Author: kevin Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8876 Modified Files: fc7 Log Message: Mark last batch done. Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- fc7 12 Jun 2007 19:02:04 -0000 1.3 +++ fc7 12 Jun 2007 19:18:56 -0000 1.4 @@ -160,7 +160,7 @@ *CVE-2007-1244 version (wordpress, fixed 2.1.2) #230898 *CVE-2007-1230 version (wordpress, fixed 2.1.2) *CVE-2007-1218 backport (tcpdump) 232349 [since FEDORA-2007-347] -*CVE-2007-1216 patch (krb5, fixed 1.6-3) #231537 +CVE-2007-1216 patch (krb5, fixed 1.6-3) #231537 *CVE-2007-1103 VULNERABLE (tor) #230927 *CVE-2007-1092 version (seamonkey, fixed 1.0.8) *CVE-2007-1055 version (mediawiki, fixed 1.8.3) @@ -183,8 +183,8 @@ *CVE-2007-0988 (php) *CVE-2007-0981 VULNERABLE (firefox, ...) *CVE-2007-0981 version (seamonkey, fixed 1.0.8) #229253 -*CVE-2007-0957 patch (krb5, fixed 1.6-3) #231528 -*CVE-2007-0956 patch (krb5, fixed 1.6-3) #229782 +CVE-2007-0957 patch (krb5, fixed 1.6-3) #231528 +CVE-2007-0956 patch (krb5, fixed 1.6-3) #229782 *CVE-2007-0911 (php) *CVE-2007-0910 (php) *CVE-2007-0909 (php) @@ -246,7 +246,7 @@ *CVE-2007-0262 version (wordpress, fixed 2.1-0) #223101 *CVE-2007-0248 version (squid, fixed 2.6.STABLE7) [since FEDORA-2007-073] *CVE-2007-0247 version (squid, fixed 2.6.STABLE7) #222883 [since FEDORA-2007-073] -*CVE-2007-0243 ignore, no-ship (java-ibm) +CVE-2007-0243 ignore, no-ship (java-ibm) *CVE-2007-0242 patch (qt4, fixed 4.2.3-7) *CVE-2007-0240 patch (zope, fixed 2.9.6-2) #233378 *CVE-2007-0239 (openoffice.org) @@ -264,10 +264,10 @@ *CVE-2007-0095 VULNERABLE (phpMyAdmin) #221694 *CVE-2007-0086 ignore (apache) not a security issue *CVE-2007-0080 (freeradius) -*CVE-2007-0048 ignore, no-ship (acroread) -*CVE-2007-0046 ignore, no-ship (acroread) -*CVE-2007-0045 ignore, no-ship (acroread) -*CVE-2007-0044 ignore, no-ship (acroread) +CVE-2007-0048 ignore, no-ship (acroread) +CVE-2007-0046 ignore, no-ship (acroread) +CVE-2007-0045 ignore, no-ship (acroread) +CVE-2007-0044 ignore, no-ship (acroread) *CVE-2007-0010 (gtk2) *CVE-2007-0009 version (nss, fixed 3.11.5) (nspr, fixed 4.6.5) [since FEDORA-2007-279] *CVE-2007-0009 ignore (seamonkey, uses system NSS) @@ -345,15 +345,15 @@ *CVE-2006-6301 version (denyhosts, fixed 2.6-2) #218824 *CVE-2006-6297 ignore (kdegraphics) just a crash *CVE-2006-6238 (konqueror) probably safari only -*CVE-2006-6236 ignore, no-ship (acroread) +CVE-2006-6236 ignore, no-ship (acroread) *CVE-2006-6235 patch (gnupg2, fixed 2.0.1-2) #218821 *CVE-2006-6235 backport (gnupg, fixed 1.4.6) [since FEDORA-2006-1406] *CVE-2006-6171 patch (proftpd, fixed 1.3.0a-1) #214820 *CVE-2006-6170 patch (proftpd, fixed 1.3.0a-1) #214820 *CVE-2006-6169 version (gnupg2, fixed 2.0.1) #217950 *CVE-2006-6169 backport (gnupg, fixed 1.4.6) [since FEDORA-2006-1406] -*CVE-2006-6144 patch (krb5, fixed 1.5-14) #218456 -*CVE-2006-6143 patch (krb5, fixed 1.5-14) #218456 +CVE-2006-6144 patch (krb5, fixed 1.5-14) #218456 +CVE-2006-6143 patch (krb5, fixed 1.5-14) #218456 *CVE-2006-6142 backport (squirrelmail) #218297 [since FEDORA-2007-089] *CVE-2006-6128 VULNERABLE (kernel, fixed **) *CVE-2006-6122 ignore (tin, <= 1.8.1 not shipped) @@ -374,7 +374,7 @@ *CVE-2006-6056 version (kernel, fixed 2.6.19) [since FEDORA-2007-058] was backport since FEDORA-2006-1471 *CVE-2006-6054 version (kernel, fixed fixed 2.6.19.2) [since FEDORA-2007-058] *CVE-2006-6053 version (kernel, fixed 2.6.19.2) [since FEDORA-2007-058] was backport since FEDORA-2006-1223 -*CVE-2006-6027 ignore, no-ship (acroread) +CVE-2006-6027 ignore, no-ship (acroread) *CVE-2006-6015 (pcre) *CVE-2006-5989 ignore (mod_auth_kerb) did not affect fc6 *CVE-2006-5974 ignore (fetchmail, fixed 6.3.6) only 6.3.5 @@ -391,7 +391,7 @@ *CVE-2006-5867 version (fetchmail, fixed 6.3.6) #221984 [since FEDORA-2007-042] *CVE-2006-5864 VULNERABLE (evince) #217672 *CVE-2006-5864 patch (gv, fixed 3.6.2-2) #215136 -*CVE-2006-5857 ignore, no-ship (acroread) +CVE-2006-5857 ignore, no-ship (acroread) *CVE-2006-5848 version (trac, fixed 0.10.1) #215077 *CVE-2006-5823 version (kernel, fixed 2.6.19.2) [since FEDORA-2007-058] was backport since FEDORA-2006-1223 *CVE-2006-5815 version (proftpd, fixed 1.3.0a) #214820 @@ -444,7 +444,7 @@ *CVE-2006-5453 patch (bugzilla, fixed 2.22-7) #212355 *CVE-2006-5397 VULNERABLE (libX11, 1.0.2 and 1.0.3 only) #213280 *CVE-2006-5331 version (kernel, fixed 2.6.19) [since FEDORA-2007-058] -*CVE-2006-5330 ignore, no-ship (flash-plugin) +CVE-2006-5330 ignore, no-ship (flash-plugin) *CVE-2006-5298 backport (mutt) [since FEDORA-2006-1063] *CVE-2006-5297 backport (mutt) [since FEDORA-2006-1063] *CVE-2006-5295 version (clamav, fixed 0.88.5) #210973 @@ -501,7 +501,7 @@ *CVE-2006-4743 ignore (wordpress, dupe of an old non-issue) #206514 *CVE-2006-4684 version (zope, fixed 2.9.2) *CVE-2006-4663 ignore (kernel) not a vulnerability -*CVE-2006-4640 ignore, no-ship (flash-plugin) +CVE-2006-4640 ignore, no-ship (flash-plugin) *CVE-2006-4625 ignore (php) safe mode isn't safe *CVE-2006-4624 version (mailman, fixed 2.1.9rc1) *CVE-2006-4623 version (kernel, fixed 2.6.18-rc1) @@ -658,7 +658,7 @@ *CVE-2006-3627 version (wireshark, fixed 0.99.2) *CVE-2006-3626 version (kernel, fixed 2.6.17.6) *CVE-2006-3619 version (gcc, fixed 4.1.1-20060828 at least) -*CVE-2006-3587 ignore, no-ship (flash-plugin) +CVE-2006-3587 ignore, no-ship (flash-plugin) *CVE-2006-3582 version (adplug, fixed 2.0.1-1) #198108 *CVE-2006-3581 version (adplug, fixed 2.0.1-1) #198108 *CVE-2006-3486 ignore (mysql, fixed 5.0.23) not exploitable @@ -682,7 +682,7 @@ *CVE-2006-3376 backport (libwmf) from changelog *CVE-2006-3352 ignore (firefox) not a vulnerability *CVE-2006-3334 ignore (libpng, fixed 1.2.12) not exploitable -*CVE-2006-3311 ignore, no-ship (flash-plugin) +CVE-2006-3311 ignore, no-ship (flash-plugin) *CVE-2006-3276 (helixplayer) *CVE-2006-3242 version (mutt, fixed 1.4.2.2, 1.5.12) *CVE-2006-3178 ignore (chmlib, extract_chmLib not shipped) @@ -1095,7 +1095,7 @@ *CVE-2006-0037 version (kernel, only 2.6.14 and 2.6.15) *CVE-2006-0036 version (kernel, only 2.6.14 and 2.6.15) *CVE-2006-0035 version (kernel, only 2.6.14 and 2.6.15) -*CVE-2006-0024 ignore, no-ship (flash-plugin) +CVE-2006-0024 ignore, no-ship (flash-plugin) *CVE-2006-0019 version (kdelibs, fixed 3.5.1) *CVE-2006-0017 (fedora directory server) *CVE-2006-0016 (fedora directory server) @@ -1190,7 +1190,7 @@ *CVE-2005-3624 version (cups, fixed 1.2.0) *CVE-2005-3624 backport (tetex) *CVE-2005-3623 version (kernel, fixed 2.6.14.5) -*CVE-2005-3591 ignore, no-ship (flash-plugin) +CVE-2005-3591 ignore, no-ship (flash-plugin) *CVE-2005-3582 version (ImageMagick) gentoo only *CVE-2005-3573 version (mailman, fixed 2.1.7) *CVE-2005-3527 version (kernel, fixed 2.6.14) @@ -1323,7 +1323,7 @@ *CVE-2005-2642 version (mutt) openbsd only *CVE-2005-2641 version (nss_ldap, fixed pam_ldap:180) *CVE-2005-2629 (helixplayer) -*CVE-2005-2628 ignore, no-ship (flash-plugin) +CVE-2005-2628 ignore, no-ship (flash-plugin) *CVE-2005-2617 version (kernel, fixed 2.6.12.5) *CVE-2005-2602 ignore (thunderbird) probably *CVE-2005-2602 ignore (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=237085 @@ -2071,7 +2071,7 @@ *CVE-2004-0226 version (mc, fixed 4.6.0) *CVE-2004-0189 version (squid, fixed 2.5.STABLE5) *CVE-2004-0186 version (samba, not 3.0.2a) -*CVE-2004-0185 ignore, no-ship (wu-ftpd) +CVE-2004-0185 ignore, no-ship (wu-ftpd) *CVE-2004-0184 version (tcpdump, fixed 3.8.2) *CVE-2004-0183 version (tcpdump, fixed 3.8.2) *CVE-2004-0182 version (mailman) only affected Red Hat packages @@ -2126,7 +2126,7 @@ *CVE-2004-0005 version (gaim, fixed 0.76) *CVE-2004-0003 version (kernel, not 2.6) *CVE-2004-0001 version (kernel, not 2.6) -*CVE-2003-1329 ignore, no-ship (wu-ftpd) +CVE-2003-1329 ignore, no-ship (wu-ftpd) *CVE-2003-1307 ignore (mod_php) not a vulnerability *CVE-2003-1303 version (php, fixed 4.3.3) *CVE-2003-1302 version (php, fixed 4.3.1) @@ -2602,17 +2602,17 @@ *CVE-2001-1494 version (util-linux, fixed 2.11n) *CVE-2001-1429 (mc) *CVE-2001-0955 version (XFree86, fixed 4.2.0) -*CVE-2001-0935 ignore, no-ship (wu-ftpd) +CVE-2001-0935 ignore, no-ship (wu-ftpd) *CVE-2001-0474 version (mesa, fixed 3.3-14) *CVE-2001-0310 (sort) *CVE-2001-0235 (vixie-cron) -*CVE-2001-0187 ignore, no-ship (wu-ftpd) +CVE-2001-0187 ignore, no-ship (wu-ftpd) *CVE-2000-1199 backport (htdig) fixed htdig-3.2.0b6-unescaped_output.patch *CVE-2000-1137 (ed) *CVE-2000-0992 (krb5) *CVE-2000-0504 version (libICE, fixed XFree86:4.0.1) *CVE-1999-1572 backport (cpio) cpio-2.6-umask.patch *CVE-1999-1332 (gzip) -*CVE-1999-0997 ignore, no-ship (wu-ftpd) +CVE-1999-0997 ignore, no-ship (wu-ftpd) *CVE-1999-0710 (squid) *CVE-1999-0103 (bind) -- fedora-extras-commits mailing list fedora-extras-commits@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-extras-commits -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list