Author: thoger
Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14665/audit
Modified Files: f8 f9 Log Message: update
Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.27 retrieving revision 1.28 diff -u -r1.27 -r1.28 --- f8 27 Nov 2007 11:37:56 -0000 1.27 +++ f8 27 Nov 2007 15:14:08 -0000 1.28 @@ -32,7 +32,7 @@ CVE-2007-5690 version (zaptel) [since FEDORA-2007-2860] not really an issue CVE-2007-5624 VULNERABLE (nagios, fixed 2.10) #362801 CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731 [since FEDORA-2007-2876] nagios-plugins-1.4.8-9.fc8 -CVE-2007-5589 VULNERABLE (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 +CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 [since FEDORA-2007-3636] CVE-2007-5461 version (tomcat5) #363001 [since FEDORA-2007-3474] CVE-2007-5398 version (samba) [since FEDORA-2007-3403] CVE-2007-5395 version (link-grammar) #372351 [since FEDORA-2007-3235]
Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.23 retrieving revision 1.24 diff -u -r1.23 -r1.24 --- f9 26 Nov 2007 18:15:22 -0000 1.23 +++ f9 27 Nov 2007 15:14:08 -0000 1.24 @@ -9,15 +9,15 @@
CVE-2007-6100 version (phpMyAdmin, fixed 2.11.2.2) CVE-2007-6061 VULNERABLE (audacity) #393251 -CVE-2007-6035 VULNERABLE (cacti, fixed 0.8.7a) #392001 -CVE-2007-5977 VULNERABLE (phpMyAdmin) #385911 -CVE-2007-5976 VULNERABLE (phpMyAdmin) #385911 -CVE-2007-5937 VULNERABLE (tetex) #379851 Multiple dviljk buffer overflows -CVE-2007-5936 VULNERABLE (tetex) #379851 dviljk uses insecure temporary file -CVE-2007-5935 VULNERABLE (tetex) #379851 dvips -z buffer overflow with long href -CVE-2007-5934 VULNERABLE (php-pear-MDB2) #379111 -CVE-2007-5934 VULNERABLE (php-pear-MDB2-Driver-mysql) #379141 -CVE-2007-5934 VULNERABLE (php-pear-MDB2-Driver-mysqli) #379171 +CVE-2007-6035 version (cacti, fixed 0.8.7a) #392001 [since cacti-0.8.7a-1.fc9] +CVE-2007-5977 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] +CVE-2007-5976 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] +CVE-2007-5937 backport (tetex) #379851 Multiple dviljk buffer overflows [since tetex-3.0-48.fc9] +CVE-2007-5936 backport (tetex) #379851 dviljk uses insecure temporary file [since tetex-3.0-48.fc9] +CVE-2007-5935 backport (tetex) #379851 dvips -z buffer overflow with long href [since tetex-3.0-48.fc9] +CVE-2007-5934 version (php-pear-MDB2) #379111 [since php-pear-MDB2-2.4.1-2.fc9] +CVE-2007-5934 version (php-pear-MDB2-Driver-mysql) #379141 [since php-pear-MDB2-Driver-mysql-1.4.1-3.fc9] +CVE-2007-5934 version (php-pear-MDB2-Driver-mysqli) #379171 [since php-pear-MDB2-Driver-mysqli-1.4.1-3.fc9] CVE-2007-5925 ignore (mysql) Authenticated user can restart mysql. CVE-2007-5907 VULNERABLE (xen) #390121 CVE-2007-5906 VULNERABLE (xen) #390121 @@ -32,19 +32,19 @@ CVE-2007-5623 backport (nagios-plugins, not fixed 1.4.10) #348731 CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 CVE-2007-5461 VULNERABLE (tomcat5, not fixed 5.5.25) #334531 -CVE-2007-5395 VULNERABLE (link-grammar) #372361 -CVE-2007-5393 VULNERABLE (xpdf) #372481 +CVE-2007-5395 version (link-grammar) #372361 [since link-grammar-4.2.5-1.fc9] +CVE-2007-5393 backport (xpdf) #372481 [since xpdf-3.02-4.fc9] CVE-2007-5393 backport (cups) CVE-2007-5393 VULNERABLE (poppler) #372521 CVE-2007-5393 VULNERABLE (kdegraphics) #372581 CVE-2007-5393 VULNERABLE (koffice) #372611 -CVE-2007-5393 VULNERABLE (tetex) #372671 -CVE-2007-5392 VULNERABLE (xpdf) #372481 +CVE-2007-5393 version (tetex) #372671 [since tetex-3.0-48.fc9] +CVE-2007-5392 backport (xpdf) #372481 [since xpdf-3.02-4.fc9] CVE-2007-5392 backport (cups) CVE-2007-5392 VULNERABLE (poppler) #372521 CVE-2007-5392 VULNERABLE (kdegraphics) #372581 CVE-2007-5392 VULNERABLE (koffice) #372611 -CVE-2007-5392 VULNERABLE (tetex) #372671 +CVE-2007-5392 version (tetex) #372671 [since tetex-3.0-48.fc9] CVE-2007-5386 version (phpmyadmin, fixed 2.11.1.1) #333661 PMASA-2007-5 CVE-2007-5201 VULNERABLE (duplicity, no upstream fix) #362841 CVE-2007-5200 version (hugin) #362871 [since hugin-0.6.1-11.fc9] @@ -63,12 +63,12 @@ CVE-2007-4559 VULNERABLE (python, not fixed upstream) #315291 Upstream WONTFIX. See where we use the code. CVE-2007-4476 backport (cpio, not fixed 2.9) #339691 [since cpio-2.9-5.fc9] CVE-2007-4400 VULNERABLE (konversation) #362931 Remove media script? -CVE-2007-4352 VULNERABLE (xpdf) #372481 +CVE-2007-4352 backport (xpdf) #372481 [since xpdf-3.02-4.fc9] CVE-2007-4352 backport (cups) CVE-2007-4352 VULNERABLE (poppler) #372521 CVE-2007-4352 VULNERABLE (kdegraphics) #372581 CVE-2007-4352 VULNERABLE (koffice) #372611 -CVE-2007-4352 VULNERABLE (tetex) #372671 +CVE-2007-4352 version (tetex) #372671 [since tetex-3.0-48.fc9] CVE-2007-4351 version (cups) #361681 CVE-2007-3999 VULNERABLE (nfs-utils-lib) #362101 CVE-2007-3999 VULNERABLE (libtirpc) #362121
security-commits@lists.fedoraproject.org