On Tue, 9 Nov 2004 12:20:58 +0000 (GMT), Mark J Cox <mjc@xxxxxxxxxx> wrote: > Near the release time of each new distribution the Red Hat security team > go through all the security advisories for the past few years as well as > issues that affected others but not Red Hat to ensure that the new > distribution is up to date with security patches. We did this with FC3 a > few weeks ago and corrected most of the issues we found that were unfixed. > So this email is just really a FYI so we have the details stored for > future reference. > Will the following items listed as vulnerable be fixed in the near future? And what can be done to help? > CAN-2004-0081 VULNERABLE (openssl096b only, see bug 138365) > CAN-2004-0687 VULNERABLE (lesstif libxpm, see bug 135080) > CAN-2004-0687 VULNERABLE (lesstif libxpm, see bug 135081) > CAN-2004-0888 VULNERABLE (tetex, see bug 137476) > CAN-2004-0930 VULNERABLE (Samba, see bug 138326) > CAN-2004-0942 VULNERABLE (httpd, see bug 138065) > CAN-2004-0971 VULNERABLE (krb5, see bug 136307) > CAN-2004-0972 VULNERABLE (lvm, see bug 136309) > CAN-2004-0974 VULNERABLE (tetex, see bug 137966) > CAN-2004-0975 VULNERABLE (openssl, see bug 136303) > CAN-2004-0981 VULNERABLE (ImakeMagick, see bug 138385) > CAN-2004-0983 VULNERABLE (Ruby, see bug 138366) > CAN-2004-0990 VULNERABLE (gd, see bug 137247) There may be 2 more Ruby items that have been listed in the last 2 weeks. I do not know if they were added to the original CAN or added. -- Stephen J Smoogen. CSIRT/Linux System Administrator
