March 2008 - security-commits - Fedora Mailing-Lists

by fedora-security-commits＠redhat.com

Author: thoger Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8625/audit Modified Files: f9 Log Message: asterisk fixes in rawhide Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.170 retrieving revision 1.171 diff -u -r1.170 -r1.171 --- f9 30 Mar 2008 23:13:52 -0000 1.170 +++ f9 31 Mar 2008 12:32:21 -0000 1.171 @@ -18,15 +18,15 @@ CVE-2008-1468 VULNERABLE (namazu) #438668 CVE-2008-1467 fixed (centerim) #438871 CVE-2008-1394 ignore (plone) -CVE-2008-1390 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134 +CVE-2008-1390 version (asterisk, fixed 1.6.0-beta6) #438134 [since asterisk-1.6.0-0.6.beta6.fc9] CVE-2008-1372 ignore (bzip2) Just a crash CVE-2008-1360 VULNERABLE (nagios) #437852 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization -CVE-2008-1333 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134 +CVE-2008-1333 version (asterisk, fixed 1.6.0-beta6) #438134 [since asterisk-1.6.0-0.6.beta6.fc9] CVE-2008-1332 ignore (asterisk) not affected according to upstream advisory CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped CVE-2008-1304 ignore (wordpress) bogus CVE id description? -CVE-2008-1289 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134 +CVE-2008-1289 version (asterisk, fixed 1.6.0-beta6) #438134 [since asterisk-1.6.0-0.6.beta6.fc9] CVE-2008-1284 version (horde, fixed 3.1.7) #436628 CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects. **CVE-2008-1227 fixed (libsilc) We updated this as non-security

16 years

1
0
0 / 0

fedora-security/audit f8, 1.180, 1.181 f9, 1.169, 1.170 fc7, 1.336, 1.337

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8201 Modified Files: f8 f9 fc7 Log Message: phpmyadmin,otrs Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.180 retrieving revision 1.181 diff -u -r1.180 -r1.181 --- f8 30 Mar 2008 22:06:59 -0000 1.180 +++ f8 30 Mar 2008 23:13:52 -0000 1.181 @@ -4,10 +4,12 @@ # *CVE are items that need verification for Fedora 8 # (mozilla) = (gecko-libs dependent stuff) +402841 VULNERABLE (phpmyadmin, fixed 2.11.5.1) #402841 293031 fixed (nx) #293031 [since FEDORA-2008-2258] 430635 VULNERABLE (comix) multiple issues tracked via #430635 438382 fixed (libsilc) #438382 [since FEDORA-2008-2641] 249840 VULNERABLE (tor) +CVE-2008-1515 VULNERABLE (otrs) #439724 CVE-2008-1488 VULNERABLE (php-pecl-apc) #438847 CVE-2008-0806 fixed (wyrd) #433720 [since FEDORA-2008-1963] CVE-2008-1532 fixed (Perlbal) #439056 [since FEDORA-2008-2778] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.169 retrieving revision 1.170 diff -u -r1.169 -r1.170 --- f9 30 Mar 2008 22:06:59 -0000 1.169 +++ f9 30 Mar 2008 23:13:52 -0000 1.170 @@ -6,7 +6,9 @@ 438382 VULNERABLE (libsilc) #438382 430635 VULNERABLE (comix) multiple issues tracked via #430635 +402841 VULNERABLE (phpmyadmin, fixed 2.11.5.1) #402841 249840 VULNERABLE (tor) +CVE-2008-1515 VULNERABLE (otrs) #439725 CVE-2008-1488 VULNERABLE (php-pecl-apc) #438848 CVE-2008-0806 VULNERABLE (wyrd) #433722 CVE-2008-1531 VULNERABLE (lighttpd) #439069 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.336 retrieving revision 1.337 diff -u -r1.336 -r1.337 --- fc7 30 Mar 2008 22:06:59 -0000 1.336 +++ fc7 30 Mar 2008 23:13:52 -0000 1.337 @@ -5,10 +5,12 @@ # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) # A couple of first F7 updates were marked as FEDORA-2007-0001 +402841 VULNERABLE (phpmyadmin, fixed 2.11.5.1) #402841 293031 fixed (nx) #293031 [since FEDORA-2008-2258] 430635 VULNERABLE (comix) multiple issues tracked via #430635 438382 fixed (libsilc) #438382 [since FEDORA-2008-2641] 249840 version (tor, fixed 0.1.2.15) #249840 [since FEDORA-2007-1674] +CVE-2008-1515 VULNERABLE (otrs) #439723 CVE-2008-1488 VULNERABLE (php-pecl-apc) #438846 CVE-2008-0806 fixed (wyrd) #433721 [since FEDORA-2008-1986] CVE-2008-1532 fixed (Perlbal) #439055 [since FEDORA-2008-2788]

16 years

1
0
0 / 0

fedora-security/audit f8, 1.179, 1.180 f9, 1.168, 1.169 fc7, 1.335, 1.336

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27847 Modified Files: f8 f9 fc7 Log Message: get rid of unmapped entries Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.179 retrieving revision 1.180 diff -u -r1.179 -r1.180 --- f8 28 Mar 2008 08:51:55 -0000 1.179 +++ f8 30 Mar 2008 22:06:59 -0000 1.180 @@ -4,17 +4,19 @@ # *CVE are items that need verification for Fedora 8 # (mozilla) = (gecko-libs dependent stuff) -GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635 -GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963] -GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641] -GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847 -CVE-2008-1532 VULNERABLE (Perlbal) #439056 +293031 fixed (nx) #293031 [since FEDORA-2008-2258] +430635 VULNERABLE (comix) multiple issues tracked via #430635 +438382 fixed (libsilc) #438382 [since FEDORA-2008-2641] +249840 VULNERABLE (tor) +CVE-2008-1488 VULNERABLE (php-pecl-apc) #438847 +CVE-2008-0806 fixed (wyrd) #433720 [since FEDORA-2008-1963] +CVE-2008-1532 fixed (Perlbal) #439056 [since FEDORA-2008-2778] CVE-2008-1531 VULNERABLE (lighttpd) #439068 CVE-2008-1483 ignore (openssh) was alrady fixed by another patch CVE-2008-1482 VULNERABLE (xine-lib) #438670 CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370] CVE-2008-1468 fixed (namazu) #438667 [since FEDORA-2008-2767] -CVE-2008-1467 VULNERABLE (centerim) #438871 +CVE-2008-1467 VULNERABLE (centerim) #438871 CVE-2008-1394 ignore (plone) CVE-2008-1390 fixed (asterisk, fixed 1.4.19-rc3) #438133 [since FEDORA-2008-2554] CVE-2008-1372 ignore (bzip2) Just a crash @@ -167,7 +169,6 @@ CVE-2007-6685 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4778] CVE-2007-6672 VULNERABLE (jetty) #428017 CVE-2007-6613 fixed (libcdio) #427199 [since FEDORA-2008-0136] -GENERIC-MAP-NOMATCH fixed (wordpress) #426433 [since FEDORA-2008-0103] CVE-2007-6612 ignore (rubygem-mongrel, only affects 1.0.4) affected version was not shipped CVE-2007-6611 fixed (mantis) #427278 [since FEDORA-2008-0282] CVE-2007-6601 fixed (postgresql, fixed 8.2.6) #427773 [since FEDORA-2008-0478] @@ -198,7 +199,7 @@ CVE-2007-6335 fixed (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115] CVE-2007-6437 fixed (syslog-ng) #426306 [since FEDORA-2008-0523] CVE-2007-6430 version (asterisk, fixed 1.4.16) [since FEDORA-2007-4651] -CVE-2007-6389 VULNERABLE (gnome-screensaver) #426170 +CVE-2007-6389 VULNERABLE (gnome-screensaver) #426170 CVE-2007-6353 VULNERABLE (exiv2) #425923 CVE-2007-6352 fixed (libexif) #425631 [since FEDORA-2007-4667] CVE-2007-6351 fixed (libexif) #425631 [since FEDORA-2007-4667] @@ -241,9 +242,10 @@ CVE-2007-6061 VULNERABLE (audacity) #393251 CVE-2007-6018 fixed (horde) #428628 [since FEDORA-2008-2040] CVE-2007-6018 fixed (imp) #428632 [since FEDORA-2008-2040] +CVE-2007-6018 fixed (wordpress) #426433 [since FEDORA-2008-0103] CVE-2007-6015 version (samba, fixed 3.0.28) [since FEDORA-2007-4275] -CVE-2007-6013 VULNERABLE (wordpress) CVE-2007-6035 version (cacti, fixed 0.8.7a) #391991 [since FEDORA-2007-3667] +CVE-2007-6013 fixed (wordpress) #426433 [since FEDORA-2008-0103] CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] CVE-2007-5972 ignore (krb5, fixed 1.6.4) not exploitable @@ -275,7 +277,6 @@ CVE-2007-5846 version (net-snmp, fixed 5.4.1) CVE-2007-5795 backport (emacs) #367591 [since FEDORA-2007-2946] CVE-2007-5770 backport (ruby) #373391 [since FEDORA-2007-2812] -GENERIC-MAP-NOMATCH fixed (nx) #293031 [since FEDORA-2008-2258] CVE-2007-5760 fixed (xorg-x11-server, fixed 1.4.1) #429126 [since FEDORA-2008-0760] CVE-2007-5759 ignore (clamav, fixed 0.92) duplicate of CVE-2007-6335 CVE-2007-5751 backport (liferea, fixed 1.4.6) #360641 [since FEDORA-2007-2853] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.168 retrieving revision 1.169 diff -u -r1.168 -r1.169 --- f9 28 Mar 2008 08:51:55 -0000 1.168 +++ f9 30 Mar 2008 22:06:59 -0000 1.169 @@ -4,11 +4,11 @@ # *CVE are items that need verification for Fedora 9 # (mozilla) = (gecko-libs dependent stuff) -GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635 -GENERIC-MAP-NOMATCH VULNERABLE (wyrd) #433722 -GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9] -GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 -GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438848 +438382 VULNERABLE (libsilc) #438382 +430635 VULNERABLE (comix) multiple issues tracked via #430635 +249840 VULNERABLE (tor) +CVE-2008-1488 VULNERABLE (php-pecl-apc) #438848 +CVE-2008-0806 VULNERABLE (wyrd) #433722 CVE-2008-1531 VULNERABLE (lighttpd) #439069 CVE-2008-1483 ignore (openssh) was alrady fixed by another patch CVE-2008-1482 VULNERABLE (xine-lib) #438671 @@ -165,7 +165,6 @@ CVE-2007-6631 fixed (libnemesi, not fixed 0.6.4-rc1) #426910 [since libnemesi-0.6.4-0.1.rc2.fc9] This wasn't released yet CVE-2007-6630 version (netembryo, fixed 0.0.5) #427470 There was not release in stable branches yet [since netembryo-0.0.5-1.fc9] CVE-2007-6613 version (libcdio) #427200 [since libcdio-0.79-2.fc9] -GENERIC-MAP-NOMATCH VULNERABLE (wordpress) #426434 CVE-2007-6612 ignore (rubygem-mongrel, only affects 1.0.4) affected version was not shipped CVE-2007-6611 version (mantis) #427280 [since mantis-1.1.0-1.fc9] CVE-2007-6601 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9] @@ -238,8 +237,9 @@ CVE-2007-6035 version (cacti, fixed 0.8.7a) #392001 [since cacti-0.8.7a-1.fc9] CVE-2007-6018 version (horde, fixed 3.1.6) #428630 [since horde-3.1.6-1.fc9] CVE-2007-6018 version (imp, fixed 4.1.6) #428634 [since imp-4.1.6-1.fc9] +CVE-2007-6018 VULNERABLE (wordpress) #426434 CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28) #433622 -CVE-2007-6013 VULNERABLE (wordpress) #426434 +CVE-2007-6013 VULNERABLE (wordpress) #426434 CVE-2007-5977 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] CVE-2007-5976 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9] CVE-2007-5972 ignore (krb5, fixed 1.6.4) not exploitable @@ -270,7 +270,6 @@ CVE-2007-5848 version (cups, fixed 1.2.0) CVE-2007-5846 version (net-snmp, fixed 5.4.1) CVE-2007-5795 backport (emacs) #367601 [since emacs-22.1-8.fc9] -GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 CVE-2007-5770 backport (ruby) #373401 [since ruby-1.8.6.111-1] CVE-2007-5760 backport (xorg-x11-server, fixed 1.4.1) #429127 [since xorg-x11-server-1.4.99.1-0.17.20080107.fc9] CVE-2007-5759 ignore (clamav, fixed 0.92) duplicate of CVE-2007-6335 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.335 retrieving revision 1.336 diff -u -r1.335 -r1.336 --- fc7 28 Mar 2008 08:51:55 -0000 1.335 +++ fc7 30 Mar 2008 22:06:59 -0000 1.336 @@ -5,17 +5,19 @@ # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) # A couple of first F7 updates were marked as FEDORA-2007-0001 -GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635 -GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986] -GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641] -GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846 -CVE-2008-1532 VULNERABLE (Perlbal) #439055 +293031 fixed (nx) #293031 [since FEDORA-2008-2258] +430635 VULNERABLE (comix) multiple issues tracked via #430635 +438382 fixed (libsilc) #438382 [since FEDORA-2008-2641] +249840 version (tor, fixed 0.1.2.15) #249840 [since FEDORA-2007-1674] +CVE-2008-1488 VULNERABLE (php-pecl-apc) #438846 +CVE-2008-0806 fixed (wyrd) #433721 [since FEDORA-2008-1986] +CVE-2008-1532 fixed (Perlbal) #439055 [since FEDORA-2008-2788] CVE-2008-1531 VULNERABLE (lighttpd) #439067 CVE-2008-1483 ignore (openssh) was alrady fixed by another patch CVE-2008-1482 VULNERABLE (xine-lib) #438669 CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471] CVE-2008-1468 fixed (namazu) #438666 [since FEDORA-2008-2678] -CVE-2008-1467 VULNERABLE (centerim) #438871 +CVE-2008-1467 VULNERABLE (centerim) #438871 CVE-2008-1394 ignore (plone) CVE-2008-1390 fixed (asterisk, fixed 1.4.19-rc3) #438132 [since FEDORA-2008-2620] CVE-2008-1372 ignore (bzip2) Just a crash @@ -166,7 +168,6 @@ CVE-2007-6686 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4777] CVE-2007-6685 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4777] CVE-2007-6613 fixed (libcdio) #427198 [since FEDORA-2008-0104] -GENERIC-MAP-NOMATCH fixed (wordpress) #426432 [since FEDORA-2008-0126] CVE-2007-6612 ignore (rubygem-mongrel, only affects 1.0.4) affected version was not shipped CVE-2007-6611 fixed (mantis) #427279 [since FEDORA-2008-0353] CVE-2007-6601 fixed (postgresql, fixed 8.2.6) #427772 [since FEDORA-2008-0552] @@ -197,7 +198,7 @@ CVE-2007-6335 fixed (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170] CVE-2007-6437 fixed (syslog-ng) #426305 [since FEDORA-2008-0559] CVE-2007-6430 version (asterisk, fixed 1.4.16) [since FEDORA-2007-4593] -CVE-2007-6389 VULNERABLE (gnome-screensaver) #426169 +CVE-2007-6389 VULNERABLE (gnome-screensaver) #426169 CVE-2007-6353 fixed (exiv2) #425922 [since FEDORA-2007-4551] CVE-2007-6352 fixed (libexif) #425621 [since FEDORA-2007-4608] CVE-2007-6351 fixed (libexif) #425621 [since FEDORA-2007-4608] @@ -241,8 +242,9 @@ CVE-2007-6035 version (cacti, fixed 0.8.7a) #391981 [since FEDORA-2007-3683] CVE-2007-6018 fixed (horde) #428629 [since FEDORA-2008-2087] CVE-2007-6018 fixed (imp) #428633 [since FEDORA-2008-2087] +CVE-2007-6018 fixed (wordpress) #426432 [since FEDORA-2008-0126] CVE-2007-6015 version (samba, fixed 3.0.28) [since FEDORA-2007-4269] -CVE-2007-6013 VULNERABLE (wordpress) +CVE-2007-6013 fixed (wordpress) #426432 [since FEDORA-2008-0126] CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5972 ignore (krb5, fixed 1.6.4) not exploitable @@ -348,7 +350,6 @@ CVE-2007-5037 version (inotify-tools) #299771 [since FEDORA-2007-3074] CVE-2007-5034 version (elinks) #297981 [since FEDORA-2007-2224] CVE-2007-5007 version (balsa) #297601 [since FEDORA-2007-2302] -GENERIC-MAP-NOMATCH fixed (nx) #293031 [since FEDORA-2008-2258] CVE-2007-5000 fixed (httpd, fixed 2.2.8) #427983 [since FEDORA-2008-1695] CVE-2007-4999 version (pidgin, fixed 2.2.2) [since FEDORA-2007-2714] CVE-2007-4996 version (pidgin, fixed 2.2.1) [since FEDORA-2007-2368] @@ -434,7 +435,6 @@ CVE-2007-4224 backport (kdebase) [since FEDORA-2007-1700] CVE-2007-4211 version (dovecot, fixed 1.0.3) #251008 [since FEDORA-2007-1485] CVE-2007-4174 version (tor, fixed 0.1.2.16) [since FEDORA-2007-1674] -GENERIC-MAP-NOMATCH version (tor, fixed 0.1.2.15) #249840 [since FEDORA-2007-1674] CVE-2007-4168 backport (libexif) #243892 [since FEDORA-2007-0414] CVE-2007-4153 ignore (wordpress) "remote authenticated administrators" CVE-2007-4154 ignore (wordpress) "remote authenticated administrators"

16 years

1
0
0 / 0

fedora-security/audit f8, 1.178, 1.179 f9, 1.167, 1.168 fc7, 1.334, 1.335

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10358 Modified Files: f8 f9 fc7 Log Message: CVE for Perlbal Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.178 retrieving revision 1.179 diff -u -r1.178 -r1.179 --- f8 27 Mar 2008 23:12:24 -0000 1.178 +++ f8 28 Mar 2008 08:51:55 -0000 1.179 @@ -8,8 +8,8 @@ GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963] GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641] GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847 -GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439068 CVE-2008-1532 VULNERABLE (Perlbal) #439056 +CVE-2008-1531 VULNERABLE (lighttpd) #439068 CVE-2008-1483 ignore (openssh) was alrady fixed by another patch CVE-2008-1482 VULNERABLE (xine-lib) #438670 CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.167 retrieving revision 1.168 diff -u -r1.167 -r1.168 --- f9 27 Mar 2008 08:32:13 -0000 1.167 +++ f9 28 Mar 2008 08:51:55 -0000 1.168 @@ -9,7 +9,7 @@ GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9] GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438848 -GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439069 +CVE-2008-1531 VULNERABLE (lighttpd) #439069 CVE-2008-1483 ignore (openssh) was alrady fixed by another patch CVE-2008-1482 VULNERABLE (xine-lib) #438671 CVE-2008-1474 version (roundup) #436549 [since roundup-1.4.4-1.fc9] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.334 retrieving revision 1.335 diff -u -r1.334 -r1.335 --- fc7 27 Mar 2008 23:12:24 -0000 1.334 +++ fc7 28 Mar 2008 08:51:55 -0000 1.335 @@ -9,8 +9,8 @@ GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986] GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641] GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846 -GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439067 CVE-2008-1532 VULNERABLE (Perlbal) #439055 +CVE-2008-1531 VULNERABLE (lighttpd) #439067 CVE-2008-1483 ignore (openssh) was alrady fixed by another patch CVE-2008-1482 VULNERABLE (xine-lib) #438669 CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471]

16 years

1
0
0 / 0

fedora-security/audit f8, 1.177, 1.178 fc7, 1.333, 1.334

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9529 Modified Files: f8 fc7 Log Message: perlbal cve Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.177 retrieving revision 1.178 diff -u -r1.177 -r1.178 --- f8 27 Mar 2008 08:32:13 -0000 1.177 +++ f8 27 Mar 2008 23:12:24 -0000 1.178 @@ -8,8 +8,8 @@ GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963] GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641] GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847 -GENERIC-MAP-NOMATCH VULNERABLE (Perlbal) #439056 GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439068 +CVE-2008-1532 VULNERABLE (Perlbal) #439056 CVE-2008-1483 ignore (openssh) was alrady fixed by another patch CVE-2008-1482 VULNERABLE (xine-lib) #438670 CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370] Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.333 retrieving revision 1.334 diff -u -r1.333 -r1.334 --- fc7 27 Mar 2008 08:32:13 -0000 1.333 +++ fc7 27 Mar 2008 23:12:24 -0000 1.334 @@ -9,8 +9,8 @@ GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986] GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641] GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846 -GENERIC-MAP-NOMATCH VULNERABLE (Perlbal) #439055 GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439067 +CVE-2008-1532 VULNERABLE (Perlbal) #439055 CVE-2008-1483 ignore (openssh) was alrady fixed by another patch CVE-2008-1482 VULNERABLE (xine-lib) #438669 CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471]

16 years

1
0
0 / 0

fedora-security/audit f8, 1.176, 1.177 f9, 1.166, 1.167 fc7, 1.332, 1.333

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13389 Modified Files: f8 f9 fc7 Log Message: openssh Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.176 retrieving revision 1.177 diff -u -r1.176 -r1.177 --- f8 26 Mar 2008 20:01:28 -0000 1.176 +++ f8 27 Mar 2008 08:32:13 -0000 1.177 @@ -10,6 +10,7 @@ GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847 GENERIC-MAP-NOMATCH VULNERABLE (Perlbal) #439056 GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439068 +CVE-2008-1483 ignore (openssh) was alrady fixed by another patch CVE-2008-1482 VULNERABLE (xine-lib) #438670 CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370] CVE-2008-1468 fixed (namazu) #438667 [since FEDORA-2008-2767] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.166 retrieving revision 1.167 diff -u -r1.166 -r1.167 --- f9 26 Mar 2008 20:01:28 -0000 1.166 +++ f9 27 Mar 2008 08:32:13 -0000 1.167 @@ -10,6 +10,7 @@ GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438848 GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439069 +CVE-2008-1483 ignore (openssh) was alrady fixed by another patch CVE-2008-1482 VULNERABLE (xine-lib) #438671 CVE-2008-1474 version (roundup) #436549 [since roundup-1.4.4-1.fc9] CVE-2008-1468 VULNERABLE (namazu) #438668 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.332 retrieving revision 1.333 diff -u -r1.332 -r1.333 --- fc7 26 Mar 2008 20:01:28 -0000 1.332 +++ fc7 27 Mar 2008 08:32:13 -0000 1.333 @@ -11,6 +11,7 @@ GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846 GENERIC-MAP-NOMATCH VULNERABLE (Perlbal) #439055 GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439067 +CVE-2008-1483 ignore (openssh) was alrady fixed by another patch CVE-2008-1482 VULNERABLE (xine-lib) #438669 CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471] CVE-2008-1468 fixed (namazu) #438666 [since FEDORA-2008-2678]

16 years

1
0
0 / 0

fedora-security/audit f8, 1.175, 1.176 f9, 1.165, 1.166 fc7, 1.331, 1.332

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14158 Modified Files: f8 f9 fc7 Log Message: Perlbal,lighttpd Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.175 retrieving revision 1.176 diff -u -r1.175 -r1.176 --- f8 26 Mar 2008 17:38:15 -0000 1.175 +++ f8 26 Mar 2008 20:01:28 -0000 1.176 @@ -8,6 +8,8 @@ GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963] GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641] GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847 +GENERIC-MAP-NOMATCH VULNERABLE (Perlbal) #439056 +GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439068 CVE-2008-1482 VULNERABLE (xine-lib) #438670 CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370] CVE-2008-1468 fixed (namazu) #438667 [since FEDORA-2008-2767] Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.165 retrieving revision 1.166 diff -u -r1.165 -r1.166 --- f9 26 Mar 2008 07:31:28 -0000 1.165 +++ f9 26 Mar 2008 20:01:28 -0000 1.166 @@ -9,6 +9,7 @@ GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9] GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438848 +GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439069 CVE-2008-1482 VULNERABLE (xine-lib) #438671 CVE-2008-1474 version (roundup) #436549 [since roundup-1.4.4-1.fc9] CVE-2008-1468 VULNERABLE (namazu) #438668 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.331 retrieving revision 1.332 diff -u -r1.331 -r1.332 --- fc7 26 Mar 2008 17:38:15 -0000 1.331 +++ fc7 26 Mar 2008 20:01:28 -0000 1.332 @@ -9,6 +9,8 @@ GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986] GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641] GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846 +GENERIC-MAP-NOMATCH VULNERABLE (Perlbal) #439055 +GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439067 CVE-2008-1482 VULNERABLE (xine-lib) #438669 CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471] CVE-2008-1468 fixed (namazu) #438666 [since FEDORA-2008-2678]

16 years

1
0
0 / 0

fedora-security/audit f8, 1.174, 1.175 fc7, 1.330, 1.331

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24173 Modified Files: f8 fc7 Log Message: check-updates Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.174 retrieving revision 1.175 diff -u -r1.174 -r1.175 --- f8 26 Mar 2008 07:31:28 -0000 1.174 +++ f8 26 Mar 2008 17:38:15 -0000 1.175 @@ -6,25 +6,25 @@ GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635 GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963] -GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 +GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641] GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847 CVE-2008-1482 VULNERABLE (xine-lib) #438670 CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370] -CVE-2008-1468 VULNERABLE (namazu) #438667 +CVE-2008-1468 fixed (namazu) #438667 [since FEDORA-2008-2767] CVE-2008-1467 VULNERABLE (centerim) #438871 CVE-2008-1394 ignore (plone) -CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438133 +CVE-2008-1390 fixed (asterisk, fixed 1.4.19-rc3) #438133 [since FEDORA-2008-2554] CVE-2008-1372 ignore (bzip2) Just a crash CVE-2008-1360 VULNERABLE (nagios) #437850 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization CVE-2008-1333 ignore (asterisk) not affected -CVE-2008-1332 VULNERABLE (asterisk, fixed 1.4.18.1) #438133 +CVE-2008-1332 fixed (asterisk, fixed 1.4.18.1) #438133 [since FEDORA-2008-2554] CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped CVE-2008-1304 ignore (wordpress) bogus CVE id description? CVE-2008-1292 fixed (viewvc) #435349 [since FEDORA-2008-2159] CVE-2008-1291 fixed (viewvc) #435349 [since FEDORA-2008-2159] CVE-2008-1290 fixed (viewvc) #435349 [since FEDORA-2008-2159] -CVE-2008-1289 VULNERABLE (asterisk, fixed 1.4.18.1) #438133 +CVE-2008-1289 fixed (asterisk, fixed 1.4.18.1) #438133 [since FEDORA-2008-2554] CVE-2008-1284 version (horde, fixed 3.1.7) #436628 [since FEDORA-2008-2362] CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects. **CVE-2008-1227 fixed (libsilc) We updated this as non-security @@ -45,11 +45,11 @@ CVE-2008-1071 VULNERABLE (wireshark, fixed 0.99.8) #435485 CVE-2008-1070 VULNERABLE (wireshark, fixed 0.99.8) #435485 CVE-2008-1066 version (php-Smarty) #435811 [since FEDORA-2008-1911] -CVE-2008-1066 VULNERABLE (gallery2) #438058 +CVE-2008-1066 VULNERABLE (gallery2) #438058 [since FEDORA-2008-2587] CVE-2008-1066 VULNERABLE (php-pear-PhpDocumentor) #438062 CVE-2008-1010 ignore (WebKit) Nothing uses WebKit CVE-2008-0983 fixed (lighttpd) #435807 [since FEDORA-2008-2262] -CVE-2008-0947 VULNERABLE (krb5, fixed 1.6.4) #438023 +CVE-2008-0947 fixed (krb5, fixed 1.6.4) #438023 [since FEDORA-2008-2647] CVE-2008-0932 fixed (sword) #433724 [since FEDORA-2008-1922] why? diatheke.pl is not shipped... CVE-2008-0928 fixed (qemu) #433561 [since FEDORA-2008-2001] CVE-2008-0928 fixed (kvm) #433564 [since FEDORA-2008-1973] @@ -141,10 +141,10 @@ CVE-2008-0123 fixed (moodle) #428731 [since FEDORA-2008-0610] CVE-2008-0122 fixed (bind) #429149 [since FEDORA-2008-0904] CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199] -CVE-2008-0073 VULNERABLE (xine-lib, fixed 1.1.11) #438192 +CVE-2008-0073 fixed (xine-lib, fixed 1.1.11) #438192 [since FEDORA-2008-2569] CVE-2008-0072 fixed (evolution) #436081 [since FEDORA-2008-2292] -CVE-2008-0063 VULNERABLE (krb5, fixed 1.6.4) #438023 -CVE-2008-0062 VULNERABLE (krb5, fixed 1.6.4) #438023 +CVE-2008-0063 fixed (krb5, fixed 1.6.4) #438023 [since FEDORA-2008-2647] +CVE-2008-0062 fixed (krb5, fixed 1.6.4) #438023 [since FEDORA-2008-2647] CVE-2008-0008 fixed (pulseaudio) #425481 [since FEDORA-2008-0994] CVE-2008-0006 fixed (libXfont) #429132 [since FEDORA-2008-0794] CVE-2008-0005 fixed (httpd, fixed 2.2.8) #427982 [since FEDORA-2008-1711] @@ -244,7 +244,7 @@ CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636] CVE-2007-5972 ignore (krb5, fixed 1.6.4) not exploitable -CVE-2007-5971 VULNERABLE (krb5, fixed 1.6.4) #438023 +CVE-2007-5971 fixed (krb5, fixed 1.6.4) #438023 [since FEDORA-2008-2647] CVE-2007-5970 ignore (mysql, fixed 5.1.23) mysql 5.1+ only, affects partitioning CVE-2007-5969 backport (mysql, fixed 5.0.51) #424931 [since FEDORA-2007-4465] CVE-2007-5965 version (qt4, fixed 4.3.3) [since FEDORA-2007-4285] @@ -265,7 +265,7 @@ CVE-2007-5907 VULNERABLE (xen) #390111 CVE-2007-5906 VULNERABLE (xen) #390111 CVE-2007-5902 ignore (krb5, fixed 1.6.4) not exploitable -CVE-2007-5901 VULNERABLE (krb5, fixed 1.6.4) #438023 +CVE-2007-5901 fixed (krb5, fixed 1.6.4) #438023 [since FEDORA-2008-2647] CVE-2007-5894 ignore (krb5, fixed 1.6.4) not exploitable CVE-2007-5849 ignore (cups, fixed 1.3.5) minimal impact, see #415131 CVE-2007-5848 version (cups, fixed 1.2.0) Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.330 retrieving revision 1.331 diff -u -r1.330 -r1.331 --- fc7 26 Mar 2008 07:31:28 -0000 1.330 +++ fc7 26 Mar 2008 17:38:15 -0000 1.331 @@ -7,25 +7,25 @@ GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635 GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986] -GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 +GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641] GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846 CVE-2008-1482 VULNERABLE (xine-lib) #438669 CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471] -CVE-2008-1468 VULNERABLE (namazu) #438666 +CVE-2008-1468 fixed (namazu) #438666 [since FEDORA-2008-2678] CVE-2008-1467 VULNERABLE (centerim) #438871 CVE-2008-1394 ignore (plone) -CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438132 +CVE-2008-1390 fixed (asterisk, fixed 1.4.19-rc3) #438132 [since FEDORA-2008-2620] CVE-2008-1372 ignore (bzip2) Just a crash CVE-2008-1360 VULNERABLE (nagios) #437851 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization CVE-2008-1333 ignore (asterisk) not affected -CVE-2008-1332 VULNERABLE (asterisk, fixed 1.4.18.1) #438132 +CVE-2008-1332 fixed (asterisk, fixed 1.4.18.1) #438132 [since FEDORA-2008-2620] CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped CVE-2008-1304 ignore (wordpress) bogus CVE id description? CVE-2008-1292 fixed (viewvc) #435349 [since FEDORA-2008-2159] CVE-2008-1291 fixed (viewvc) #435349 [since FEDORA-2008-2159] CVE-2008-1290 fixed (viewvc) #435349 [since FEDORA-2008-2159] -CVE-2008-1289 VULNERABLE (asterisk, fixed 1.4.18.1) #438132 +CVE-2008-1289 fixed (asterisk, fixed 1.4.18.1) #438132 [since FEDORA-2008-2620] CVE-2008-1284 version (horde, fixed 3.1.7) #436628 [since FEDORA-2008-2406] CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects. **CVE-2008-1227 fixed (libsilc) We updated this as non-security @@ -46,11 +46,11 @@ CVE-2008-1071 VULNERABLE (wireshark, fixed 0.99.8) #435487 CVE-2008-1070 VULNERABLE (wireshark, fixed 0.99.8) #435487 CVE-2008-1066 version (php-Smarty, fixed 2.6.19) #435812 [since FEDORA-2008-1928] -CVE-2008-1066 VULNERABLE (gallery2) #438059 -CVE-2008-1066 VULNERABLE (php-pear-PhpDocumentor) #438063 +CVE-2008-1066 VULNERABLE (gallery2) #438059 [since FEDORA-2008-2650] +CVE-2008-1066 fixed (php-pear-PhpDocumentor) #438063 [since FEDORA-2008-2656] CVE-2008-1010 ignore (WebKit) Nothing uses WebKit CVE-2008-0983 fixed (lighttpd) #435808 [since FEDORA-2008-2278] -CVE-2008-0947 VULNERABLE (krb5, fixed 1.6.4) #438022 +CVE-2008-0947 fixed (krb5, fixed 1.6.4) #438022 [since FEDORA-2008-2637] CVE-2008-0932 fixed (sword) #433725 [since FEDORA-2008-1951] why? diatheke.pl is not shipped... CVE-2008-0928 fixed (qemu) #433562 [since FEDORA-2008-1995] CVE-2008-0928 fixed (kvm) #433565 [since FEDORA-2008-1993] @@ -143,8 +143,8 @@ CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198] CVE-2008-0073 VULNERABLE (xine-lib, fixed 1.1.11) #438191 CVE-2008-0072 fixed (evolution) #436080 [since FEDORA-2008-2290] -CVE-2008-0063 VULNERABLE (krb5, fixed 1.6.4) #438022 -CVE-2008-0062 VULNERABLE (krb5, fixed 1.6.4) #438022 +CVE-2008-0063 fixed (krb5, fixed 1.6.4) #438022 [since FEDORA-2008-2637] +CVE-2008-0062 fixed (krb5, fixed 1.6.4) #438022 [since FEDORA-2008-2637] CVE-2008-0008 fixed (pulseaudio) #425481 [since FEDORA-2008-0994] CVE-2008-0006 fixed (libXfont) #429131 [since FEDORA-2008-0891] CVE-2008-0005 fixed (httpd, fixed 2.2.8) #427983 [since FEDORA-2008-1695] @@ -243,7 +243,7 @@ CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627] CVE-2007-5972 ignore (krb5, fixed 1.6.4) not exploitable -CVE-2007-5971 VULNERABLE (krb5, fixed 1.6.4) #438022 +CVE-2007-5971 fixed (krb5, fixed 1.6.4) #438022 [since FEDORA-2008-2637] CVE-2007-5970 ignore (mysql, fixed 5.1.23) mysql 5.1+ only, affects partitioning CVE-2007-5969 backport (mysql, fixed 5.0.51) #424921 [since FEDORA-2007-4471] CVE-2007-5965 version (qt4, fixed 4.3.3) [since FEDORA-2007-4354] @@ -264,7 +264,7 @@ CVE-2007-5907 VULNERABLE (xen) #390101 CVE-2007-5906 VULNERABLE (xen) #390101 CVE-2007-5902 ignore (krb5, fixed 1.6.4) not exploitable -CVE-2007-5901 VULNERABLE (krb5, fixed 1.6.4) #438022 +CVE-2007-5901 fixed (krb5, fixed 1.6.4) #438022 [since FEDORA-2008-2637] CVE-2007-5894 ignore (krb5, fixed 1.6.4) not exploitable CVE-2007-5849 ignore (cups, fixed 1.3.5) minimal impact, see #415131 CVE-2007-5848 version (cups, fixed 1.2.0)

16 years

1
0
0 / 0

fedora-security/audit f8, 1.173, 1.174 f9, 1.164, 1.165 fc7, 1.329, 1.330

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10718 Modified Files: f8 f9 fc7 Log Message: apc,roundup,centerim,bzip3,viewvc Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.173 retrieving revision 1.174 diff -u -r1.173 -r1.174 --- f8 25 Mar 2008 08:41:31 -0000 1.173 +++ f8 26 Mar 2008 07:31:28 -0000 1.174 @@ -4,25 +4,26 @@ # *CVE are items that need verification for Fedora 8 # (mozilla) = (gecko-libs dependent stuff) -# Up to date CVE as of CVE email 20071215 -# Up to date F8 as of 20080111 - GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635 GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963] -GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159] -GENERIC-MAP-NOMATCH fixed (roundup) #436547 [since FEDORA-2008-2370] GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 +GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847 CVE-2008-1482 VULNERABLE (xine-lib) #438670 +CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370] CVE-2008-1468 VULNERABLE (namazu) #438667 -CVE-2008-1467 ignore (centerim) drugs +CVE-2008-1467 VULNERABLE (centerim) #438871 CVE-2008-1394 ignore (plone) CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438133 +CVE-2008-1372 ignore (bzip2) Just a crash CVE-2008-1360 VULNERABLE (nagios) #437850 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization CVE-2008-1333 ignore (asterisk) not affected CVE-2008-1332 VULNERABLE (asterisk, fixed 1.4.18.1) #438133 CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped CVE-2008-1304 ignore (wordpress) bogus CVE id description? +CVE-2008-1292 fixed (viewvc) #435349 [since FEDORA-2008-2159] +CVE-2008-1291 fixed (viewvc) #435349 [since FEDORA-2008-2159] +CVE-2008-1290 fixed (viewvc) #435349 [since FEDORA-2008-2159] CVE-2008-1289 VULNERABLE (asterisk, fixed 1.4.18.1) #438133 CVE-2008-1284 version (horde, fixed 3.1.7) #436628 [since FEDORA-2008-2362] CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects. Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.164 retrieving revision 1.165 diff -u -r1.164 -r1.165 --- f9 25 Mar 2008 08:41:31 -0000 1.164 +++ f9 26 Mar 2008 07:31:28 -0000 1.165 @@ -4,19 +4,18 @@ # *CVE are items that need verification for Fedora 9 # (mozilla) = (gecko-libs dependent stuff) -# Up to date CVE as of CVE email 20071211 -# Up to date F9 as of 20071029 - GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635 GENERIC-MAP-NOMATCH VULNERABLE (wyrd) #433722 GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9] -GENERIC-MAP-NOMATCH version (roundup) #436549 [since roundup-1.4.4-1.fc9] GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 +GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438848 CVE-2008-1482 VULNERABLE (xine-lib) #438671 +CVE-2008-1474 version (roundup) #436549 [since roundup-1.4.4-1.fc9] CVE-2008-1468 VULNERABLE (namazu) #438668 -CVE-2008-1467 ignore (centerim) drugs +CVE-2008-1467 fixed (centerim) #438871 CVE-2008-1394 ignore (plone) CVE-2008-1390 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134 +CVE-2008-1372 ignore (bzip2) Just a crash CVE-2008-1360 VULNERABLE (nagios) #437852 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization CVE-2008-1333 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.329 retrieving revision 1.330 diff -u -r1.329 -r1.330 --- fc7 25 Mar 2008 08:41:31 -0000 1.329 +++ fc7 26 Mar 2008 07:31:28 -0000 1.330 @@ -5,25 +5,26 @@ # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany) # A couple of first F7 updates were marked as FEDORA-2007-0001 -# Up to date CVE as of CVE email 200711215 -# Up to date FC7 as of 20080111 - GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635 GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986] -GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159] -GENERIC-MAP-NOMATCH fixed (roundup) #436548 [since FEDORA-2008-2471] GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 +GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846 CVE-2008-1482 VULNERABLE (xine-lib) #438669 +CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471] CVE-2008-1468 VULNERABLE (namazu) #438666 -CVE-2008-1467 ignore (centerim) drugs +CVE-2008-1467 VULNERABLE (centerim) #438871 CVE-2008-1394 ignore (plone) CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438132 +CVE-2008-1372 ignore (bzip2) Just a crash CVE-2008-1360 VULNERABLE (nagios) #437851 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization CVE-2008-1333 ignore (asterisk) not affected CVE-2008-1332 VULNERABLE (asterisk, fixed 1.4.18.1) #438132 CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped CVE-2008-1304 ignore (wordpress) bogus CVE id description? +CVE-2008-1292 fixed (viewvc) #435349 [since FEDORA-2008-2159] +CVE-2008-1291 fixed (viewvc) #435349 [since FEDORA-2008-2159] +CVE-2008-1290 fixed (viewvc) #435349 [since FEDORA-2008-2159] CVE-2008-1289 VULNERABLE (asterisk, fixed 1.4.18.1) #438132 CVE-2008-1284 version (horde, fixed 3.1.7) #436628 [since FEDORA-2008-2406] CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects.

16 years

1
0
0 / 0

fedora-security/audit f8, 1.172, 1.173 f9, 1.163, 1.164 fc7, 1.328, 1.329

by fedora-security-commits＠redhat.com

Author: lkundrak Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv18839 Modified Files: f8 f9 fc7 Log Message: centerim,namazu,xine-lib got CVE names Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.172 retrieving revision 1.173 diff -u -r1.172 -r1.173 --- f8 24 Mar 2008 10:44:59 -0000 1.172 +++ f8 25 Mar 2008 08:41:31 -0000 1.173 @@ -12,8 +12,9 @@ GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159] GENERIC-MAP-NOMATCH fixed (roundup) #436547 [since FEDORA-2008-2370] GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 -GENERIC-MAP-NOMATCH VULNERABLE (namazu) #438667 -GENERIC-MAP-NOMATCH VULNERABLE (xine-lib) #438670 +CVE-2008-1482 VULNERABLE (xine-lib) #438670 +CVE-2008-1468 VULNERABLE (namazu) #438667 +CVE-2008-1467 ignore (centerim) drugs CVE-2008-1394 ignore (plone) CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438133 CVE-2008-1360 VULNERABLE (nagios) #437850 Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.163 retrieving revision 1.164 diff -u -r1.163 -r1.164 --- f9 24 Mar 2008 10:44:59 -0000 1.163 +++ f9 25 Mar 2008 08:41:31 -0000 1.164 @@ -12,8 +12,9 @@ GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9] GENERIC-MAP-NOMATCH version (roundup) #436549 [since roundup-1.4.4-1.fc9] GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 -GENERIC-MAP-NOMATCH VULNERABLE (namazu) #438668 -GENERIC-MAP-NOMATCH VULNERABLE (xine-lib) #438671 +CVE-2008-1482 VULNERABLE (xine-lib) #438671 +CVE-2008-1468 VULNERABLE (namazu) #438668 +CVE-2008-1467 ignore (centerim) drugs CVE-2008-1394 ignore (plone) CVE-2008-1390 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134 CVE-2008-1360 VULNERABLE (nagios) #437852 Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.328 retrieving revision 1.329 diff -u -r1.328 -r1.329 --- fc7 24 Mar 2008 10:44:59 -0000 1.328 +++ fc7 25 Mar 2008 08:41:31 -0000 1.329 @@ -13,8 +13,9 @@ GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159] GENERIC-MAP-NOMATCH fixed (roundup) #436548 [since FEDORA-2008-2471] GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 -GENERIC-MAP-NOMATCH VULNERABLE (namazu) #438666 -GENERIC-MAP-NOMATCH VULNERABLE (xine-lib) #438669 +CVE-2008-1482 VULNERABLE (xine-lib) #438669 +CVE-2008-1468 VULNERABLE (namazu) #438666 +CVE-2008-1467 ignore (centerim) drugs CVE-2008-1394 ignore (plone) CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438132 CVE-2008-1360 VULNERABLE (nagios) #437851

16 years

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

security-commits March 2008