fedora-security/audit fc6, 1.245, 1.246 fc7, 1.78, 1.79 fe6, 1.132, 1.133

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Author: thoger

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3670/audit

Modified Files:
	fc6 fc7 fe6 
Log Message:
- CVE update
- Fedora update
- add CVE-2007-2958



Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.245
retrieving revision 1.246
diff -u -r1.245 -r1.246
--- fc6	23 Aug 2007 10:30:39 -0000	1.245
+++ fc6	24 Aug 2007 10:27:36 -0000	1.246
@@ -4,8 +4,8 @@
 # *CVE are items that need verification for Fedora Core 6
 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
 
-# Up to date CVE as of CVE email 20070822
-# Up to date FC6 as of 20070820
+# Up to date CVE as of CVE email 20070823
+# Up to date FC6 as of 20070823
 
 CVE-2007-4357 ignore (firefox) status bar can be overwrittten
 CVE-2007-4255 ignore (php) msql extension not shipped
@@ -20,6 +20,7 @@
 CVE-2007-3962 ignore (gftp) multiple buffer overflows in fsplib, not on Linux
 CVE-2007-3961 ignore (gftp) off-by-one error in fsplib
 CVE-2007-3852 VULNERABLE (sysstat) #252296
+CVE-2007-3847 VULNERABLE (httpd) #250756
 CVE-2007-3845 ignore (firefox) windows specific
 CVE-2007-3844 VULNERABLE (firefox) #250648 "fixed on next update"
 CVE-2007-3843 VULNERABLE (kernel) #246595


Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.78
retrieving revision 1.79
diff -u -r1.78 -r1.79
--- fc7	23 Aug 2007 10:30:39 -0000	1.78
+++ fc7	24 Aug 2007 10:27:37 -0000	1.79
@@ -5,11 +5,12 @@
 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
 # A couple of first F7 updates were marked as FEDORA-2007-0001
 
-# Up to date CVE as of CVE email 20070822
-# Up to date FC7 as of 20070820
+# Up to date CVE as of CVE email 20070823
+# Up to date FC7 as of 20070823
 
-CVE-2007-4462 VULNERABLE (po4a) #253541
-CVE-2007-4460 VULNERABLE (id3lib) #253553
+CVE-2007-4510 VULNERABLE (clamav, 0.91.2) #253780
+CVE-2007-4462 version (po4a) #253541 [since FEDORA-2007-1763]
+CVE-2007-4460 backport (id3lib) #253553 [since FEDORA-2007-1774]
 CVE-2007-4400 VULNERABLE (konversation) #253545
 CVE-2007-4357 ignore (firefox) status bar can be overwrittten
 CVE-2007-4323 backport (denyhosts) #252291 [since FEDORA-2007-0589]
@@ -27,7 +28,7 @@
 CVE-2007-4154 ignore (wordpress) "remote authenticated administrators"
 CVE-2007-4139 VULNERABLE (wordpress) #250751
 CVE-2007-4131 VULNERABLE (tar) #253684
-CVE-2007-4029 VULNERABLE (libvorbis) #245991
+CVE-2007-4029 backport (libvorbis) #245991 [since FEDORA-2007-1765]
 CVE-2007-3962 ignore (gftp) multiple buffer overflows in fsplib, not on Linux
 CVE-2007-3961 ignore (gftp) off-by-one error in fsplib
 CVE-2007-3852 backport (sysstat) #252295 [since FEDORA-2007-1697]
@@ -36,6 +37,8 @@
 CVE-2007-3948 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
 CVE-2007-3947 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
 CVE-2007-3946 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
+CVE-2007-3848 version (kernel) [since FEDORA-2007-1785]
+CVE-2007-3847 VULNERABLE (httpd) #250755
 CVE-2007-3845 ignore (firefox) windows specific
 CVE-2007-3844 VULNERABLE (firefox) #250648 "fixed on next update"
 CVE-2007-3843 VULNERABLE (kernel) #246595
@@ -99,7 +102,7 @@
 CVE-2007-3231 version (mecab, fixed 0.96) [since FEDORA-2007-0366]
 CVE-2007-3209 ignore (mail-notification, shipped with SSL enabled)
 CVE-2007-3108 backport (openssl) #250574 [since FEDORA-2007-1444]
-CVE-2007-3106 VULNERABLE (libvorbis) #245991
+CVE-2007-3106 backport (libvorbis) #245991 [since FEDORA-2007-1765]
 CVE-2007-3099 version (iscsi-initiator-utils, fixed 6.2.0.865) [since FEDORA-2007-0543]
 CVE-2007-3100 version (iscsi-initiator-utils, fixed 6.2.0.865) [since FEDORA-2007-0543]
 CVE-2007-3165 version (tor, fixed 0.1.2.14) #244502 [since FEDORA-2007-1674]
@@ -119,12 +122,13 @@
 CVE-2007-3023 VULNERABLE (clamav, fixed 0.90.3) #245219
 CVE-2007-3007 ignore (php) safe mode isn't safe
 *CVE-2007-2975 (openfire)
+CVE-2007-2958 VULNERABLE (claws-mail) #254121
+CVE-2007-2958 VULNERABLE (sylpheed) #254123
 CVE-2007-2956 backport (qtpfsgui) #251674 [since FEDORA-2007-1581]
 CVE-2007-2949 version (gimp, fixed, 2.2.16) [since FEDORA-2007-0725]
 CVE-2007-2926 version (bind, fixed 9.4.1) [since FEDORA-2007-1247]
 CVE-2007-2925 version (bind, fixed 9.4.1) [since FEDORA-2007-1247]
-*CVE-2007-2894 VULNERABLE (bochs) #241799
-CVE-2007-2894 ignore (bochs, unreproducible) #241799
+CVE-2007-2894 backport (bochs) #241799 [since FEDORA-2007-1778]
 CVE-2007-2893 patch (bochs, fixed 2.3-5) #241799 [since FEDORA-2007-1153]
 CVE-2007-2876 version (kernel, fixed 2.6.21.5) [ since FEDORA-2007-0409 ]
 CVE-2007-2874 remove-patch (wpa_supplicant) #242455 [since FEDORA-2007-0185]
@@ -332,7 +336,7 @@
 CVE-2007-0894 version (mediawiki, fixed 1.8.4) #228763
 CVE-2007-0884 ignore (mimedefang 2.59/2.60 not shipped) #228757
 CVE-2007-0857 version (moin, fixed 1.5.7) #228139
-CVE-2007-0844 VULNERABLE (pam_ssh, fixed 1.92) #253959
+CVE-2007-0844 version (pam_ssh, fixed 1.92) #253959 [since FEDORA-2007-1793]
 CVE-2007-0823 ignore (xterm) feature, not a bug
 CVE-2007-0822 ignore (util-linux) NULL dereference
 CVE-2007-0780 version (seamonkey, fixed 1.0.8)


Index: fe6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fe6,v
retrieving revision 1.132
retrieving revision 1.133
diff -u -r1.132 -r1.133
--- fe6	9 Aug 2007 15:53:20 -0000	1.132
+++ fe6	24 Aug 2007 10:27:37 -0000	1.133
@@ -2,6 +2,7 @@
 
 ** are items that need attention
 
+CVE-2007-4510 VULNERABLE (clamav, 0.91.2) #253780
 CVE-2007-3950 version (lighttpd, fixed 1.4.16) #249162
 CVE-2007-3949 version (lighttpd, fixed 1.4.16) #249162
 CVE-2007-3948 version (lighttpd, fixed 1.4.16) #249162

-- 
fedora-extras-commits mailing list
fedora-extras-commits@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-extras-commits

--
Fedora-security-list mailing list
Fedora-security-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-security-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Coolkey]

  Powered by Linux