fedora-security/audit fc7,1.20,1.21

"Kevin Fenzi" (kevin) <fedora-extras-commits@xxxxxxxxxx> · Wed, 20 Jun 2007 23:33:00 -0400

Author: kevin

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19370

Modified Files:
	fc7 
Log Message:
Process clamav



Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21

--- fc7	20 Jun 2007 20:27:27 -0000	1.20
+++ fc7	21 Jun 2007 03:32:57 -0000	1.21
@@ -13,7 +13,7 @@
 *CVE-2007-3121 version (zvbi, fixed 0.2.25)
 *CVE-2007-3113 VULNERABLE (cacti) #243592
 *CVE-2007-3112 VULNERABLE (cacti) #243592
-*CVE-2007-3025 ignore (clamav, Solaris only)
+CVE-2007-3025 ignore (clamav, Solaris only)
 *CVE-2007-3007 ignore (php) safe mode isn't safe
 *CVE-2007-2975 (openfire)
 *CVE-2007-2894 VULNERABLE (bochs) #241799
@@ -36,7 +36,7 @@
 *CVE-2007-2721 patch (jasper, fixed 1.900.1-2) #240397
 *CVE-2007-2683 (mutt)
 *CVE-2007-2654 VULNERABLE (xfsdump) #240396
-*CVE-2007-2650 ** (clamav) #240395
+CVE-2007-2650 VULNERABLE (clamav, fixed in 0.90.3) #240395
 *CVE-2007-2645 ignore (libexif) #240055 DoS only
 *CVE-2007-2637 patch (moin, fixed 1.5.7-2)
 *CVE-2007-2627 ** (wordpress) #239904
@@ -70,11 +70,11 @@
 *CVE-2007-2165 VULNERABLE (proftpd) #237533
 *CVE-2007-2138 (postgresql)
 *CVE-2007-2057 version (aircrack-ng, fixed 0.8-0.1)
-*CVE-2007-2029 ignore (clamav, 0.90/0.90.1 only)
+CVE-2007-2029 VULNERABLE (clamav, fixed 0.90.3)
 *CVE-2007-2028 (freeradius)
 *CVE-2007-2026 (file)
 *CVE-2007-2016 ignore (phpMyAdmin, < 2.8.0.2 never shipped)
-*CVE-2007-1997 ignore (clamav, 0.90/0.90.1 only)
+CVE-2007-1997 version (clamav, fixed in 0.90.2)
 *CVE-2007-1995 (quagga) #240488
 *CVE-2007-1897 version (wordpress, fixed 2.1.3) #235912
 *CVE-2007-1894 version (wordpress, fixed 2.1.3-0.rc2)
@@ -89,7 +89,7 @@
 *CVE-2007-1841 VULNERABLE (ipsec-tools) #238052
 *CVE-2007-1804 VULNERABLE (pulseaudio) #235013
 *CVE-2007-1799 version (ktorrent, fixed 2.1.3) #235014
-*CVE-2007-1745 ignore (clamav, 0.90/0.90.1 only) #236703
+CVE-2007-1745 version (clamav, fixed in 0.90.2) #236703
 *CVE-2007-1743 (httpd)
 *CVE-2007-1742 (httpd)
 *CVE-2007-1741 (httpd)
@@ -203,8 +203,8 @@
 *CVE-2007-0903 version (ejabberd, fixed 1.1.3)
 *CVE-2007-0902 patch (moin, fixed 1.5.7-2) #228764
 *CVE-2007-0901 patch (moin, fixed 1.5.7-2) #228764
-*CVE-2007-0898 backport (clamav, fixed 0.88.7-2) #229202
-*CVE-2007-0897 backport (clamav, fixed 0.88.7-2) #229202
+CVE-2007-0898 version (clamav, fixed 0.90) #229202
+CVE-2007-0897 version (clamav, fixed 0.90) #229202
 *CVE-2007-0894 version (mediawiki, fixed 1.8.4) #228763
 *CVE-2007-0884 ignore (mimedefang 2.59/2.60 not shipped) #228757
 *CVE-2007-0857 version (moin, fixed 1.5.7) #228139
@@ -339,8 +339,8 @@
 *CVE-2006-6498 version (seamonkey, fixed 1.0.7) #220516
 *CVE-2006-6497 version (seamonkey, fixed 1.0.7) #220516
 *CVE-2006-6493 (openldap)
-*CVE-2006-6481 version (clamav, fixed 0.88.7)
-*CVE-2006-6406 version (clamav, fixed 0.88.7) #219095
+CVE-2006-6481 version (clamav, fixed 0.88.7)
+CVE-2006-6406 version (clamav, fixed 0.88.7) #219095
 CVE-2006-6385 ignore (kernel) windows only
 *CVE-2006-6383 ignore (php) safe mode isn't safe
 *CVE-2006-6374 ** (phpMyAdmin) #218853
@@ -392,7 +392,7 @@
 *CVE-2006-5925 backport (elinks) [since FEDORA-2006-1278] but was never vulneable as didn't have smbclient support
 *CVE-2006-5876 version (libsoup) #223144 [since FEDORA-2007-109]
 *CVE-2006-5875 version (enemies-of-carlotta, fixed 1.2.4)
-*CVE-2006-5874 version (clamav, fixed 0.88.1)
+CVE-2006-5874 version (clamav, fixed 0.88.1)
 *CVE-2006-5871 version (kernel, fixed 2.6.10)
 *CVE-2006-5870 (openoffice.org)
 *CVE-2006-5868 VULNERABLE (ImageMagick, fixed 6.2.9.1) #217560
@@ -455,7 +455,7 @@
 CVE-2006-5330 ignore, no-ship (flash-plugin)
 *CVE-2006-5298 backport (mutt) [since FEDORA-2006-1063]
 *CVE-2006-5297 backport (mutt) [since FEDORA-2006-1063]
-*CVE-2006-5295 version (clamav, fixed 0.88.5) #210973
+CVE-2006-5295 version (clamav, fixed 0.88.5) #210973
 *CVE-2006-5276 VULNERABLE (snort) #229265
 CVE-2006-5229 ignore (openssh) not reproduced
 *CVE-2006-5215 VULNERABLE (xorg-x11-xinit) #212167
@@ -580,7 +580,7 @@
 *CVE-2006-4227 version (mysql, fixed 5.0.26,5.1.12) #203434 [since FEDORA-2006-1297]
 *CVE-2006-4226 version (mysql, fixed 5.0.26,5.1.12) #203428 [since FEDORA-2006-1297]
 *CVE-2006-4192 patch (libmodplug, fixed 0.8-3)
-*CVE-2006-4182 version (clamav, fixed 0.88.5) #210973
+CVE-2006-4182 version (clamav, fixed 0.88.5) #210973
 *CVE-2006-4181 (gnuradius)
 *CVE-2006-4146 backport (gdb)
 *CVE-2006-4145 version (kernel, fixed 2.6.17.10, fixed 2.6.18-rc5) needs a better upstream fix
@@ -593,7 +593,7 @@
 *CVE-2006-4028 version (wordpress, fixed 2.0.4) #201989
 *CVE-2006-4020 version (php, fixed 5.1.5)
 *CVE-2006-4019 version (squirrelmail, fixed 1.4.8)
-*CVE-2006-4018 version (clamav, fixed 0.88.4-1) #201688
+CVE-2006-4018 version (clamav, fixed 0.88.4-1) #201688
 *CVE-2006-3918 version (httpd, fixed 2.2.2)
 *CVE-2006-3913 patch (freeciv, fixed 2.0.8-5) #200545
 *CVE-2006-3879 version (mikmod, not 3.1.6)
@@ -785,7 +785,7 @@
 *CVE-2006-2444 version (kernel, fixed 2.6.17)
 *CVE-2006-2442 patch (kphone, fixed 4.2-9) bz#192202
 *CVE-2006-2440 version (ImageMagick, fixed 6.2.8 at least)
-*CVE-2006-2427 ignore (clamav) not an issue bz#192076
+CVE-2006-2427 ignore (clamav) not an issue bz#192076
 *CVE-2006-2414 version (dovecot, fixed 1.0.beta8) not a security issue
 *CVE-2006-2369 version (vnc, fixed 4.1.2)
 *CVE-2006-2366 ignore (openobex) we don't ship ircp
@@ -824,7 +824,7 @@
 *CVE-2006-1993 version (firefox, fixed 1.5.0.3)
 *CVE-2006-1991 version (php)
 *CVE-2006-1990 version (php)
-*CVE-2006-1989 version (clamav, fixed 0.88.2)
+CVE-2006-1989 version (clamav, fixed 0.88.2)
 *CVE-2006-1945 backport (awstats, fixed 6.5-4) bz#190922 awstats-6.5-CVE-2006-1945.patch
 *CVE-2006-1942 version (firefox, fixed 1.5.0.4)
 *CVE-2006-1940 version (wireshark, fixed 0.99.0)
@@ -915,11 +915,11 @@
 *CVE-2006-1656 version (util-vserver, fixed 0.30.210)
 *CVE-2006-1650 ignore (firefox) a number of reports don't confirm this
 *CVE-2006-1646 ignore (ipsec-tools) KAME racoon, not ipsec-tools racoon
-*CVE-2006-1630 version (clamav, fixed 0.88.1) bz#188286
+CVE-2006-1630 version (clamav, fixed 0.88.1) bz#188286
 *CVE-2006-1629 version (openvpn, fixed 2.0.6) bz#188050
 *CVE-2006-1624 ignore (sysklogd) Silly configuration is not a security issue
-*CVE-2006-1615 version (clamav, fixed 0.88.1) bz#188286
-*CVE-2006-1614 version (clamav, fixed 0.88.1) bz#188286
+CVE-2006-1615 version (clamav, fixed 0.88.1) bz#188286
+CVE-2006-1614 version (clamav, fixed 0.88.1) bz#188286
 *CVE-2006-1608 ignore (php) safe mode isn't safe
 *CVE-2006-1577 version (mantis, fixed 1.0.5) bz#191089
 *CVE-2006-1566 ignore (libtunepimp, Debian-specific problem)
@@ -1081,7 +1081,7 @@
 *CVE-2006-0197 ignore (xorg-x11) not an issue
 *CVE-2006-0195 version (squirrelmail, fixed 1.4.6)
 *CVE-2006-0188 version (squirrelmail, fixed 1.4.6)
-*CVE-2006-0162 version (clamav, fixed 0.88)
+CVE-2006-0162 version (clamav, fixed 0.88)
 *CVE-2006-0151 (sudo)
 *CVE-2006-0150 (auth_ldap)
 *CVE-2006-0144 version (php-pear, not 1.4.4)

-- 
fedora-extras-commits mailing list
fedora-extras-commits@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-extras-commits

--
Fedora-security-list mailing list
Fedora-security-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-security-list




