With the release of FC5test1 we've done an audit of possible (known,
public) vulnerabilities from 20030101 to date that are in packages part
of FC5test1. The aim is to minimise the number of flaws unfixed by FC5
gold. Summary:
Total possible vulnerabilities 20030101 to date: 1170
FC5test1 not vulnerable:
due to upstream version of package shipped: 1079 (92%)
due to backported security patch: 77 (7%)
FC5test1 vulnerable: 14 (1%)
Bugs have been filed for the vulnerabilities still present in FC5test1
packages, and we'll continue to track up to release and beyond flaws
affecting FC5. The living document with all the details is at:
http://cvs.fedora.redhat.com/viewcvs/*checkout*/fedora-security/audit/fc5?root=fedora
The method behind the audit can be found in the details of our
original FC4 audit: http://people.redhat.com/mjc/20050505-fc4
Questions or corrections to secalert@xxxxxxxxxx
Thanks, Mark
--
Mark J Cox / Red Hat Security Response Team
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
