2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

security [ARCHIVED] September 2007

security@lists.fedoraproject.org

7 participants
61 discussions

Start a nNew thread

[Bug 229265] CVE-2006-5276 Vulnerability in Snort DCE/RPC Preprocessor

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: CVE-2006-5276 Vulnerability in Snort DCE/RPC Preprocessor https://bugzilla.redhat.com/show_bug.cgi?id=229265 bugzilla(a)redhat.com changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|normal |medium Product|Fedora Extras |Fedora ------- Additional Comments From updates(a)fedoraproject.org 2007-09-07 13:20 EST ------- snort-2.7.0.1-3.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

16 years, 7 months

1
0
0 / 0

[Bug 235013] New: CVE-2007-1804: pulseaudio 0.9.5 DoS

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235013 Summary: CVE-2007-1804: pulseaudio 0.9.5 DoS Product: Fedora Extras Version: fc6 Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: pulseaudio AssignedTo: drzeus-bugzilla(a)drzeus.cx ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list(a)redhat.com http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1804 "PulseAudio 0.9.5 allows remote attackers to cause a denial of service (daemon crash) via (1) a PA_PSTREAM_DESCRIPTOR_LENGTH value of FRAME_SIZE_MAX_ALLOW sent on TCP port 9875, which triggers a p->export assertion failure in do_read; (2) a PA_PSTREAM_DESCRIPTOR_LENGTH value of 0 sent on TCP port 9875, which triggers a length assertion failure in pa_memblock_new; or (3) an empty packet on UDP port 9875, which triggers a t assertion failure in pa_sdp_parse; and allows remote authenticated users to cause a denial of service (daemon crash) via a crafted packet on TCP port 9875 that (4) triggers a maxlength assertion failure in pa_memblockq_new, (5) triggers a size assertion failure in pa_xmalloc, or (6) plays a certain sound file." FC5, FC6, devel have 0.9.5 at the moment. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

16 years, 7 months

1
4
0 / 0

fedora-security/audit fc6,1.252,1.253 fc7,1.93,1.94

by fedora-extras-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28608/audit Modified Files: fc6 fc7 Log Message: PHP wireshark kerberos Index: fc6 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc6,v retrieving revision 1.252 retrieving revision 1.253 diff -u -r1.252 -r1.253 --- fc6 5 Sep 2007 08:30:51 -0000 1.252 +++ fc6 7 Sep 2007 08:42:54 -0000 1.253 @@ -4,9 +4,18 @@ # *CVE are items that need verification for Fedora Core 6 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) -# Up to date CVE as of CVE email 20070823 +# Up to date CVE as of CVE email 20070907 # Up to date FC6 as of 20070905 +CVE-2007-4743 VULNERABLE (krb5) incomplete CVE-2007-3999 fix +CVE-2007-4721 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628] +CVE-2007-4663 ignore (php, fixed 5.2.4) #277991 safe_mode +CVE-2007-4662 ignore (php, fixed 5.2.4) #278101 triggerable only by modification to openssl.conf +CVE-2007-4661 ignore (php, fixed 5.2.4) 5.2.3, incomplete CVE-2007-2872 fix +CVE-2007-4660 VULNERABLE (php, fixed 5.2.4) +CVE-2007-4659 ignore (php, fixed 5.2.4) #276531 (FC7/php-5.2 only) +CVE-2007-4658 VULNERABLE (php, fixed 5.2.4) #278011 +CVE-2007-4657 VULNERABLE (php, fixed 5.2.4) CVE-2007-4565 backport (fetchmail) #260881 [since FEDORA-2007-689] CVE-2007-4357 ignore (firefox) status bar can be overwrittten CVE-2007-4255 ignore (php) msql extension not shipped Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.93 retrieving revision 1.94 diff -u -r1.93 -r1.94 --- fc7 5 Sep 2007 08:30:51 -0000 1.93 +++ fc7 7 Sep 2007 08:42:54 -0000 1.94 @@ -5,9 +5,18 @@ # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) # A couple of first F7 updates were marked as FEDORA-2007-0001 -# Up to date CVE as of CVE email 20070829 +# Up to date CVE as of CVE email 20070907 # Up to date FC7 as of 20070905 +CVE-2007-4743 VULNERABLE (krb5) incomplete CVE-2007-3999 fix +CVE-2007-4721 version (wireshark, fixed 0.99.6) [since FEDORA-2007-0982] +CVE-2007-4663 ignore (php, fixed 5.2.4) #277991 safe_mode +CVE-2007-4662 ignore (php, fixed 5.2.4) #278101 triggerable only by modification to openssl.conf +CVE-2007-4661 ignore (php, fixed 5.2.4) 5.2.3, incomplete CVE-2007-2872 fix +CVE-2007-4660 VULNERABLE (php, fixed 5.2.4) +CVE-2007-4659 VULNERABLE (php, fixed 5.2.4) #276531 Tracking bug! +CVE-2007-4658 VULNERABLE (php, fixed 5.2.4) #278011 +CVE-2007-4657 VULNERABLE (php, fixed 5.2.4) CVE-2007-4650 version (gallery2) #267421 [since FEDORA-2007-2020] CVE-2007-4629 version (mapserver, fixed 4.10.3) #272081 [since FEDORA-2007-2018] CVE-2007-4631 VULNERABLE (qgit) #268381 -- fedora-extras-commits mailing list fedora-extras-commits(a)redhat.com https://www.redhat.com/mailman/listinfo/fedora-extras-commits

16 years, 7 months

1
0
0 / 0

fedora-security/audit fc6,1.251,1.252 fc7,1.92,1.93

by fedora-extras-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15692 Modified Files: fc6 fc7 Log Message: releng pushed loooots of stuff Index: fc6 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc6,v retrieving revision 1.251 retrieving revision 1.252 diff -u -r1.251 -r1.252 --- fc6 4 Sep 2007 21:12:24 -0000 1.251 +++ fc6 5 Sep 2007 08:30:51 -0000 1.252 @@ -5,9 +5,9 @@ # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) # Up to date CVE as of CVE email 20070823 -# Up to date FC6 as of 20070827 +# Up to date FC6 as of 20070905 -CVE-2007-4565 VULNERABLE (fetchmail) #260881 +CVE-2007-4565 backport (fetchmail) #260881 [since FEDORA-2007-689] CVE-2007-4357 ignore (firefox) status bar can be overwrittten CVE-2007-4255 ignore (php) msql extension not shipped CVE-2007-4251 ignore (openoffice.org) just a crash @@ -16,12 +16,15 @@ CVE-2007-4224 ignore (kdebase) too obvious -- mouse pointer indicates script activity CVE-2007-4211 version (dovecot, fixed 1.0.3) #251009 [since FEDORA-2007-664] CVE-2007-4134 VULNERABLE (star, fixed 1.5a84) #254129 -CVE-2007-4131 VULNERABLE (tar) #253684 -CVE-2007-4029 VULNERABLE (libvorbis) #250600 +CVE-2007-4131 backport (tar) #253684 [since FEDORA-2007-683] +CVE-2007-4029 backport (libvorbis) #250600 [since FEDORA-2007-677] CVE-2007-4168 backport (libexif) #243892 [since FEDORA-2007-614] +CVE-2007-4000 backport (krb5) [since FEDORA-2007-690] +CVE-2007-3999 backport (krb5) [since FEDORA-2007-690] CVE-2007-3962 ignore (gftp) multiple buffer overflows in fsplib, not on Linux CVE-2007-3961 ignore (gftp) off-by-one error in fsplib CVE-2007-3852 backport (sysstat) #252296 [since FEDORA-2007-675] +CVE-2007-3848 version (kernel) [since FEDORA-2007-679] CVE-2007-3847 VULNERABLE (httpd) #250756 CVE-2007-3845 ignore (firefox) windows specific CVE-2007-3844 VULNERABLE (firefox) #250648 "fixed on next update" @@ -50,7 +53,7 @@ CVE-2007-3389 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628] CVE-2007-3387 VULNERABLE (poppler) #251513 CVE-2007-3387 backport (tetex) #251515 [since FEDORA-2007-669] -CVE-2007-3387 VULNERABLE (kdegraphics) #251511 +CVE-2007-3387 backport (kdegraphics) #251511 [since FEDORA-2007-685] CVE-2007-3387 backport (cups) #251519 [since FEDORA-2007-644] CVE-2007-3384 ignore (tomcat) only affects 3.3.x and just affects an example CVE-2007-3381 version (gdm, fixed 2.18.4) #250277 [since FEDORA-2007-653] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.92 retrieving revision 1.93 diff -u -r1.92 -r1.93 --- fc7 4 Sep 2007 21:12:24 -0000 1.92 +++ fc7 5 Sep 2007 08:30:51 -0000 1.93 @@ -6,22 +6,22 @@ # A couple of first F7 updates were marked as FEDORA-2007-0001 # Up to date CVE as of CVE email 20070829 -# Up to date FC7 as of 20070829 +# Up to date FC7 as of 20070905 -CVE-2007-4650 VULNERABLE (gallery2) #267421 -CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081 +CVE-2007-4650 version (gallery2) #267421 [since FEDORA-2007-2020] +CVE-2007-4629 version (mapserver, fixed 4.10.3) #272081 [since FEDORA-2007-2018] CVE-2007-4631 VULNERABLE (qgit) #268381 -CVE-2007-4565 VULNERABLE (fetchmail) #260861 +CVE-2007-4565 backport (fetchmail) #260861 [since FEDORA-2007-1983] CVE-2007-4560 VULNERABLE (clamav) #260583 CVE-2007-4559 VULNERABLE (python) tarfile module - directory traversal CVE-2007-4558 version (star, fixed 1.5a84) [since FEDORA-2007-1852] CVE-2007-4543 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853] -CVE-2007-4542 VULNERABLE (mapserver, fixed 4.10.3) #256561 +CVE-2007-4542 version (mapserver, fixed 4.10.3) #256561 [since FEDORA-2007-2018] CVE-2007-4539 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853] CVE-2007-4538 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853] -CVE-2007-4534 VULNERABLE (vavoom) #256621 -CVE-2007-4533 VULNERABLE (vavoom) #256621 -CVE-2007-4532 VULNERABLE (vavoom) #256621 +CVE-2007-4534 backport (vavoom) #256621 [since CVE-2007-4533] +CVE-2007-4533 backport (vavoom) #256621 [since CVE-2007-4533] +CVE-2007-4532 backport (vavoom) #256621 [since CVE-2007-4533] CVE-2007-4510 VULNERABLE (clamav, fixed 0.91.2) #253780 CVE-2007-4462 version (po4a) #253541 [since FEDORA-2007-1763] CVE-2007-4460 backport (id3lib) #253553 [since FEDORA-2007-1774] @@ -42,12 +42,14 @@ CVE-2007-4168 backport (libexif) #243892 [since FEDORA-2007-0414] CVE-2007-4153 ignore (wordpress) "remote authenticated administrators" CVE-2007-4154 ignore (wordpress) "remote authenticated administrators" -CVE-2007-4139 VULNERABLE (wordpress) #250751 +CVE-2007-4139 version (wordpress) #250751 [since FEDORA-2007-1885] CVE-2007-4134 version (star, fixed 1.5a84) #254128 [since FEDORA-2007-1852] -CVE-2007-4131 VULNERABLE (tar) #253684 +CVE-2007-4131 backport (tar) #253684 [since FEDORA-2007-1890] CVE-2007-4066 backport (libvorbis) #245991 [since FEDORA-2007-1765] CVE-2007-4065 backport (libvorbis) #245991 [since FEDORA-2007-1765] CVE-2007-4029 backport (libvorbis) #245991 [since FEDORA-2007-1765] +CVE-2007-4000 backport (krb5) [since FEDORA-2007-2017] +CVE-2007-3999 backport (krb5) [since FEDORA-2007-2017] CVE-2007-3962 ignore (gftp) multiple buffer overflows in fsplib, not on Linux CVE-2007-3961 ignore (gftp) off-by-one error in fsplib CVE-2007-3852 backport (sysstat) #252295 [since FEDORA-2007-1697] @@ -142,7 +144,7 @@ CVE-2007-3023 VULNERABLE (clamav, fixed 0.90.3) #245219 CVE-2007-3007 ignore (php) safe mode isn't safe *CVE-2007-2975 (openfire) -CVE-2007-2958 VULNERABLE (claws-mail) #254121 +CVE-2007-2958 version (claws-mail) #254121 [since FEDORA-2007-2009] CVE-2007-2958 backport (sylpheed) #254123 [since FEDORA-2007-1841] CVE-2007-2956 backport (qtpfsgui) #251674 [since FEDORA-2007-1581] CVE-2007-2949 version (gimp, fixed, 2.2.16) [since FEDORA-2007-0725] -- fedora-extras-commits mailing list fedora-extras-commits(a)redhat.com https://www.redhat.com/mailman/listinfo/fedora-extras-commits

16 years, 7 months

1
0
0 / 0

fedora-security/audit epel5,1.1,1.2

by fedora-extras-commits＠redhat.com

Author: kevin Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16925 Modified Files: epel5 Log Message: Process a bunch of epel5 entries Index: epel5 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/epel5,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- epel5 1 Sep 2007 18:49:37 -0000 1.1 +++ epel5 5 Sep 2007 04:53:03 -0000 1.2 @@ -109,58 +109,58 @@ *CVE-2006-5864 patch (gv, fixed 3.6.2-2) #215136 *CVE-2006-5848 version (trac, fixed 0.10.1) #215077 *CVE-2006-5815 version (proftpd, fixed 1.3.0a) #214820 -*CVE-2006-5602 version (xsupplicant, fixed 1.2.6) -*CVE-2006-5601 version (xsupplicant, fixed 1.2.8) #212700 -*CVE-2006-5455 patch (bugzilla, fixed 2.22-7) #212355 -*CVE-2006-5454 patch (bugzilla, fixed 2.22-7) #212355 -*CVE-2006-5453 patch (bugzilla, fixed 2.22-7) #212355 -*CVE-2006-5295 version (clamav, fixed 0.88.5) #210973 -*CVE-2006-5129 version (moodle, fixed 1.6.3) #206516 -*CVE-2006-5111 version (libksba, fixed 0.9.14) -*CVE-2006-4943 version (moodle, fixed 1.6.3) #206516 -*CVE-2006-4942 version (moodle, fixed 1.6.3) #206516 -*CVE-2006-4941 version (moodle, fixed 1.6.3) #206516 -*CVE-2006-4940 version (moodle, fixed 1.6.3) #206516 -*CVE-2006-4939 version (moodle, fixed 1.6.3) #206516 -*CVE-2006-4938 version (moodle, fixed 1.6.3) #206516 -*CVE-2006-4937 version (moodle, fixed 1.6.3) #206516 -*CVE-2006-4936 version (moodle, fixed 1.6.3) #206516 -*CVE-2006-4935 version (moodle, fixed 1.6.3) #206516 -*CVE-2006-4786 version (moodle, fixed 1.6.3) #206516 -*CVE-2006-4785 version (moodle, fixed 1.6.3) #206516 -*CVE-2006-4784 version (moodle, fixed 1.6.3) #206516 -*CVE-2006-4684 version (zope, fixed 2.9.2) -*CVE-2006-4249 patch (plone, fixed 2.5.1-3) #213983 -*CVE-2006-4248 ignore (thttpd, Debian specific issue) -*CVE-2006-4247 patch (plone, fixed 2.5-4) #209163 -*CVE-2006-4192 patch (libmodplug, fixed 0.8-3) -*CVE-2006-4182 version (clamav, fixed 0.88.5) #210973 -*CVE-2006-4018 version (clamav, fixed 0.88.4-1) #201688 -*CVE-2006-3458 patch (zope, fixed 2.9.3-3) #198106 -*CVE-2006-3178 ignore (chmlib, extract_chmLib not shipped) -*CVE-2006-2489 version (nagios, fixed 2.3.1) -*CVE-2006-2427 ignore (clamav) not an issue bz#192076 -*CVE-2006-2237 backport (awstats, fixed 6.5-5) bz#190923 -*CVE-2006-2162 version (nagios, fixed 2.3.1) bz#190612 -*CVE-2006-2017 version (dnsmasq, fixed 2.30) -*CVE-2006-1989 version (clamav, fixed 0.88.2) -*CVE-2006-1945 backport (awstats, fixed 6.5-4) bz#190922 awstats-6.5-CVE-2006-1945.patch -*CVE-2006-1711 version (plone, fixed 2.1.2) bz#188886 -*CVE-2006-1630 version (clamav, fixed 0.88.1) bz#188286 -*CVE-2006-1629 version (openvpn, fixed 2.0.6) bz#188050 -*CVE-2006-1615 version (clamav, fixed 0.88.1) bz#188286 -*CVE-2006-1614 version (clamav, fixed 0.88.1) bz#188286 -*CVE-2006-1566 ignore (libtunepimp, Debian-specific problem) -*CVE-2006-1498 version (mediawiki, fixed 1.5.8) bz#188122 -*CVE-2006-1390 ignore (nethack, Gentoo-specific problem) bz#187353 -*CVE-2006-1079 patch (thttpd, fixed 2.25b-11) bz#191095 -*CVE-2006-1078 patch (thttpd, fixed 2.25b-11) bz#191095 -*CVE-2006-0847 version (python-cherrypy, fixed 2.1.1) -*CVE-2006-0814 ignore (lighttpd, Windows-specific problem) -*CVE-2006-0760 version (lighttpd, fixed 1.4.10) -*CVE-2006-0458 version (irssi, fixed 0.8.10) bz#184509 -*CVE-2006-0322 version (mediawiki, fixed 1.5.8) -*CVE-2006-0162 version (clamav, fixed 0.88) -*CVE-2006-0106 version (wine, fixed 0.9.10) -*CVE-2006-0071 ignore (pinentry, Gentoo-specific problem) -*CVE-2005-4803 version (graphviz, fixed 2.2.1) +CVE-2006-5602 version (xsupplicant, fixed 1.2.6) +CVE-2006-5601 version (xsupplicant, fixed 1.2.8) #212700 +CVE-2006-5455 patch (bugzilla, fixed 2.22-7) #212355 +CVE-2006-5454 patch (bugzilla, fixed 2.22-7) #212355 +CVE-2006-5453 patch (bugzilla, fixed 2.22-7) #212355 +CVE-2006-5295 version (clamav, fixed 0.88.5) #210973 +CVE-2006-5129 version (moodle, fixed 1.6.3) #206516 +CVE-2006-5111 version (libksba, fixed 0.9.14) +CVE-2006-4943 version (moodle, fixed 1.6.3) #206516 +CVE-2006-4942 version (moodle, fixed 1.6.3) #206516 +CVE-2006-4941 version (moodle, fixed 1.6.3) #206516 +CVE-2006-4940 version (moodle, fixed 1.6.3) #206516 +CVE-2006-4939 version (moodle, fixed 1.6.3) #206516 +CVE-2006-4938 version (moodle, fixed 1.6.3) #206516 +CVE-2006-4937 version (moodle, fixed 1.6.3) #206516 +CVE-2006-4936 version (moodle, fixed 1.6.3) #206516 +CVE-2006-4935 version (moodle, fixed 1.6.3) #206516 +CVE-2006-4786 version (moodle, fixed 1.6.3) #206516 +CVE-2006-4785 version (moodle, fixed 1.6.3) #206516 +CVE-2006-4784 version (moodle, fixed 1.6.3) #206516 +CVE-2006-4684 version (zope, fixed 2.9.2) +CVE-2006-4249 version (plone, fixed 2.5.1-3) #213983 +CVE-2006-4248 ignore (thttpd, Debian specific issue) +CVE-2006-4247 patch (plone, fixed 2.5-4) #209163 +CVE-2006-4192 version (libmodplug, fixed 0.8-3) +CVE-2006-4182 version (clamav, fixed 0.88.5) #210973 +CVE-2006-4018 version (clamav, fixed 0.88.4-1) #201688 +CVE-2006-3458 version (zope, fixed 2.9.3-3) #198106 +CVE-2006-3178 ignore (chmlib, extract_chmLib not shipped) +CVE-2006-2489 version (nagios, fixed 2.3.1) +CVE-2006-2427 ignore (clamav) not an issue bz#192076 +CVE-2006-2237 version (awstats, fixed 6.5-5) bz#190923 +CVE-2006-2162 version (nagios, fixed 2.3.1) bz#190612 +CVE-2006-2017 version (dnsmasq, fixed 2.30) +CVE-2006-1989 version (clamav, fixed 0.88.2) +CVE-2006-1945 version (awstats, fixed 6.5-4) bz#190922 +CVE-2006-1711 version (plone, fixed 2.1.2) bz#188886 +CVE-2006-1630 version (clamav, fixed 0.88.1) bz#188286 +CVE-2006-1629 version (openvpn, fixed 2.0.6) bz#188050 +CVE-2006-1615 version (clamav, fixed 0.88.1) bz#188286 +CVE-2006-1614 version (clamav, fixed 0.88.1) bz#188286 +CVE-2006-1566 ignore (libtunepimp, Debian-specific problem) +CVE-2006-1498 version (mediawiki, fixed 1.5.8) bz#188122 +CVE-2006-1390 ignore (nethack, Gentoo-specific problem) bz#187353 +CVE-2006-1079 version (thttpd, fixed 2.25b-11) bz#191095 +CVE-2006-1078 version (thttpd, fixed 2.25b-11) bz#191095 +CVE-2006-0847 version (python-cherrypy, fixed 2.1.1) +CVE-2006-0814 ignore (lighttpd, Windows-specific problem) +CVE-2006-0760 version (lighttpd, fixed 1.4.10) +CVE-2006-0458 version (irssi, fixed 0.8.10) bz#184509 +CVE-2006-0322 version (mediawiki, fixed 1.5.8) +CVE-2006-0162 version (clamav, fixed 0.88) +CVE-2006-0106 version (wine, fixed 0.9.10) +CVE-2006-0071 ignore (pinentry, Gentoo-specific problem) +CVE-2005-4803 version (graphviz, fixed 2.2.1) -- fedora-extras-commits mailing list fedora-extras-commits(a)redhat.com https://www.redhat.com/mailman/listinfo/fedora-extras-commits

16 years, 7 months

1
0
0 / 0

fedora-security/audit fc6,1.250,1.251 fc7,1.91,1.92

by fedora-extras-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15261 Modified Files: fc6 fc7 Log Message: gd Index: fc6 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc6,v retrieving revision 1.250 retrieving revision 1.251 diff -u -r1.250 -r1.251 --- fc6 28 Aug 2007 16:44:20 -0000 1.250 +++ fc6 4 Sep 2007 21:12:24 -0000 1.251 @@ -35,6 +35,13 @@ CVE-2007-3642 version (kernel, fixed 2.6.22) [since FEDORA-2007-655] CVE-2007-3508 ignore (glibc) not an issue CVE-2007-3506 backport (freetype, fixed 2.3.4) #235479 [since FEDORA-2007-561] +CVE-2007-3478 VULNERABLE (gd, fixed 2.0.35) #277421 +CVE-2007-3477 VULNERABLE (gd, fixed 2.0.35) #277421 +CVE-2007-3476 VULNERABLE (gd, fixed 2.0.35) #277421 +CVE-2007-3475 VULNERABLE (gd, fixed 2.0.35) #277421 +CVE-2007-3474 VULNERABLE (gd, fixed 2.0.35) #277421 +CVE-2007-3473 VULNERABLE (gd, fixed 2.0.35) #277421 +CVE-2007-3472 VULNERABLE (gd, fixed 2.0.35) #277421 CVE-2007-3409 version (perl-Net-DNS, fixed 0.60) #245809 CVE-2007-3393 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628] CVE-2007-3392 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.91 retrieving revision 1.92 diff -u -r1.91 -r1.92 --- fc7 4 Sep 2007 17:00:52 -0000 1.91 +++ fc7 4 Sep 2007 21:12:24 -0000 1.92 @@ -86,13 +86,13 @@ CVE-2007-3508 ignore (glibc) not an issue CVE-2007-3506 version (freetype, fixed 2.3.4) #235479 [since FEDORA-2007-0033] CVE-2007-3507 version (flac123, fixed 0.0.10) #246322 [since FEDORA-2007-1045] -CVE-2007-3478 ** (gd) -CVE-2007-3477 ** (gd) -CVE-2007-3476 ** (gd) -CVE-2007-3475 ** (gd) -CVE-2007-3474 ** (gd) -CVE-2007-3473 ** (gd) -CVE-2007-3472 ** (gd) +CVE-2007-3478 VULNERABLE (gd, fixed 2.0.35) #277411 +CVE-2007-3477 VULNERABLE (gd, fixed 2.0.35) #277411 +CVE-2007-3476 VULNERABLE (gd, fixed 2.0.35) #277411 +CVE-2007-3475 VULNERABLE (gd, fixed 2.0.35) #277411 +CVE-2007-3474 VULNERABLE (gd, fixed 2.0.35) #277411 +CVE-2007-3473 VULNERABLE (gd, fixed 2.0.35) #277411 +CVE-2007-3472 VULNERABLE (gd, fixed 2.0.35) #277411 CVE-2007-3410 backport (HelixPlayer) #245838 [since FEDORA-2007-0756] CVE-2007-3409 version (perl-Net-DNS, fixed 0.60) #245807 CVE-2007-3393 version (wireshark, fixed 0.99.6) [since FEDORA-2007-0982] -- fedora-extras-commits mailing list fedora-extras-commits(a)redhat.com https://www.redhat.com/mailman/listinfo/fedora-extras-commits

16 years, 7 months

1
0
0 / 0

fedora-security/audit fc7,1.90,1.91

by fedora-extras-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7775 Modified Files: fc7 Log Message: CVE for gallery2 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.90 retrieving revision 1.91 diff -u -r1.90 -r1.91 --- fc7 4 Sep 2007 12:44:08 -0000 1.90 +++ fc7 4 Sep 2007 17:00:52 -0000 1.91 @@ -8,7 +8,7 @@ # Up to date CVE as of CVE email 20070829 # Up to date FC7 as of 20070829 -CVE-MAP-NOMATCH VULNERABLE (gallery2) #267421 +CVE-2007-4650 VULNERABLE (gallery2) #267421 CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081 CVE-2007-4631 VULNERABLE (qgit) #268381 CVE-2007-4565 VULNERABLE (fetchmail) #260861 -- fedora-extras-commits mailing list fedora-extras-commits(a)redhat.com https://www.redhat.com/mailman/listinfo/fedora-extras-commits

16 years, 7 months

1
0
0 / 0

fedora-security/audit fc7,1.89,1.90

by fedora-extras-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv30461 Modified Files: fc7 Log Message: Gallery2 WebdAv problems Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.89 retrieving revision 1.90 diff -u -r1.89 -r1.90 --- fc7 1 Sep 2007 18:12:28 -0000 1.89 +++ fc7 4 Sep 2007 12:44:08 -0000 1.90 @@ -8,6 +8,7 @@ # Up to date CVE as of CVE email 20070829 # Up to date FC7 as of 20070829 +CVE-MAP-NOMATCH VULNERABLE (gallery2) #267421 CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081 CVE-2007-4631 VULNERABLE (qgit) #268381 CVE-2007-4565 VULNERABLE (fetchmail) #260861 -- fedora-extras-commits mailing list fedora-extras-commits(a)redhat.com https://www.redhat.com/mailman/listinfo/fedora-extras-commits

16 years, 7 months

1
0
0 / 0

fedora-security/audit epel4,NONE,1.1 epel5,NONE,1.1

by fedora-extras-commits＠redhat.com

Author: kevin Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7006 Added Files: epel4 epel5 Log Message: Initial epel4 and epel5 audit files to check. --- NEW FILE epel4 --- # # ** are items that need attention # *CVE are items that need verification for EPEL-4 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) # Up to date CVE as of CVE email 20070829 # Up to date EPEL4 as of # *CVE-2007-4631 VULNERABLE (qgit) #268381 *CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081 *CVE-2007-4560 VULNERABLE (clamav) #260583 *CVE-2007-4543 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853] *CVE-2007-4542 VULNERABLE (mapserver, fixed 4.10.3) #256561 *CVE-2007-4539 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853] *CVE-2007-4538 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853] *CVE-2007-4510 VULNERABLE (clamav, fixed 0.91.2) #253780 *CVE-2007-4462 version (po4a) #253541 [since FEDORA-2007-1763] *CVE-2007-4400 VULNERABLE (konversation) #253545 *CVE-2007-4323 backport (denyhosts) #252291 [since FEDORA-2007-0589] *CVE-2007-4321 backport (fail2ban) #252290 [since FEDORA-2007-0621] version since FEDORA-2007-1643 *CVE-2007-3950 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299] *CVE-2007-3949 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299] *CVE-2007-3948 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299] *CVE-2007-3947 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299] *CVE-2007-3946 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299] *CVE-2007-3725 ** (clamav) *CVE-2007-3555 version (moodle) #247528 [since FEDORA-2007-1445] *CVE-2007-3209 ignore (mail-notification, shipped with SSL enabled) *CVE-2007-3153 version (c-ares, fixed 1.4.0) #243591 [since FEDORA-2007-0724] *CVE-2007-3152 version (c-ares, fixed 1.4.0) #243591 [since FEDORA-2007-0724] *CVE-2007-3123 VULNERABLE (clamav, fixed 0.90.3) #245219 *CVE-2007-3122 VULNERABLE (clamav, fixed 0.90.3) #245219 *CVE-2007-3113 VULNERABLE (cacti) #243592 *CVE-2007-3112 VULNERABLE (cacti) #243592 *CVE-2007-3025 ignore (clamav, Solaris only) *CVE-2007-3024 VULNERABLE (clamav, fixed 0.90.3) #245219 *CVE-2007-3023 VULNERABLE (clamav, fixed 0.90.3) #245219 *CVE-2007-2958 VULNERABLE (claws-mail) #254121 *CVE-2007-2865 version (phpPgAdmin, fixed 4.1.2) #241489 [since FEDORA-2007-0469] *CVE-2007-2721 patch (jasper, fixed 1.900.1-2) #240397 *CVE-2007-2650 version (clamav, fixed 0.90.3) #240395 [since FEDORA-2007-1154] *CVE-2007-2637 patch (moin, fixed 1.5.7-2) *CVE-2007-2423 patch (moin, fixed 1.5.7-2) #238722 *CVE-2007-2413 version (perl-Imager, fixed 0.57) #238615 *CVE-2007-2245 VULNERABLE (phpMyAdmin, fixed 2.10.1) #237882 *CVE-2007-2165 VULNERABLE (proftpd) #237533 *CVE-2007-2029 VULNERABLE (clamav, fixed 0.90.3) #245219 *CVE-2007-2016 ignore (phpMyAdmin, < 2.8.0.2 never shipped) *CVE-2007-1997 version (clamav, fixed in 0.90.2) *CVE-2007-1870 version (lighttpd, fixed 1.4.14) #236489 *CVE-2007-1869 version (lighttpd, fixed 1.4.14) #236489 *CVE-2007-1745 version (clamav, fixed in 0.90.2) #236703 *CVE-2007-1614 version (zziplib, fixed 0.13.49) #233700 *CVE-2007-1558 version (claws-mail, fixed 2.9.1) #237293 *CVE-2007-1547 version (nas, fixed 1.8a-2) #233353 *CVE-2007-1546 version (nas, fixed 1.8a-2) #233353 *CVE-2007-1545 version (nas, fixed 1.8a-2) #233353 *CVE-2007-1544 version (nas, fixed 1.8a-2) #233353 *CVE-2007-1543 version (nas, fixed 1.8a-2) #233353 *CVE-2007-1429 version (moodle, fixed 1.6.5) #232103 *CVE-2007-1406 version (trac, fixed 0.10.3.1) #231729 *CVE-2007-1405 version (trac, fixed 0.10.3.1) #231729 *CVE-2007-1395 version (phpMyAdmin, fixed 2.10.0.2) *CVE-2007-1359 patch (mod_security, fixed 2.1.0-3) #231728 *CVE-2007-1325 version (phpMyAdmin, fixed 2.10.0.2) *CVE-2007-1055 version (mediawiki, fixed 1.8.3) *CVE-2007-1054 version (mediawiki, fixed 1.9.3) [since FEDORA-2007-1442] *CVE-2007-0902 patch (moin, fixed 1.5.7-2) #228764 *CVE-2007-0901 patch (moin, fixed 1.5.7-2) #228764 *CVE-2007-0898 version (clamav, fixed 0.90) #229202 *CVE-2007-0897 version (clamav, fixed 0.90) #229202 *CVE-2007-0894 version (mediawiki, fixed 1.8.4) #228763 *CVE-2007-0857 version (moin, fixed 1.5.7) #228139 *CVE-2007-0619 version (chmlib, fixed 0.3.9) #225919 *CVE-2007-0341 ignore (phpMyAdmin, 2.8.x only) *CVE-2007-0242 patch (qt4, fixed 4.2.3-7) *CVE-2007-0240 patch (zope, fixed 2.9.6-2) #233378 *CVE-2007-0177 version (mediawiki, fixed 1.8.3) #221958 *CVE-2007-0095 VULNERABLE (phpMyAdmin) #221694 *CVE-2007-0007 version (gnucash, fixed 2.0.5) since [FEDORA-2007-256] #223233 *CVE-2006-6944 version (phpMyAdmin, fixed 2.9.1.1) *CVE-2006-6943 version (phpMyAdmin, fixed 2.9.1.1) *CVE-2006-6942 version (phpMyAdmin, fixed 2.9.1.1) *CVE-2006-6799 patch (cacti, fixed 0.8.6i-5) #222410 *CVE-2006-6693 ignore (zabbix, fixed 1.1.3, < 1.1.4 not shipped) *CVE-2006-6692 ignore (zabbix, fixed 1.1.3, < 1.1.4 not shipped) *CVE-2006-6626 version (moodle, fixed 1.6.5) #220041 *CVE-2006-6625 version (moodle, fixed 1.6.5) #220041 *CVE-2006-6563 backport (proftpd, fixed 1.3.0a-3) #219938 *CVE-2006-6481 version (clamav, fixed 0.88.7) *CVE-2006-6406 version (clamav, fixed 0.88.7) #219095 *CVE-2006-6374 ** (phpMyAdmin) #218853 *CVE-2006-6373 version (phpMyAdmin, fixed 2.9.1.1) #218853 *CVE-2006-6301 version (denyhosts, fixed 2.6-2) #218824 *CVE-2006-6171 patch (proftpd, fixed 1.3.0a-1) #214820 *CVE-2006-6170 patch (proftpd, fixed 1.3.0a-1) #214820 *CVE-2006-5874 version (clamav, fixed 0.88.1) *CVE-2006-5864 patch (gv, fixed 3.6.2-2) #215136 *CVE-2006-5848 version (trac, fixed 0.10.1) #215077 *CVE-2006-5815 version (proftpd, fixed 1.3.0a) #214820 *CVE-2006-5602 version (xsupplicant, fixed 1.2.6) *CVE-2006-5601 version (xsupplicant, fixed 1.2.8) #212700 *CVE-2006-5455 patch (bugzilla, fixed 2.22-7) #212355 *CVE-2006-5454 patch (bugzilla, fixed 2.22-7) #212355 *CVE-2006-5453 patch (bugzilla, fixed 2.22-7) #212355 *CVE-2006-5295 version (clamav, fixed 0.88.5) #210973 *CVE-2006-5129 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4943 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4942 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4941 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4940 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4939 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4938 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4937 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4936 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4935 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4786 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4785 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4784 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4684 version (zope, fixed 2.9.2) *CVE-2006-4249 patch (plone, fixed 2.5.1-3) #213983 *CVE-2006-4248 ignore (thttpd, Debian specific issue) *CVE-2006-4247 patch (plone, fixed 2.5-4) #209163 *CVE-2006-4182 version (clamav, fixed 0.88.5) #210973 *CVE-2006-4018 version (clamav, fixed 0.88.4-1) #201688 *CVE-2006-3458 patch (zope, fixed 2.9.3-3) #198106 *CVE-2006-3178 ignore (chmlib, extract_chmLib not shipped) *CVE-2006-2489 version (nagios, fixed 2.3.1) *CVE-2006-2427 ignore (clamav) not an issue bz#192076 *CVE-2006-2237 backport (awstats, fixed 6.5-5) bz#190923 *CVE-2006-2162 version (nagios, fixed 2.3.1) bz#190612 *CVE-2006-2017 version (dnsmasq, fixed 2.30) *CVE-2006-1989 version (clamav, fixed 0.88.2) *CVE-2006-1945 backport (awstats, fixed 6.5-4) bz#190922 awstats-6.5-CVE-2006-1945.patch *CVE-2006-1711 version (plone, fixed 2.1.2) bz#188886 *CVE-2006-1630 version (clamav, fixed 0.88.1) bz#188286 *CVE-2006-1629 version (openvpn, fixed 2.0.6) bz#188050 *CVE-2006-1615 version (clamav, fixed 0.88.1) bz#188286 *CVE-2006-1614 version (clamav, fixed 0.88.1) bz#188286 *CVE-2006-1566 ignore (libtunepimp, Debian-specific problem) *CVE-2006-1498 version (mediawiki, fixed 1.5.8) bz#188122 *CVE-2006-1079 patch (thttpd, fixed 2.25b-11) bz#191095 *CVE-2006-1078 patch (thttpd, fixed 2.25b-11) bz#191095 *CVE-2006-0814 ignore (lighttpd, Windows-specific problem) *CVE-2006-0760 version (lighttpd, fixed 1.4.10) *CVE-2006-0458 version (irssi, fixed 0.8.10) bz#184509 *CVE-2006-0322 version (mediawiki, fixed 1.5.8) *CVE-2006-0162 version (clamav, fixed 0.88) *CVE-2006-0126 version (rxvt-unicode, fixed 7.5) *CVE-2006-0106 version (wine, fixed 0.9.10) *CVE-2006-0071 ignore (pinentry, Gentoo-specific problem) *CVE-2005-4803 version (graphviz, fixed 2.2.1) *CVE-2004-1096 version (perl-Archive-Zip, fixed 1.14) --- NEW FILE epel5 --- # # ** are items that need attention # *CVE are items that need verification for EPEL-5 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) # Up to date CVE as of CVE email 20070829 # Up to date EPEL5 as of # *CVE-2007-4631 VULNERABLE (qgit) #268381 *CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081 *CVE-2007-4560 VULNERABLE (clamav) #260583 *CVE-2007-4543 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853] *CVE-2007-4542 VULNERABLE (mapserver, fixed 4.10.3) #256561 *CVE-2007-4539 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853] *CVE-2007-4538 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853] *CVE-2007-4510 VULNERABLE (clamav, fixed 0.91.2) #253780 *CVE-2007-4462 version (po4a) #253541 [since FEDORA-2007-1763] *CVE-2007-4400 VULNERABLE (konversation) #253545 *CVE-2007-4323 backport (denyhosts) #252291 [since FEDORA-2007-0589] *CVE-2007-4321 backport (fail2ban) #252290 [since FEDORA-2007-0621] version since FEDORA-2007-1643 *CVE-2007-3950 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299] *CVE-2007-3949 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299] *CVE-2007-3948 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299] *CVE-2007-3947 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299] *CVE-2007-3946 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299] *CVE-2007-3725 ** (clamav) *CVE-2007-3628 version (php-pear-Structures-DataGrid-DataSource-MDB2, fixed 0.1.10) *CVE-2007-3555 version (moodle) #247528 [since FEDORA-2007-1445] *CVE-2007-3528 version (dar, fixed 2.3.4) #246760 [since FEDORA-2007-0904] *CVE-2007-3387 version (xpdf, fixed 3.02pl1) [since FEDORA-2007-1383] *CVE-2007-3209 ignore (mail-notification, shipped with SSL enabled) *CVE-2007-3153 version (c-ares, fixed 1.4.0) #243591 [since FEDORA-2007-0724] *CVE-2007-3152 version (c-ares, fixed 1.4.0) #243591 [since FEDORA-2007-0724] *CVE-2007-3123 VULNERABLE (clamav, fixed 0.90.3) #245219 *CVE-2007-3122 VULNERABLE (clamav, fixed 0.90.3) #245219 *CVE-2007-3113 VULNERABLE (cacti) #243592 *CVE-2007-3112 VULNERABLE (cacti) #243592 *CVE-2007-3025 ignore (clamav, Solaris only) *CVE-2007-3024 VULNERABLE (clamav, fixed 0.90.3) #245219 *CVE-2007-3023 VULNERABLE (clamav, fixed 0.90.3) #245219 *CVE-2007-2865 version (phpPgAdmin, fixed 4.1.2) #241489 [since FEDORA-2007-0469] *CVE-2007-2721 patch (jasper, fixed 1.900.1-2) #240397 *CVE-2007-2650 version (clamav, fixed 0.90.3) #240395 [since FEDORA-2007-1154] *CVE-2007-2637 patch (moin, fixed 1.5.7-2) *CVE-2007-2423 patch (moin, fixed 1.5.7-2) #238722 *CVE-2007-2413 version (perl-Imager, fixed 0.57) #238615 *CVE-2007-2245 VULNERABLE (phpMyAdmin, fixed 2.10.1) #237882 *CVE-2007-2165 VULNERABLE (proftpd) #237533 *CVE-2007-2029 VULNERABLE (clamav, fixed 0.90.3) #245219 *CVE-2007-2016 ignore (phpMyAdmin, < 2.8.0.2 never shipped) *CVE-2007-1997 version (clamav, fixed in 0.90.2) *CVE-2007-1870 version (lighttpd, fixed 1.4.14) #236489 *CVE-2007-1869 version (lighttpd, fixed 1.4.14) #236489 *CVE-2007-1745 version (clamav, fixed in 0.90.2) #236703 *CVE-2007-1614 version (zziplib, fixed 0.13.49) #233700 *CVE-2007-1547 version (nas, fixed 1.8a-2) #233353 *CVE-2007-1546 version (nas, fixed 1.8a-2) #233353 *CVE-2007-1545 version (nas, fixed 1.8a-2) #233353 *CVE-2007-1544 version (nas, fixed 1.8a-2) #233353 *CVE-2007-1543 version (nas, fixed 1.8a-2) #233353 *CVE-2007-1515 version (imp, fixed 4.1.4) *CVE-2007-1474 version (horde, fixed 3.1.4) *CVE-2007-1474 ignore (imp, < 4.x only) *CVE-2007-1473 version (horde, fixed 3.1.4) *CVE-2007-1429 version (moodle, fixed 1.6.5) #232103 *CVE-2007-1406 version (trac, fixed 0.10.3.1) #231729 *CVE-2007-1405 version (trac, fixed 0.10.3.1) #231729 *CVE-2007-1399 version (php-pecl-zip, fixed 1.8.5) *CVE-2007-1395 version (phpMyAdmin, fixed 2.10.0.2) *CVE-2007-1359 patch (mod_security, fixed 2.1.0-3) #231728 *CVE-2007-1325 version (phpMyAdmin, fixed 2.10.0.2) *CVE-2007-1263 version (gpgme, fixed 1.1.4) *CVE-2007-1055 version (mediawiki, fixed 1.8.3) *CVE-2007-1054 version (mediawiki, fixed 1.9.3) [since FEDORA-2007-1442] *CVE-2007-0902 patch (moin, fixed 1.5.7-2) #228764 *CVE-2007-0901 patch (moin, fixed 1.5.7-2) #228764 *CVE-2007-0898 version (clamav, fixed 0.90) #229202 *CVE-2007-0897 version (clamav, fixed 0.90) #229202 *CVE-2007-0894 version (mediawiki, fixed 1.8.4) #228763 *CVE-2007-0857 version (moin, fixed 1.5.7) #228139 *CVE-2007-0619 version (chmlib, fixed 0.3.9) #225919 *CVE-2007-0469 version (rubygems, fixed 0.9.1) *CVE-2007-0341 ignore (phpMyAdmin, 2.8.x only) *CVE-2007-0242 patch (qt4, fixed 4.2.3-7) *CVE-2007-0240 patch (zope, fixed 2.9.6-2) #233378 *CVE-2007-0177 version (mediawiki, fixed 1.8.3) #221958 *CVE-2007-0095 VULNERABLE (phpMyAdmin) #221694 *CVE-2007-0007 version (gnucash, fixed 2.0.5) since [FEDORA-2007-256] #223233 *CVE-2006-6944 version (phpMyAdmin, fixed 2.9.1.1) *CVE-2006-6943 version (phpMyAdmin, fixed 2.9.1.1) *CVE-2006-6942 version (phpMyAdmin, fixed 2.9.1.1) *CVE-2006-6799 patch (cacti, fixed 0.8.6i-5) #222410 *CVE-2006-6693 ignore (zabbix, fixed 1.1.3, < 1.1.4 not shipped) *CVE-2006-6692 ignore (zabbix, fixed 1.1.3, < 1.1.4 not shipped) *CVE-2006-6626 version (moodle, fixed 1.6.5) #220041 *CVE-2006-6625 version (moodle, fixed 1.6.5) #220041 *CVE-2006-6563 backport (proftpd, fixed 1.3.0a-3) #219938 *CVE-2006-6481 version (clamav, fixed 0.88.7) *CVE-2006-6406 version (clamav, fixed 0.88.7) #219095 *CVE-2006-6374 ** (phpMyAdmin) #218853 *CVE-2006-6373 version (phpMyAdmin, fixed 2.9.1.1) #218853 *CVE-2006-6301 version (denyhosts, fixed 2.6-2) #218824 *CVE-2006-6235 patch (gnupg2, fixed 2.0.1-2) #218821 *CVE-2006-6171 patch (proftpd, fixed 1.3.0a-1) #214820 *CVE-2006-6170 patch (proftpd, fixed 1.3.0a-1) #214820 *CVE-2006-6169 version (gnupg2, fixed 2.0.1) #217950 *CVE-2006-6085 version (kile, fixed 1.9.3) #217238 *CVE-2006-5874 version (clamav, fixed 0.88.1) *CVE-2006-5864 patch (gv, fixed 3.6.2-2) #215136 *CVE-2006-5848 version (trac, fixed 0.10.1) #215077 *CVE-2006-5815 version (proftpd, fixed 1.3.0a) #214820 *CVE-2006-5602 version (xsupplicant, fixed 1.2.6) *CVE-2006-5601 version (xsupplicant, fixed 1.2.8) #212700 *CVE-2006-5455 patch (bugzilla, fixed 2.22-7) #212355 *CVE-2006-5454 patch (bugzilla, fixed 2.22-7) #212355 *CVE-2006-5453 patch (bugzilla, fixed 2.22-7) #212355 *CVE-2006-5295 version (clamav, fixed 0.88.5) #210973 *CVE-2006-5129 version (moodle, fixed 1.6.3) #206516 *CVE-2006-5111 version (libksba, fixed 0.9.14) *CVE-2006-4943 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4942 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4941 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4940 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4939 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4938 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4937 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4936 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4935 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4786 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4785 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4784 version (moodle, fixed 1.6.3) #206516 *CVE-2006-4684 version (zope, fixed 2.9.2) *CVE-2006-4249 patch (plone, fixed 2.5.1-3) #213983 *CVE-2006-4248 ignore (thttpd, Debian specific issue) *CVE-2006-4247 patch (plone, fixed 2.5-4) #209163 *CVE-2006-4192 patch (libmodplug, fixed 0.8-3) *CVE-2006-4182 version (clamav, fixed 0.88.5) #210973 *CVE-2006-4018 version (clamav, fixed 0.88.4-1) #201688 *CVE-2006-3458 patch (zope, fixed 2.9.3-3) #198106 *CVE-2006-3178 ignore (chmlib, extract_chmLib not shipped) *CVE-2006-2489 version (nagios, fixed 2.3.1) *CVE-2006-2427 ignore (clamav) not an issue bz#192076 *CVE-2006-2237 backport (awstats, fixed 6.5-5) bz#190923 *CVE-2006-2162 version (nagios, fixed 2.3.1) bz#190612 *CVE-2006-2017 version (dnsmasq, fixed 2.30) *CVE-2006-1989 version (clamav, fixed 0.88.2) *CVE-2006-1945 backport (awstats, fixed 6.5-4) bz#190922 awstats-6.5-CVE-2006-1945.patch *CVE-2006-1711 version (plone, fixed 2.1.2) bz#188886 *CVE-2006-1630 version (clamav, fixed 0.88.1) bz#188286 *CVE-2006-1629 version (openvpn, fixed 2.0.6) bz#188050 *CVE-2006-1615 version (clamav, fixed 0.88.1) bz#188286 *CVE-2006-1614 version (clamav, fixed 0.88.1) bz#188286 *CVE-2006-1566 ignore (libtunepimp, Debian-specific problem) *CVE-2006-1498 version (mediawiki, fixed 1.5.8) bz#188122 *CVE-2006-1390 ignore (nethack, Gentoo-specific problem) bz#187353 *CVE-2006-1079 patch (thttpd, fixed 2.25b-11) bz#191095 *CVE-2006-1078 patch (thttpd, fixed 2.25b-11) bz#191095 *CVE-2006-0847 version (python-cherrypy, fixed 2.1.1) *CVE-2006-0814 ignore (lighttpd, Windows-specific problem) *CVE-2006-0760 version (lighttpd, fixed 1.4.10) *CVE-2006-0458 version (irssi, fixed 0.8.10) bz#184509 *CVE-2006-0322 version (mediawiki, fixed 1.5.8) *CVE-2006-0162 version (clamav, fixed 0.88) *CVE-2006-0106 version (wine, fixed 0.9.10) *CVE-2006-0071 ignore (pinentry, Gentoo-specific problem) *CVE-2005-4803 version (graphviz, fixed 2.2.1) -- fedora-extras-commits mailing list fedora-extras-commits(a)redhat.com https://www.redhat.com/mailman/listinfo/fedora-extras-commits

16 years, 7 months

1
0
0 / 0

fedora-security/audit fc7,1.88,1.89

by fedora-extras-commits＠redhat.com

Author: kevin Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6162 Modified Files: fc7 Log Message: Fix some typos Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.88 retrieving revision 1.89 diff -u -r1.88 -r1.89 --- fc7 1 Sep 2007 06:21:24 -0000 1.88 +++ fc7 1 Sep 2007 18:12:28 -0000 1.89 @@ -365,7 +365,7 @@ CVE-2007-0777 version (seamonkey, fixed 1.0.8) CVE-2007-0775 version (seamonkey, fixed 1.0.8) *CVE-2007-0774 (mod_jk) -VE-2007-0772 version (kernel, fixed 2.6.20.1) [since FEDORA-2007-291] +CVE-2007-0772 version (kernel, fixed 2.6.20.1) [since FEDORA-2007-291] CVE-2007-0771 patch (kernel, fixed 2.6.20-1.2933) #227952 CVE-2007-0770 patch (GraphicsMagick, fixed 1.1.7-7) #228758 CVE-2007-0770 ignore (ImageMagick) only if incomplete CVE-2006-5456 @@ -608,7 +608,7 @@ CVE-2006-5330 ignore, no-ship (flash-plugin) *CVE-2006-5298 backport (mutt) [since FEDORA-2006-1063] *CVE-2006-5297 backport (mutt) [since FEDORA-2006-1063] -VE-2006-5295 version (clamav, fixed 0.88.5) #210973 +CVE-2006-5295 version (clamav, fixed 0.88.5) #210973 *CVE-2006-5276 VULNERABLE (snort) #229265 CVE-2006-5229 ignore (openssh) not reproduced CVE-2006-5215 backport (xorg-x11-xinit) #212167 [since FEDORA-2007-1409] @@ -1242,7 +1242,7 @@ *CVE-2006-0017 (fedora directory server) *CVE-2006-0016 (fedora directory server) *CVE-2005-4838 (tomcat) -VE-2005-4837 version (net-snmp, fixed 5.2.2) +CVE-2005-4837 version (net-snmp, fixed 5.2.2) *CVE-2005-4836 (tomcat) CVE-2005-4811 version (kernel, fixed 2.6.13) CVE-2005-4809 VULNERABLE (firefox) @@ -1381,7 +1381,7 @@ *CVE-2005-3192 backport (tetex) tetex-3.0-CVE-2005-3193.patch CVE-2005-3191 version (poppler, fixed 0.4.4) CVE-2005-3191 version (kdegraphics, fixed 3.5.1) -VE-2005-3191 version (cups, fixed 1.2.0) +CVE-2005-3191 version (cups, fixed 1.2.0) *CVE-2005-3191 backport (tetex) tetex-3.0-CVE-2005-3193.patch CVE-2005-3186 version (gtk2, fixed 2.8.7 at least) CVE-2005-3185 version (wget, fixed 1.10.2 at least) @@ -1400,7 +1400,7 @@ CVE-2005-3107 version (kernel, fixed 2.6.11) CVE-2005-3106 version (kernel, fixed 2.6.11) CVE-2005-3105 version (kernel, fixed 2.6.12) -VE-2005-3089 version (firefox, fixed 1.0.7) +CVE-2005-3089 version (firefox, fixed 1.0.7) CVE-2005-3088 ignore (fetchmail) fetchmailconf not shipped CVE-2005-3055 version (kernel, fixed 2.6.14) CVE-2005-3054 ignore (php) @@ -2724,7 +2724,7 @@ CVE-2002-0069 version (squid, fixed 2.4STABLE4) CVE-2002-0068 version (squid, fixed 2.4STABLE4) CVE-2002-0067 version (squid, fixed 2.4STABLE4) -VE-2002-0063 version (cups, fixed 1.1.14) +CVE-2002-0063 version (cups, fixed 1.1.14) CVE-2002-0062 version (ncurses, only 5.0) CVE-2002-0060 version (kernel, fixed 2.5.5) *CVE-2002-0059 ** zlib (cvs, dump, gcc, libgcj, kernel, vnc) -- fedora-extras-commits mailing list fedora-extras-commits(a)redhat.com https://www.redhat.com/mailman/listinfo/fedora-extras-commits

16 years, 7 months

1
0
0 / 0

← Newer
1
2
3
4
5
6
7
Older →