Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10940 Modified Files: fc6 Log Message: Up to date CVE as of CVE email 20070801 Up to date FC6 as of 20070802 Index: fc6 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc6,v retrieving revision 1.226 retrieving revision 1.227 diff -u -r1.226 -r1.227 --- fc6 27 Jul 2007 12:57:04 -0000 1.226 +++ fc6 2 Aug 2007 09:39:05 -0000 1.227 @@ -1,7 +1,11 @@ -Up to date CVE as of CVE email 20061123 -Up to date FC6 as of 20061123 +# $Id$ -** are items that need attention +# ** are items that need attention +# *CVE are items that need verification for Fedora Core 6 +# (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) + +# Up to date CVE as of CVE email 20070801 +# Up to date FC6 as of 20070802 CVE-2007-4029 VULNERABLE (libvorbis) #245991 CVE-2007-4168 VULNERABLE (libexif) #243892 @@ -14,19 +18,49 @@ CVE-2007-3508 ignore (glibc) not an issue CVE-2007-3506 backport (freetype, fixed 2.3.4) #235479 [since FEDORA-2007-561] CVE-2007-3409 version (perl-Net-DNS, fixed 0.60) #245809 +CVE-2007-3393 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628] +CVE-2007-3392 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628] +CVE-2007-3391 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628] +CVE-2007-3390 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628] +CVE-2007-3389 version (wireshark, fixed 0.99.6) [since FEDORA-2007-628] CVE-2007-3378 ignore (php) safe mode escape -CVE-2007-3377 version (perl-Net-DNS, fixed 0.60) #245614 +CVE-2007-3377 version (perl-Net-DNS, fixed 0.60) #245614 [since FEDORA-2007-609] +CVE-2007-3304 backport (httpd) #244660 [since FEDORA-2007-615] +CVE-2007-3257 backport (evolution) #244287 [since FEDORA-2007-594] CVE-2007-3126 ignore (gimp) just a crash CVE-2007-3106 VULNERABLE (libvorbis) #245991 +CVE-2007-2926 backport (bind, fixed 9.4.1) [since FEDORA-2007-647] *CVE-2007-2894 VULNERABLE (bochs) #241799 -CVE-2007-2876 version (kernel, fixed 2.6.21.5?) [since ?] +CVE-2007-2876 version (kernel, fixed 2.6.21.5) [since FEDORA-2007-600] +CVE-2007-2875 version (kernel) [since FEDORA-2007-600] *CVE-2007-2874 (wpa_supplicant) #242455 -CVE-2007-2873 version (spamassassin, fixed 3.1.9) +CVE-2007-2873 version (spamassassin, fixed 3.1.9) [since FEDORA-2007-582] +CVE-2007-2871 version (mozilla) #241840 [since FEDORA-2007-549] +CVE-2007-2870 version (mozilla) #241840 [since FEDORA-2007-549] +CVE-2007-2869 version (mozilla) #241840 [since FEDORA-2007-549] +CVE-2007-2868 version (mozilla) #241840 [since FEDORA-2007-549] +CVE-2007-2867 version (mozilla) #241840 [since FEDORA-2007-549] +CVE-2007-2799 version (file, fixed 4.21) #241034 [since FEDORA-2007-538] +CVE-2007-2453 version (kernel) [since FEDORA-2007-600] +CVE-2007-2451 version (kernel, fixed 2.6.21.4) [since FEDORA-2007-600] +CVE-2007-2445 backport (libpng) #239542 [since FEDORA-2007-529] CVE-2007-2438 VULNERABLE (vim) #238734 +CVE-2007-2242 version (kernel) [since FEDORA-2007-482] +CVE-2007-2138 version (postgresql, fixed 8.1.9) [since FEDORA-2007-565] +CVE-2007-2028 backport (freeradius) [since FEDORA-2007-499] +CVE-2007-1995 version (quagga, fixed 0.99.7) [since FEDORA-2007-525] +CVE-2007-1863 backport (httpd) #244660 [since FEDORA-2007-615] +CVE-2007-1862 backport (httpd) #244660 [since FEDORA-2007-615] +CVE-2007-1861 version (kernel) [since FEDORA-2007-482] CVE-2007-1856 VULNERABLE (vixie-cron) #235882 CVE-2007-1841 VULNERABLE (ipsec-tools) #238052 +CVE-2007-1797 backport (ImageMagick) #235075 [since FEDORA-2007-413] +CVE-2007-1667 backport (libX11) [since FEDORA-2007-426] CVE-2007-1565 ignore (konqueror) client crash -CVE-2007-1564 vulnerable (konqueror) [#CVE-2007-1564] +CVE-2007-1564 vulnerable (konqueror) +CVE-2007-1562 version (mozilla) #241840 [since FEDORA-2007-549] +CVE-2007-1558 backport (evolution) #235290 [since FEDORA-2007-484] +CVE-2007-1536 backport (file, fixed 4.20) #233164 [since FEDORA-2007-391] CVE-2007-1475 ignore (php) unshipped ibase extension CVE-2007-1420 VULNERABLE (mysql, fixed 5.0.36) #232604 CVE-2007-1413 ignore (php) Windows NT SNMP specific @@ -34,14 +68,18 @@ CVE-2007-1411 ignore (php) unshipped mssql extension CVE-2007-1401 ignore (php) unshipped cracklib extension CVE-2007-1396 ignore (php) feature, not a flaw +CVE-2007-1362 version (mozilla) #241840 [since FEDORA-2007-549] +CVE-2007-1357 version (kernel) [since FEDORA-2007-432] CVE-2007-1352 VULNERABLE (libXfont) #235265 CVE-2007-1351 VULNERABLE (libXfont) #235265 +CVE-2007-1349 backport (mod_perl) [since FEDORA-2007-577] CVE-2007-1263 version (gnupg, fixed 1.4.7) [since FEDORA-2007-315] +CVE-2007-1262 version (squirrelmail, fixed 1.4.10a) #239704 [since FEDORA-2007-505] CVE-2007-1218 backport (tcpdump) 232349 [since FEDORA-2007-347] CVE-2007-1006 version (ekiga, fixed 2.0.5) #229259 [since FEDORA-2007-322] CVE-2007-1004 VULNERABLE (firefox, ...) -CVE-2007-1003 VULNERABLE (xorg-x11-server, fixed > X11R7.2) #235263 -CVE-2007-1002 VULNERABLE (evolution) #233587 +CVE-2007-1003 backport (xorg-x11-server, fixed > X11R7.2) #235263 [since FEDORA-2007-425] +CVE-2007-1002 backport (evolution) #233587 [since FEDORA-2007-393] CVE-2007-1000 version (kernel, fixed 2.6.20) [since FEDORA-2007-335] CVE-2007-0998 backport (xen) #230295 [since FEDORA-2007-343] CVE-2007-0981 VULNERABLE (firefox, ...) @@ -54,10 +92,10 @@ CVE-2007-0537 VULNERABLE (kdebase) #225420 CVE-2007-0494 version (bind, fixed 9.3.4) #225268 [since FEDORA-2007-147] CVE-2007-0493 version (bind, fixed 9.3.4) #224443 [since FEDORA-2007-147] -CVE-2007-0459 VULNERABLE (wireshark, fixed 0.99.5) #227140 -CVE-2007-0458 VULNERABLE (wireshark, fixed 0.99.5) #227140 -CVE-2007-0457 VULNERABLE (wireshark, fixed 0.99.5) #227140 -CVE-2007-0456 VULNERABLE (wireshark, fixed 0.99.5) #227140 +CVE-2007-0459 version (wireshark, fixed 0.99.5) #227140 +CVE-2007-0458 version (wireshark, fixed 0.99.5) #227140 +CVE-2007-0457 version (wireshark, fixed 0.99.5) #227140 +CVE-2007-0456 version (wireshark, fixed 0.99.5) #227140 CVE-2007-0455 VULNERABLE (gd) #224610 CVE-2007-0451 version (spamassassin, fixed 3.1.8) [since FEDORA-2007-241] CVE-2007-0248 version (squid, fixed 2.6.STABLE7) [since FEDORA-2007-073] @@ -117,11 +155,12 @@ CVE-2006-5864 VULNERABLE (evince) #217672 CVE-2006-5823 version (kernel, fixed 2.6.19.2) [since FEDORA-2007-058] was backport since FEDORA-2006-1223 CVE-2006-5794 backport (openssh, fixed 4.5) #214641 [since FEDORA-2006-1215] -CVE-2006-5793 ignore (libpng, fixed 1.2.13) just a client crash +CVE-2006-5793 backport (libpng, fixed 1.2.13) #215405 [since FEDORA-2007-529] CVE-2006-5783 ignore (firefox) disputed CVE-2006-5779 VULNERABLE (openldap, 2.3.29) #214768 CVE-2006-5757 version (kernel, fixed 2.6.19) [since FEDORA-2007-058] was backport since FEDORA-2006-1223 CVE-2006-5753 backport (kernel, fixed 2.6.20.1) [since FEDORA-2007-291] +CVE-2006-5752 backport (httpd) #244660 [since FEDORA-2007-615] CVE-2006-5751 version (kernel, fixed 2.6.19, fixed 2.6.18.4) [since FEDORA-2006-1471] CVE-2006-5749 VULNERABLE (kernel, fixed 2.6.20-rc2) CVE-2006-5748 version (thunderbird, fixed 1.5.0.8) [since FEDORA-2006-1192] @@ -169,7 +208,7 @@ CVE-2006-5159 ignore (firefox) unverified CVE-2006-5158 version (kernel, fixed 2.6.15) CVE-2006-5072 backport (mono) -CVE-2006-5052 VULNERABLE (openssh, fixed 4.4) +CVE-2006-5052 backport (openssh, fixed 4.4) [since FEDORA-2007-394] CVE-2006-5051 backport (openssh, fixed 4.4) CVE-2006-4997 version (kernel, fixed 2.6.18) CVE-2006-4980 version (python, fixed 2.4.4 at least) [since FEDORA-2006-1050] was backport since GA -- fedora-extras-commits mailing list fedora-extras-commits@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-extras-commits -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
