006-6692 ignore (zabbix, fixed 1.1.3, < 1.1.4 not shipped)
*CVE-2006-6626 version (moodle, fixed 1.6.5) #220041
*CVE-2006-6625 version (moodle, fixed 1.6.5) #220041
*CVE-2006-6563 backport (proftpd, fixed 1.3.0a-3) #219938
*CVE-2006-6481 version (clamav, fixed 0.88.7)
*CVE-2006-6406 version (clamav, fixed 0.88.7) #219095
*CVE-2006-6374 ** (phpMyAdmin) #218853
*CVE-2006-6373 version (phpMyAdmin, fixed 2.9.1.1) #218853
*CVE-2006-6301 version (denyhosts, fixed 2.6-2) #218824
*CVE-2006-6235 patch (gnupg2, fixed 2.0.1-2) #218821
*CVE-2006-6171 patch (proftpd, fixed 1.3.0a-1) #214820
*CVE-2006-6170 patch (proftpd, fixed 1.3.0a-1) #214820
*CVE-2006-6169 version (gnupg2, fixed 2.0.1) #217950
*CVE-2006-6085 version (kile, fixed 1.9.3) #217238
*CVE-2006-5874 version (clamav, fixed 0.88.1)
*CVE-2006-5864 patch (gv, fixed 3.6.2-2) #215136
*CVE-2006-5848 version (trac, fixed 0.10.1) #215077
*CVE-2006-5815 version (proftpd, fixed 1.3.0a) #214820
*CVE-2006-5602 version (xsupplicant, fixed 1.2.6)
*CVE-2006-5601 version (xsupplicant, fixed 1.2.8) #212700
*CVE-2006-5455 patch (bugzilla, fixed 2.22-7) #212355
*CVE-2006-5454 patch (bugzilla, fixed 2.22-7) #212355
*CVE-2006-5453 patch (bugzilla, fixed 2.22-7) #212355
*CVE-2006-5295 version (clamav, fixed 0.88.5) #210973
*CVE-2006-5129 version (moodle, fixed 1.6.3) #206516
*CVE-2006-5111 version (libksba, fixed 0.9.14)
*CVE-2006-4943 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4942 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4941 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4940 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4939 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4938 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4937 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4936 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4935 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4786 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4785 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4784 version (moodle, fixed 1.6.3) #206516
*CVE-2006-4684 version (zope, fixed 2.9.2)
*CVE-2006-4249 patch (plone, fixed 2.5.1-3) #213983
*CVE-2006-4248 ignore (thttpd, Debian specific issue)
*CVE-2006-4247 patch (plone, fixed 2.5-4) #209163
*CVE-2006-4192 patch (libmodplug, fixed 0.8-3)
*CVE-2006-4182 version (clamav, fixed 0.88.5) #210973
*CVE-2006-4018 version (clamav, fixed 0.88.4-1) #201688
*CVE-2006-3458 patch (zope, fixed 2.9.3-3) #198106
*CVE-2006-3178 ignore (chmlib, extract_chmLib not shipped)
*CVE-2006-2489 version (nagios, fixed 2.3.1)
*CVE-2006-2427 ignore (clamav) not an issue bz#192076
*CVE-2006-2237 backport (awstats, fixed 6.5-5) bz#190923
*CVE-2006-2162 version (nagios, fixed 2.3.1) bz#190612
*CVE-2006-2017 version (dnsmasq, fixed 2.30)
*CVE-2006-1989 version (clamav, fixed 0.88.2)
*CVE-2006-1945 backport (awstats, fixed 6.5-4) bz#190922 awstats-6.5-CVE-2006-1945.patch
*CVE-2006-1711 version (plone, fixed 2.1.2) bz#188886
*CVE-2006-1630 version (clamav, fixed 0.88.1) bz#188286
*CVE-2006-1629 version (openvpn, fixed 2.0.6) bz#188050
*CVE-2006-1615 version (clamav, fixed 0.88.1) bz#188286
*CVE-2006-1614 version (clamav, fixed 0.88.1) bz#188286
*CVE-2006-1566 ignore (libtunepimp, Debian-specific problem)
*CVE-2006-1498 version (mediawiki, fixed 1.5.8) bz#188122
*CVE-2006-1390 ignore (nethack, Gentoo-specific problem) bz#187353
*CVE-2006-1079 patch (thttpd, fixed 2.25b-11) bz#191095
*CVE-2006-1078 patch (thttpd, fixed 2.25b-11) bz#191095
*CVE-2006-0847 version (python-cherrypy, fixed 2.1.1)
*CVE-2006-0814 ignore (lighttpd, Windows-specific problem)
*CVE-2006-0760 version (lighttpd, fixed 1.4.10)
*CVE-2006-0458 version (irssi, fixed 0.8.10) bz#184509
*CVE-2006-0322 version (mediawiki, fixed 1.5.8)
*CVE-2006-0162 version (clamav, fixed 0.88)
*CVE-2006-0106 version (wine, fixed 0.9.10)
*CVE-2006-0071 ignore (pinentry, Gentoo-specific problem)
*CVE-2005-4803 version (graphviz, fixed 2.2.1)
--
fedora-extras-commits mailing list
fedora-extras-commits(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits
16 years, 7 months
fedora-security/audit fc7,1.88,1.89
by fedora-extras-commits@redhat.com
Author: kevin
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6162
Modified Files:
fc7
Log Message:
Fix some typos
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.88
retrieving revision 1.89
diff -u -r1.88 -r1.89
--- fc7 1 Sep 2007 06:21:24 -0000 1.88
+++ fc7 1 Sep 2007 18:12:28 -0000 1.89
@@ -365,7 +365,7 @@
CVE-2007-0777 version (seamonkey, fixed 1.0.8)
CVE-2007-0775 version (seamonkey, fixed 1.0.8)
*CVE-2007-0774 (mod_jk)
-VE-2007-0772 version (kernel, fixed 2.6.20.1) [since FEDORA-2007-291]
+CVE-2007-0772 version (kernel, fixed 2.6.20.1) [since FEDORA-2007-291]
CVE-2007-0771 patch (kernel, fixed 2.6.20-1.2933) #227952
CVE-2007-0770 patch (GraphicsMagick, fixed 1.1.7-7) #228758
CVE-2007-0770 ignore (ImageMagick) only if incomplete CVE-2006-5456
@@ -608,7 +608,7 @@
CVE-2006-5330 ignore, no-ship (flash-plugin)
*CVE-2006-5298 backport (mutt) [since FEDORA-2006-1063]
*CVE-2006-5297 backport (mutt) [since FEDORA-2006-1063]
-VE-2006-5295 version (clamav, fixed 0.88.5) #210973
+CVE-2006-5295 version (clamav, fixed 0.88.5) #210973
*CVE-2006-5276 VULNERABLE (snort) #229265
CVE-2006-5229 ignore (openssh) not reproduced
CVE-2006-5215 backport (xorg-x11-xinit) #212167 [since FEDORA-2007-1409]
@@ -1242,7 +1242,7 @@
*CVE-2006-0017 (fedora directory server)
*CVE-2006-0016 (fedora directory server)
*CVE-2005-4838 (tomcat)
-VE-2005-4837 version (net-snmp, fixed 5.2.2)
+CVE-2005-4837 version (net-snmp, fixed 5.2.2)
*CVE-2005-4836 (tomcat)
CVE-2005-4811 version (kernel, fixed 2.6.13)
CVE-2005-4809 VULNERABLE (firefox)
@@ -1381,7 +1381,7 @@
*CVE-2005-3192 backport (tetex) tetex-3.0-CVE-2005-3193.patch
CVE-2005-3191 version (poppler, fixed 0.4.4)
CVE-2005-3191 version (kdegraphics, fixed 3.5.1)
-VE-2005-3191 version (cups, fixed 1.2.0)
+CVE-2005-3191 version (cups, fixed 1.2.0)
*CVE-2005-3191 backport (tetex) tetex-3.0-CVE-2005-3193.patch
CVE-2005-3186 version (gtk2, fixed 2.8.7 at least)
CVE-2005-3185 version (wget, fixed 1.10.2 at least)
@@ -1400,7 +1400,7 @@
CVE-2005-3107 version (kernel, fixed 2.6.11)
CVE-2005-3106 version (kernel, fixed 2.6.11)
CVE-2005-3105 version (kernel, fixed 2.6.12)
-VE-2005-3089 version (firefox, fixed 1.0.7)
+CVE-2005-3089 version (firefox, fixed 1.0.7)
CVE-2005-3088 ignore (fetchmail) fetchmailconf not shipped
CVE-2005-3055 version (kernel, fixed 2.6.14)
CVE-2005-3054 ignore (php)
@@ -2724,7 +2724,7 @@
CVE-2002-0069 version (squid, fixed 2.4STABLE4)
CVE-2002-0068 version (squid, fixed 2.4STABLE4)
CVE-2002-0067 version (squid, fixed 2.4STABLE4)
-VE-2002-0063 version (cups, fixed 1.1.14)
+CVE-2002-0063 version (cups, fixed 1.1.14)
CVE-2002-0062 version (ncurses, only 5.0)
CVE-2002-0060 version (kernel, fixed 2.5.5)
*CVE-2002-0059 ** zlib (cvs, dump, gcc, libgcj, kernel, vnc)
--
fedora-extras-commits mailing list
fedora-extras-commits(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits
16 years, 7 months