Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24650/audit Modified Files: fc6 fc7 Log Message: Few more issues. Index: fc6 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc6,v retrieving revision 1.262 retrieving revision 1.263 diff -u -r1.262 -r1.263 --- fc6 19 Sep 2007 13:24:50 -0000 1.262 +++ fc6 19 Sep 2007 15:39:17 -0000 1.263 @@ -7,7 +7,10 @@ # Up to date CVE as of CVE email 20070914 # Up to date FC6 as of 20070916 -CVE-2007-4897 VULNERABLE (ekiga, version 2.0.9 ?) +CVE-2007-4965 VULNERABLE (python) imageop module heap overflow +CVE-2007-4924 VULNERABLE (ekiga, version 2.0.10) really opal 2.2.10 +CVE-2007-4897 VULNERABLE (ekiga, version 2.0.9) really opal 2.2.8 +CVE-2007-4829 VULNERABLE (perl-Archive-Tar) CVE-2007-4826 VULNERABLE (quagga, fixed 0.99.9) CVE-2007-4752 VULNERABLE (openssh) #280471 CVE-2007-4743 backport (krb5) incomplete CVE-2007-3999 fix [since FEDORA-2007-694] @@ -21,6 +24,8 @@ CVE-2007-4658 VULNERABLE (php, fixed 5.2.4) #278011 CVE-2007-4657 VULNERABLE (php, fixed 5.2.4) CVE-2007-4565 backport (fetchmail) #260881 [since FEDORA-2007-689] +CVE-2007-4559 VULNERABLE (python) tarfile module - directory traversal +CVE-2007-4558 ignore (star, fixed 1.5a84) duplicate of CVE-2007-4134 CVE-2007-4357 ignore (firefox) status bar can be overwrittten CVE-2007-4255 ignore (php) msql extension not shipped CVE-2007-4251 ignore (openoffice.org) just a crash Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.110 retrieving revision 1.111 diff -u -r1.110 -r1.111 --- fc7 19 Sep 2007 13:24:50 -0000 1.110 +++ fc7 19 Sep 2007 15:39:17 -0000 1.111 @@ -11,11 +11,14 @@ GENERIC-MAP-NOMATCH VULNERABLE (libsndfile) #296221 GENERIC-MAP-NOMATCH VULNERABLE (duplicity) #293081 GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 -CVE-2007-4897 version (ekiga, version 2.0.9 ?) +CVE-2007-4965 VULNERABLE (python) imageop module heap overflow +CVE-2007-4924 VULNERABLE (ekiga, version 2.0.10) really opal 2.2.10 +CVE-2007-4897 version (ekiga, version 2.0.9) really opal 2.2.8 CVE-2007-4894 version (wordpress, fixed 2.2.3) [since FEDORA-2007-2143] CVE-2007-4893 version (wordpress, fixed 2.2.3) [since FEDORA-2007-2143] CVE-2007-4841 ignore (mozilla suite) Windows only CVE-2007-4840 ignore (php) +CVE-2007-4829 VULNERABLE (perl-Archive-Tar) CVE-2007-4828 (mediawiki, fixed 1.11.0, 1.10.2, 1.9.4) #287881 CVE-2007-4826 VULNERABLE (quagga, fixed 0.99.9) in updates-testing CVE-2007-4752 VULNERABLE (openssh) #280461 @@ -36,7 +39,7 @@ CVE-2007-4565 backport (fetchmail) #260861 [since FEDORA-2007-1983] CVE-2007-4560 version (clamav) #260583 [since FEDORA-2007-2050] CVE-2007-4559 VULNERABLE (python) tarfile module - directory traversal -CVE-2007-4558 version (star, fixed 1.5a84) [since FEDORA-2007-1852] +CVE-2007-4558 ignore (star, fixed 1.5a84) duplicate of CVE-2007-4134 CVE-2007-4543 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853] CVE-2007-4542 version (mapserver, fixed 4.10.3) #256561 [since FEDORA-2007-2018] CVE-2007-4539 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853] -- fedora-extras-commits mailing list fedora-extras-commits@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-extras-commits -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
