fedora-security/audit f9,1.170,1.171
by fedora-security-commits@redhat.com
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8625/audit
Modified Files:
f9
Log Message:
asterisk fixes in rawhide
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.170
retrieving revision 1.171
diff -u -r1.170 -r1.171
--- f9 30 Mar 2008 23:13:52 -0000 1.170
+++ f9 31 Mar 2008 12:32:21 -0000 1.171
@@ -18,15 +18,15 @@
CVE-2008-1468 VULNERABLE (namazu) #438668
CVE-2008-1467 fixed (centerim) #438871
CVE-2008-1394 ignore (plone)
-CVE-2008-1390 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134
+CVE-2008-1390 version (asterisk, fixed 1.6.0-beta6) #438134 [since asterisk-1.6.0-0.6.beta6.fc9]
CVE-2008-1372 ignore (bzip2) Just a crash
CVE-2008-1360 VULNERABLE (nagios) #437852
CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
-CVE-2008-1333 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134
+CVE-2008-1333 version (asterisk, fixed 1.6.0-beta6) #438134 [since asterisk-1.6.0-0.6.beta6.fc9]
CVE-2008-1332 ignore (asterisk) not affected according to upstream advisory
CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
CVE-2008-1304 ignore (wordpress) bogus CVE id description?
-CVE-2008-1289 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134
+CVE-2008-1289 version (asterisk, fixed 1.6.0-beta6) #438134 [since asterisk-1.6.0-0.6.beta6.fc9]
CVE-2008-1284 version (horde, fixed 3.1.7) #436628
CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects.
**CVE-2008-1227 fixed (libsilc) We updated this as non-security
16 years
fedora-security/audit f8, 1.180, 1.181 f9, 1.169, 1.170 fc7, 1.336, 1.337
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8201
Modified Files:
f8 f9 fc7
Log Message:
phpmyadmin,otrs
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.180
retrieving revision 1.181
diff -u -r1.180 -r1.181
--- f8 30 Mar 2008 22:06:59 -0000 1.180
+++ f8 30 Mar 2008 23:13:52 -0000 1.181
@@ -4,10 +4,12 @@
# *CVE are items that need verification for Fedora 8
# (mozilla) = (gecko-libs dependent stuff)
+402841 VULNERABLE (phpmyadmin, fixed 2.11.5.1) #402841
293031 fixed (nx) #293031 [since FEDORA-2008-2258]
430635 VULNERABLE (comix) multiple issues tracked via #430635
438382 fixed (libsilc) #438382 [since FEDORA-2008-2641]
249840 VULNERABLE (tor)
+CVE-2008-1515 VULNERABLE (otrs) #439724
CVE-2008-1488 VULNERABLE (php-pecl-apc) #438847
CVE-2008-0806 fixed (wyrd) #433720 [since FEDORA-2008-1963]
CVE-2008-1532 fixed (Perlbal) #439056 [since FEDORA-2008-2778]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.169
retrieving revision 1.170
diff -u -r1.169 -r1.170
--- f9 30 Mar 2008 22:06:59 -0000 1.169
+++ f9 30 Mar 2008 23:13:52 -0000 1.170
@@ -6,7 +6,9 @@
438382 VULNERABLE (libsilc) #438382
430635 VULNERABLE (comix) multiple issues tracked via #430635
+402841 VULNERABLE (phpmyadmin, fixed 2.11.5.1) #402841
249840 VULNERABLE (tor)
+CVE-2008-1515 VULNERABLE (otrs) #439725
CVE-2008-1488 VULNERABLE (php-pecl-apc) #438848
CVE-2008-0806 VULNERABLE (wyrd) #433722
CVE-2008-1531 VULNERABLE (lighttpd) #439069
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.336
retrieving revision 1.337
diff -u -r1.336 -r1.337
--- fc7 30 Mar 2008 22:06:59 -0000 1.336
+++ fc7 30 Mar 2008 23:13:52 -0000 1.337
@@ -5,10 +5,12 @@
# (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
# A couple of first F7 updates were marked as FEDORA-2007-0001
+402841 VULNERABLE (phpmyadmin, fixed 2.11.5.1) #402841
293031 fixed (nx) #293031 [since FEDORA-2008-2258]
430635 VULNERABLE (comix) multiple issues tracked via #430635
438382 fixed (libsilc) #438382 [since FEDORA-2008-2641]
249840 version (tor, fixed 0.1.2.15) #249840 [since FEDORA-2007-1674]
+CVE-2008-1515 VULNERABLE (otrs) #439723
CVE-2008-1488 VULNERABLE (php-pecl-apc) #438846
CVE-2008-0806 fixed (wyrd) #433721 [since FEDORA-2008-1986]
CVE-2008-1532 fixed (Perlbal) #439055 [since FEDORA-2008-2788]
16 years
fedora-security/audit f8, 1.179, 1.180 f9, 1.168, 1.169 fc7, 1.335, 1.336
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27847
Modified Files:
f8 f9 fc7
Log Message:
get rid of unmapped entries
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.179
retrieving revision 1.180
diff -u -r1.179 -r1.180
--- f8 28 Mar 2008 08:51:55 -0000 1.179
+++ f8 30 Mar 2008 22:06:59 -0000 1.180
@@ -4,17 +4,19 @@
# *CVE are items that need verification for Fedora 8
# (mozilla) = (gecko-libs dependent stuff)
-GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
-GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963]
-GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641]
-GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847
-CVE-2008-1532 VULNERABLE (Perlbal) #439056
+293031 fixed (nx) #293031 [since FEDORA-2008-2258]
+430635 VULNERABLE (comix) multiple issues tracked via #430635
+438382 fixed (libsilc) #438382 [since FEDORA-2008-2641]
+249840 VULNERABLE (tor)
+CVE-2008-1488 VULNERABLE (php-pecl-apc) #438847
+CVE-2008-0806 fixed (wyrd) #433720 [since FEDORA-2008-1963]
+CVE-2008-1532 fixed (Perlbal) #439056 [since FEDORA-2008-2778]
CVE-2008-1531 VULNERABLE (lighttpd) #439068
CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
CVE-2008-1482 VULNERABLE (xine-lib) #438670
CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370]
CVE-2008-1468 fixed (namazu) #438667 [since FEDORA-2008-2767]
-CVE-2008-1467 VULNERABLE (centerim) #438871
+CVE-2008-1467 VULNERABLE (centerim) #438871
CVE-2008-1394 ignore (plone)
CVE-2008-1390 fixed (asterisk, fixed 1.4.19-rc3) #438133 [since FEDORA-2008-2554]
CVE-2008-1372 ignore (bzip2) Just a crash
@@ -167,7 +169,6 @@
CVE-2007-6685 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4778]
CVE-2007-6672 VULNERABLE (jetty) #428017
CVE-2007-6613 fixed (libcdio) #427199 [since FEDORA-2008-0136]
-GENERIC-MAP-NOMATCH fixed (wordpress) #426433 [since FEDORA-2008-0103]
CVE-2007-6612 ignore (rubygem-mongrel, only affects 1.0.4) affected version was not shipped
CVE-2007-6611 fixed (mantis) #427278 [since FEDORA-2008-0282]
CVE-2007-6601 fixed (postgresql, fixed 8.2.6) #427773 [since FEDORA-2008-0478]
@@ -198,7 +199,7 @@
CVE-2007-6335 fixed (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115]
CVE-2007-6437 fixed (syslog-ng) #426306 [since FEDORA-2008-0523]
CVE-2007-6430 version (asterisk, fixed 1.4.16) [since FEDORA-2007-4651]
-CVE-2007-6389 VULNERABLE (gnome-screensaver) #426170
+CVE-2007-6389 VULNERABLE (gnome-screensaver) #426170
CVE-2007-6353 VULNERABLE (exiv2) #425923
CVE-2007-6352 fixed (libexif) #425631 [since FEDORA-2007-4667]
CVE-2007-6351 fixed (libexif) #425631 [since FEDORA-2007-4667]
@@ -241,9 +242,10 @@
CVE-2007-6061 VULNERABLE (audacity) #393251
CVE-2007-6018 fixed (horde) #428628 [since FEDORA-2008-2040]
CVE-2007-6018 fixed (imp) #428632 [since FEDORA-2008-2040]
+CVE-2007-6018 fixed (wordpress) #426433 [since FEDORA-2008-0103]
CVE-2007-6015 version (samba, fixed 3.0.28) [since FEDORA-2007-4275]
-CVE-2007-6013 VULNERABLE (wordpress)
CVE-2007-6035 version (cacti, fixed 0.8.7a) #391991 [since FEDORA-2007-3667]
+CVE-2007-6013 fixed (wordpress) #426433 [since FEDORA-2008-0103]
CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636]
CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636]
CVE-2007-5972 ignore (krb5, fixed 1.6.4) not exploitable
@@ -275,7 +277,6 @@
CVE-2007-5846 version (net-snmp, fixed 5.4.1)
CVE-2007-5795 backport (emacs) #367591 [since FEDORA-2007-2946]
CVE-2007-5770 backport (ruby) #373391 [since FEDORA-2007-2812]
-GENERIC-MAP-NOMATCH fixed (nx) #293031 [since FEDORA-2008-2258]
CVE-2007-5760 fixed (xorg-x11-server, fixed 1.4.1) #429126 [since FEDORA-2008-0760]
CVE-2007-5759 ignore (clamav, fixed 0.92) duplicate of CVE-2007-6335
CVE-2007-5751 backport (liferea, fixed 1.4.6) #360641 [since FEDORA-2007-2853]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.168
retrieving revision 1.169
diff -u -r1.168 -r1.169
--- f9 28 Mar 2008 08:51:55 -0000 1.168
+++ f9 30 Mar 2008 22:06:59 -0000 1.169
@@ -4,11 +4,11 @@
# *CVE are items that need verification for Fedora 9
# (mozilla) = (gecko-libs dependent stuff)
-GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
-GENERIC-MAP-NOMATCH VULNERABLE (wyrd) #433722
-GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9]
-GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382
-GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438848
+438382 VULNERABLE (libsilc) #438382
+430635 VULNERABLE (comix) multiple issues tracked via #430635
+249840 VULNERABLE (tor)
+CVE-2008-1488 VULNERABLE (php-pecl-apc) #438848
+CVE-2008-0806 VULNERABLE (wyrd) #433722
CVE-2008-1531 VULNERABLE (lighttpd) #439069
CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
CVE-2008-1482 VULNERABLE (xine-lib) #438671
@@ -165,7 +165,6 @@
CVE-2007-6631 fixed (libnemesi, not fixed 0.6.4-rc1) #426910 [since libnemesi-0.6.4-0.1.rc2.fc9] This wasn't released yet
CVE-2007-6630 version (netembryo, fixed 0.0.5) #427470 There was not release in stable branches yet [since netembryo-0.0.5-1.fc9]
CVE-2007-6613 version (libcdio) #427200 [since libcdio-0.79-2.fc9]
-GENERIC-MAP-NOMATCH VULNERABLE (wordpress) #426434
CVE-2007-6612 ignore (rubygem-mongrel, only affects 1.0.4) affected version was not shipped
CVE-2007-6611 version (mantis) #427280 [since mantis-1.1.0-1.fc9]
CVE-2007-6601 version (postgresql, fixed 8.2.6) #427774 [since postgresql-8.2.6-1.fc9]
@@ -238,8 +237,9 @@
CVE-2007-6035 version (cacti, fixed 0.8.7a) #392001 [since cacti-0.8.7a-1.fc9]
CVE-2007-6018 version (horde, fixed 3.1.6) #428630 [since horde-3.1.6-1.fc9]
CVE-2007-6018 version (imp, fixed 4.1.6) #428634 [since imp-4.1.6-1.fc9]
+CVE-2007-6018 VULNERABLE (wordpress) #426434
CVE-2007-6015 VULNERABLE (samba, fixed 3.0.28) #433622
-CVE-2007-6013 VULNERABLE (wordpress) #426434
+CVE-2007-6013 VULNERABLE (wordpress) #426434
CVE-2007-5977 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9]
CVE-2007-5976 version (phpMyAdmin) #385911 [since phpMyAdmin-2.11.2.2-1.fc9]
CVE-2007-5972 ignore (krb5, fixed 1.6.4) not exploitable
@@ -270,7 +270,6 @@
CVE-2007-5848 version (cups, fixed 1.2.0)
CVE-2007-5846 version (net-snmp, fixed 5.4.1)
CVE-2007-5795 backport (emacs) #367601 [since emacs-22.1-8.fc9]
-GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031
CVE-2007-5770 backport (ruby) #373401 [since ruby-1.8.6.111-1]
CVE-2007-5760 backport (xorg-x11-server, fixed 1.4.1) #429127 [since xorg-x11-server-1.4.99.1-0.17.20080107.fc9]
CVE-2007-5759 ignore (clamav, fixed 0.92) duplicate of CVE-2007-6335
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.335
retrieving revision 1.336
diff -u -r1.335 -r1.336
--- fc7 28 Mar 2008 08:51:55 -0000 1.335
+++ fc7 30 Mar 2008 22:06:59 -0000 1.336
@@ -5,17 +5,19 @@
# (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
# A couple of first F7 updates were marked as FEDORA-2007-0001
-GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
-GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986]
-GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641]
-GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846
-CVE-2008-1532 VULNERABLE (Perlbal) #439055
+293031 fixed (nx) #293031 [since FEDORA-2008-2258]
+430635 VULNERABLE (comix) multiple issues tracked via #430635
+438382 fixed (libsilc) #438382 [since FEDORA-2008-2641]
+249840 version (tor, fixed 0.1.2.15) #249840 [since FEDORA-2007-1674]
+CVE-2008-1488 VULNERABLE (php-pecl-apc) #438846
+CVE-2008-0806 fixed (wyrd) #433721 [since FEDORA-2008-1986]
+CVE-2008-1532 fixed (Perlbal) #439055 [since FEDORA-2008-2788]
CVE-2008-1531 VULNERABLE (lighttpd) #439067
CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
CVE-2008-1482 VULNERABLE (xine-lib) #438669
CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471]
CVE-2008-1468 fixed (namazu) #438666 [since FEDORA-2008-2678]
-CVE-2008-1467 VULNERABLE (centerim) #438871
+CVE-2008-1467 VULNERABLE (centerim) #438871
CVE-2008-1394 ignore (plone)
CVE-2008-1390 fixed (asterisk, fixed 1.4.19-rc3) #438132 [since FEDORA-2008-2620]
CVE-2008-1372 ignore (bzip2) Just a crash
@@ -166,7 +168,6 @@
CVE-2007-6686 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4777]
CVE-2007-6685 version (gallery2, fixed 2.2.4) [since FEDORA-2007-4777]
CVE-2007-6613 fixed (libcdio) #427198 [since FEDORA-2008-0104]
-GENERIC-MAP-NOMATCH fixed (wordpress) #426432 [since FEDORA-2008-0126]
CVE-2007-6612 ignore (rubygem-mongrel, only affects 1.0.4) affected version was not shipped
CVE-2007-6611 fixed (mantis) #427279 [since FEDORA-2008-0353]
CVE-2007-6601 fixed (postgresql, fixed 8.2.6) #427772 [since FEDORA-2008-0552]
@@ -197,7 +198,7 @@
CVE-2007-6335 fixed (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170]
CVE-2007-6437 fixed (syslog-ng) #426305 [since FEDORA-2008-0559]
CVE-2007-6430 version (asterisk, fixed 1.4.16) [since FEDORA-2007-4593]
-CVE-2007-6389 VULNERABLE (gnome-screensaver) #426169
+CVE-2007-6389 VULNERABLE (gnome-screensaver) #426169
CVE-2007-6353 fixed (exiv2) #425922 [since FEDORA-2007-4551]
CVE-2007-6352 fixed (libexif) #425621 [since FEDORA-2007-4608]
CVE-2007-6351 fixed (libexif) #425621 [since FEDORA-2007-4608]
@@ -241,8 +242,9 @@
CVE-2007-6035 version (cacti, fixed 0.8.7a) #391981 [since FEDORA-2007-3683]
CVE-2007-6018 fixed (horde) #428629 [since FEDORA-2008-2087]
CVE-2007-6018 fixed (imp) #428633 [since FEDORA-2008-2087]
+CVE-2007-6018 fixed (wordpress) #426432 [since FEDORA-2008-0126]
CVE-2007-6015 version (samba, fixed 3.0.28) [since FEDORA-2007-4269]
-CVE-2007-6013 VULNERABLE (wordpress)
+CVE-2007-6013 fixed (wordpress) #426432 [since FEDORA-2008-0126]
CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627]
CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627]
CVE-2007-5972 ignore (krb5, fixed 1.6.4) not exploitable
@@ -348,7 +350,6 @@
CVE-2007-5037 version (inotify-tools) #299771 [since FEDORA-2007-3074]
CVE-2007-5034 version (elinks) #297981 [since FEDORA-2007-2224]
CVE-2007-5007 version (balsa) #297601 [since FEDORA-2007-2302]
-GENERIC-MAP-NOMATCH fixed (nx) #293031 [since FEDORA-2008-2258]
CVE-2007-5000 fixed (httpd, fixed 2.2.8) #427983 [since FEDORA-2008-1695]
CVE-2007-4999 version (pidgin, fixed 2.2.2) [since FEDORA-2007-2714]
CVE-2007-4996 version (pidgin, fixed 2.2.1) [since FEDORA-2007-2368]
@@ -434,7 +435,6 @@
CVE-2007-4224 backport (kdebase) [since FEDORA-2007-1700]
CVE-2007-4211 version (dovecot, fixed 1.0.3) #251008 [since FEDORA-2007-1485]
CVE-2007-4174 version (tor, fixed 0.1.2.16) [since FEDORA-2007-1674]
-GENERIC-MAP-NOMATCH version (tor, fixed 0.1.2.15) #249840 [since FEDORA-2007-1674]
CVE-2007-4168 backport (libexif) #243892 [since FEDORA-2007-0414]
CVE-2007-4153 ignore (wordpress) "remote authenticated administrators"
CVE-2007-4154 ignore (wordpress) "remote authenticated administrators"
16 years
fedora-security/audit f8, 1.178, 1.179 f9, 1.167, 1.168 fc7, 1.334, 1.335
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10358
Modified Files:
f8 f9 fc7
Log Message:
CVE for Perlbal
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.178
retrieving revision 1.179
diff -u -r1.178 -r1.179
--- f8 27 Mar 2008 23:12:24 -0000 1.178
+++ f8 28 Mar 2008 08:51:55 -0000 1.179
@@ -8,8 +8,8 @@
GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963]
GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641]
GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847
-GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439068
CVE-2008-1532 VULNERABLE (Perlbal) #439056
+CVE-2008-1531 VULNERABLE (lighttpd) #439068
CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
CVE-2008-1482 VULNERABLE (xine-lib) #438670
CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.167
retrieving revision 1.168
diff -u -r1.167 -r1.168
--- f9 27 Mar 2008 08:32:13 -0000 1.167
+++ f9 28 Mar 2008 08:51:55 -0000 1.168
@@ -9,7 +9,7 @@
GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9]
GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382
GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438848
-GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439069
+CVE-2008-1531 VULNERABLE (lighttpd) #439069
CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
CVE-2008-1482 VULNERABLE (xine-lib) #438671
CVE-2008-1474 version (roundup) #436549 [since roundup-1.4.4-1.fc9]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.334
retrieving revision 1.335
diff -u -r1.334 -r1.335
--- fc7 27 Mar 2008 23:12:24 -0000 1.334
+++ fc7 28 Mar 2008 08:51:55 -0000 1.335
@@ -9,8 +9,8 @@
GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986]
GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641]
GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846
-GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439067
CVE-2008-1532 VULNERABLE (Perlbal) #439055
+CVE-2008-1531 VULNERABLE (lighttpd) #439067
CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
CVE-2008-1482 VULNERABLE (xine-lib) #438669
CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471]
16 years
fedora-security/audit f8, 1.177, 1.178 fc7, 1.333, 1.334
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9529
Modified Files:
f8 fc7
Log Message:
perlbal cve
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.177
retrieving revision 1.178
diff -u -r1.177 -r1.178
--- f8 27 Mar 2008 08:32:13 -0000 1.177
+++ f8 27 Mar 2008 23:12:24 -0000 1.178
@@ -8,8 +8,8 @@
GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963]
GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641]
GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847
-GENERIC-MAP-NOMATCH VULNERABLE (Perlbal) #439056
GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439068
+CVE-2008-1532 VULNERABLE (Perlbal) #439056
CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
CVE-2008-1482 VULNERABLE (xine-lib) #438670
CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370]
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.333
retrieving revision 1.334
diff -u -r1.333 -r1.334
--- fc7 27 Mar 2008 08:32:13 -0000 1.333
+++ fc7 27 Mar 2008 23:12:24 -0000 1.334
@@ -9,8 +9,8 @@
GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986]
GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641]
GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846
-GENERIC-MAP-NOMATCH VULNERABLE (Perlbal) #439055
GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439067
+CVE-2008-1532 VULNERABLE (Perlbal) #439055
CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
CVE-2008-1482 VULNERABLE (xine-lib) #438669
CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471]
16 years
fedora-security/audit f8, 1.176, 1.177 f9, 1.166, 1.167 fc7, 1.332, 1.333
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13389
Modified Files:
f8 f9 fc7
Log Message:
openssh
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.176
retrieving revision 1.177
diff -u -r1.176 -r1.177
--- f8 26 Mar 2008 20:01:28 -0000 1.176
+++ f8 27 Mar 2008 08:32:13 -0000 1.177
@@ -10,6 +10,7 @@
GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847
GENERIC-MAP-NOMATCH VULNERABLE (Perlbal) #439056
GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439068
+CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
CVE-2008-1482 VULNERABLE (xine-lib) #438670
CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370]
CVE-2008-1468 fixed (namazu) #438667 [since FEDORA-2008-2767]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.166
retrieving revision 1.167
diff -u -r1.166 -r1.167
--- f9 26 Mar 2008 20:01:28 -0000 1.166
+++ f9 27 Mar 2008 08:32:13 -0000 1.167
@@ -10,6 +10,7 @@
GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382
GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438848
GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439069
+CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
CVE-2008-1482 VULNERABLE (xine-lib) #438671
CVE-2008-1474 version (roundup) #436549 [since roundup-1.4.4-1.fc9]
CVE-2008-1468 VULNERABLE (namazu) #438668
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.332
retrieving revision 1.333
diff -u -r1.332 -r1.333
--- fc7 26 Mar 2008 20:01:28 -0000 1.332
+++ fc7 27 Mar 2008 08:32:13 -0000 1.333
@@ -11,6 +11,7 @@
GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846
GENERIC-MAP-NOMATCH VULNERABLE (Perlbal) #439055
GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439067
+CVE-2008-1483 ignore (openssh) was alrady fixed by another patch
CVE-2008-1482 VULNERABLE (xine-lib) #438669
CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471]
CVE-2008-1468 fixed (namazu) #438666 [since FEDORA-2008-2678]
16 years
fedora-security/audit f8, 1.175, 1.176 f9, 1.165, 1.166 fc7, 1.331, 1.332
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14158
Modified Files:
f8 f9 fc7
Log Message:
Perlbal,lighttpd
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.175
retrieving revision 1.176
diff -u -r1.175 -r1.176
--- f8 26 Mar 2008 17:38:15 -0000 1.175
+++ f8 26 Mar 2008 20:01:28 -0000 1.176
@@ -8,6 +8,8 @@
GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963]
GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641]
GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847
+GENERIC-MAP-NOMATCH VULNERABLE (Perlbal) #439056
+GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439068
CVE-2008-1482 VULNERABLE (xine-lib) #438670
CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370]
CVE-2008-1468 fixed (namazu) #438667 [since FEDORA-2008-2767]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.165
retrieving revision 1.166
diff -u -r1.165 -r1.166
--- f9 26 Mar 2008 07:31:28 -0000 1.165
+++ f9 26 Mar 2008 20:01:28 -0000 1.166
@@ -9,6 +9,7 @@
GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9]
GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382
GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438848
+GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439069
CVE-2008-1482 VULNERABLE (xine-lib) #438671
CVE-2008-1474 version (roundup) #436549 [since roundup-1.4.4-1.fc9]
CVE-2008-1468 VULNERABLE (namazu) #438668
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.331
retrieving revision 1.332
diff -u -r1.331 -r1.332
--- fc7 26 Mar 2008 17:38:15 -0000 1.331
+++ fc7 26 Mar 2008 20:01:28 -0000 1.332
@@ -9,6 +9,8 @@
GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986]
GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641]
GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846
+GENERIC-MAP-NOMATCH VULNERABLE (Perlbal) #439055
+GENERIC-MAP-NOMATCH VULNERABLE (lighttpd) #439067
CVE-2008-1482 VULNERABLE (xine-lib) #438669
CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471]
CVE-2008-1468 fixed (namazu) #438666 [since FEDORA-2008-2678]
16 years
fedora-security/audit f8, 1.174, 1.175 fc7, 1.330, 1.331
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24173
Modified Files:
f8 fc7
Log Message:
check-updates
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.174
retrieving revision 1.175
diff -u -r1.174 -r1.175
--- f8 26 Mar 2008 07:31:28 -0000 1.174
+++ f8 26 Mar 2008 17:38:15 -0000 1.175
@@ -6,25 +6,25 @@
GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963]
-GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382
+GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641]
GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847
CVE-2008-1482 VULNERABLE (xine-lib) #438670
CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370]
-CVE-2008-1468 VULNERABLE (namazu) #438667
+CVE-2008-1468 fixed (namazu) #438667 [since FEDORA-2008-2767]
CVE-2008-1467 VULNERABLE (centerim) #438871
CVE-2008-1394 ignore (plone)
-CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438133
+CVE-2008-1390 fixed (asterisk, fixed 1.4.19-rc3) #438133 [since FEDORA-2008-2554]
CVE-2008-1372 ignore (bzip2) Just a crash
CVE-2008-1360 VULNERABLE (nagios) #437850
CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
CVE-2008-1333 ignore (asterisk) not affected
-CVE-2008-1332 VULNERABLE (asterisk, fixed 1.4.18.1) #438133
+CVE-2008-1332 fixed (asterisk, fixed 1.4.18.1) #438133 [since FEDORA-2008-2554]
CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
CVE-2008-1304 ignore (wordpress) bogus CVE id description?
CVE-2008-1292 fixed (viewvc) #435349 [since FEDORA-2008-2159]
CVE-2008-1291 fixed (viewvc) #435349 [since FEDORA-2008-2159]
CVE-2008-1290 fixed (viewvc) #435349 [since FEDORA-2008-2159]
-CVE-2008-1289 VULNERABLE (asterisk, fixed 1.4.18.1) #438133
+CVE-2008-1289 fixed (asterisk, fixed 1.4.18.1) #438133 [since FEDORA-2008-2554]
CVE-2008-1284 version (horde, fixed 3.1.7) #436628 [since FEDORA-2008-2362]
CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects.
**CVE-2008-1227 fixed (libsilc) We updated this as non-security
@@ -45,11 +45,11 @@
CVE-2008-1071 VULNERABLE (wireshark, fixed 0.99.8) #435485
CVE-2008-1070 VULNERABLE (wireshark, fixed 0.99.8) #435485
CVE-2008-1066 version (php-Smarty) #435811 [since FEDORA-2008-1911]
-CVE-2008-1066 VULNERABLE (gallery2) #438058
+CVE-2008-1066 VULNERABLE (gallery2) #438058 [since FEDORA-2008-2587]
CVE-2008-1066 VULNERABLE (php-pear-PhpDocumentor) #438062
CVE-2008-1010 ignore (WebKit) Nothing uses WebKit
CVE-2008-0983 fixed (lighttpd) #435807 [since FEDORA-2008-2262]
-CVE-2008-0947 VULNERABLE (krb5, fixed 1.6.4) #438023
+CVE-2008-0947 fixed (krb5, fixed 1.6.4) #438023 [since FEDORA-2008-2647]
CVE-2008-0932 fixed (sword) #433724 [since FEDORA-2008-1922] why? diatheke.pl is not shipped...
CVE-2008-0928 fixed (qemu) #433561 [since FEDORA-2008-2001]
CVE-2008-0928 fixed (kvm) #433564 [since FEDORA-2008-1973]
@@ -141,10 +141,10 @@
CVE-2008-0123 fixed (moodle) #428731 [since FEDORA-2008-0610]
CVE-2008-0122 fixed (bind) #429149 [since FEDORA-2008-0904]
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199]
-CVE-2008-0073 VULNERABLE (xine-lib, fixed 1.1.11) #438192
+CVE-2008-0073 fixed (xine-lib, fixed 1.1.11) #438192 [since FEDORA-2008-2569]
CVE-2008-0072 fixed (evolution) #436081 [since FEDORA-2008-2292]
-CVE-2008-0063 VULNERABLE (krb5, fixed 1.6.4) #438023
-CVE-2008-0062 VULNERABLE (krb5, fixed 1.6.4) #438023
+CVE-2008-0063 fixed (krb5, fixed 1.6.4) #438023 [since FEDORA-2008-2647]
+CVE-2008-0062 fixed (krb5, fixed 1.6.4) #438023 [since FEDORA-2008-2647]
CVE-2008-0008 fixed (pulseaudio) #425481 [since FEDORA-2008-0994]
CVE-2008-0006 fixed (libXfont) #429132 [since FEDORA-2008-0794]
CVE-2008-0005 fixed (httpd, fixed 2.2.8) #427982 [since FEDORA-2008-1711]
@@ -244,7 +244,7 @@
CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636]
CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385901 [since FEDORA-2007-3636]
CVE-2007-5972 ignore (krb5, fixed 1.6.4) not exploitable
-CVE-2007-5971 VULNERABLE (krb5, fixed 1.6.4) #438023
+CVE-2007-5971 fixed (krb5, fixed 1.6.4) #438023 [since FEDORA-2008-2647]
CVE-2007-5970 ignore (mysql, fixed 5.1.23) mysql 5.1+ only, affects partitioning
CVE-2007-5969 backport (mysql, fixed 5.0.51) #424931 [since FEDORA-2007-4465]
CVE-2007-5965 version (qt4, fixed 4.3.3) [since FEDORA-2007-4285]
@@ -265,7 +265,7 @@
CVE-2007-5907 VULNERABLE (xen) #390111
CVE-2007-5906 VULNERABLE (xen) #390111
CVE-2007-5902 ignore (krb5, fixed 1.6.4) not exploitable
-CVE-2007-5901 VULNERABLE (krb5, fixed 1.6.4) #438023
+CVE-2007-5901 fixed (krb5, fixed 1.6.4) #438023 [since FEDORA-2008-2647]
CVE-2007-5894 ignore (krb5, fixed 1.6.4) not exploitable
CVE-2007-5849 ignore (cups, fixed 1.3.5) minimal impact, see #415131
CVE-2007-5848 version (cups, fixed 1.2.0)
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.330
retrieving revision 1.331
diff -u -r1.330 -r1.331
--- fc7 26 Mar 2008 07:31:28 -0000 1.330
+++ fc7 26 Mar 2008 17:38:15 -0000 1.331
@@ -7,25 +7,25 @@
GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986]
-GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382
+GENERIC-MAP-NOMATCH fixed (libsilc) #438382 [since FEDORA-2008-2641]
GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846
CVE-2008-1482 VULNERABLE (xine-lib) #438669
CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471]
-CVE-2008-1468 VULNERABLE (namazu) #438666
+CVE-2008-1468 fixed (namazu) #438666 [since FEDORA-2008-2678]
CVE-2008-1467 VULNERABLE (centerim) #438871
CVE-2008-1394 ignore (plone)
-CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438132
+CVE-2008-1390 fixed (asterisk, fixed 1.4.19-rc3) #438132 [since FEDORA-2008-2620]
CVE-2008-1372 ignore (bzip2) Just a crash
CVE-2008-1360 VULNERABLE (nagios) #437851
CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
CVE-2008-1333 ignore (asterisk) not affected
-CVE-2008-1332 VULNERABLE (asterisk, fixed 1.4.18.1) #438132
+CVE-2008-1332 fixed (asterisk, fixed 1.4.18.1) #438132 [since FEDORA-2008-2620]
CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
CVE-2008-1304 ignore (wordpress) bogus CVE id description?
CVE-2008-1292 fixed (viewvc) #435349 [since FEDORA-2008-2159]
CVE-2008-1291 fixed (viewvc) #435349 [since FEDORA-2008-2159]
CVE-2008-1290 fixed (viewvc) #435349 [since FEDORA-2008-2159]
-CVE-2008-1289 VULNERABLE (asterisk, fixed 1.4.18.1) #438132
+CVE-2008-1289 fixed (asterisk, fixed 1.4.18.1) #438132 [since FEDORA-2008-2620]
CVE-2008-1284 version (horde, fixed 3.1.7) #436628 [since FEDORA-2008-2406]
CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects.
**CVE-2008-1227 fixed (libsilc) We updated this as non-security
@@ -46,11 +46,11 @@
CVE-2008-1071 VULNERABLE (wireshark, fixed 0.99.8) #435487
CVE-2008-1070 VULNERABLE (wireshark, fixed 0.99.8) #435487
CVE-2008-1066 version (php-Smarty, fixed 2.6.19) #435812 [since FEDORA-2008-1928]
-CVE-2008-1066 VULNERABLE (gallery2) #438059
-CVE-2008-1066 VULNERABLE (php-pear-PhpDocumentor) #438063
+CVE-2008-1066 VULNERABLE (gallery2) #438059 [since FEDORA-2008-2650]
+CVE-2008-1066 fixed (php-pear-PhpDocumentor) #438063 [since FEDORA-2008-2656]
CVE-2008-1010 ignore (WebKit) Nothing uses WebKit
CVE-2008-0983 fixed (lighttpd) #435808 [since FEDORA-2008-2278]
-CVE-2008-0947 VULNERABLE (krb5, fixed 1.6.4) #438022
+CVE-2008-0947 fixed (krb5, fixed 1.6.4) #438022 [since FEDORA-2008-2637]
CVE-2008-0932 fixed (sword) #433725 [since FEDORA-2008-1951] why? diatheke.pl is not shipped...
CVE-2008-0928 fixed (qemu) #433562 [since FEDORA-2008-1995]
CVE-2008-0928 fixed (kvm) #433565 [since FEDORA-2008-1993]
@@ -143,8 +143,8 @@
CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198]
CVE-2008-0073 VULNERABLE (xine-lib, fixed 1.1.11) #438191
CVE-2008-0072 fixed (evolution) #436080 [since FEDORA-2008-2290]
-CVE-2008-0063 VULNERABLE (krb5, fixed 1.6.4) #438022
-CVE-2008-0062 VULNERABLE (krb5, fixed 1.6.4) #438022
+CVE-2008-0063 fixed (krb5, fixed 1.6.4) #438022 [since FEDORA-2008-2637]
+CVE-2008-0062 fixed (krb5, fixed 1.6.4) #438022 [since FEDORA-2008-2637]
CVE-2008-0008 fixed (pulseaudio) #425481 [since FEDORA-2008-0994]
CVE-2008-0006 fixed (libXfont) #429131 [since FEDORA-2008-0891]
CVE-2008-0005 fixed (httpd, fixed 2.2.8) #427983 [since FEDORA-2008-1695]
@@ -243,7 +243,7 @@
CVE-2007-5977 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627]
CVE-2007-5976 version (phpMyAdmin, fixed 2.11.2.1) #385891 [since FEDORA-2007-3627]
CVE-2007-5972 ignore (krb5, fixed 1.6.4) not exploitable
-CVE-2007-5971 VULNERABLE (krb5, fixed 1.6.4) #438022
+CVE-2007-5971 fixed (krb5, fixed 1.6.4) #438022 [since FEDORA-2008-2637]
CVE-2007-5970 ignore (mysql, fixed 5.1.23) mysql 5.1+ only, affects partitioning
CVE-2007-5969 backport (mysql, fixed 5.0.51) #424921 [since FEDORA-2007-4471]
CVE-2007-5965 version (qt4, fixed 4.3.3) [since FEDORA-2007-4354]
@@ -264,7 +264,7 @@
CVE-2007-5907 VULNERABLE (xen) #390101
CVE-2007-5906 VULNERABLE (xen) #390101
CVE-2007-5902 ignore (krb5, fixed 1.6.4) not exploitable
-CVE-2007-5901 VULNERABLE (krb5, fixed 1.6.4) #438022
+CVE-2007-5901 fixed (krb5, fixed 1.6.4) #438022 [since FEDORA-2008-2637]
CVE-2007-5894 ignore (krb5, fixed 1.6.4) not exploitable
CVE-2007-5849 ignore (cups, fixed 1.3.5) minimal impact, see #415131
CVE-2007-5848 version (cups, fixed 1.2.0)
16 years
fedora-security/audit f8, 1.173, 1.174 f9, 1.164, 1.165 fc7, 1.329, 1.330
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10718
Modified Files:
f8 f9 fc7
Log Message:
apc,roundup,centerim,bzip3,viewvc
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.173
retrieving revision 1.174
diff -u -r1.173 -r1.174
--- f8 25 Mar 2008 08:41:31 -0000 1.173
+++ f8 26 Mar 2008 07:31:28 -0000 1.174
@@ -4,25 +4,26 @@
# *CVE are items that need verification for Fedora 8
# (mozilla) = (gecko-libs dependent stuff)
-# Up to date CVE as of CVE email 20071215
-# Up to date F8 as of 20080111
-
GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963]
-GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159]
-GENERIC-MAP-NOMATCH fixed (roundup) #436547 [since FEDORA-2008-2370]
GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382
+GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847
CVE-2008-1482 VULNERABLE (xine-lib) #438670
+CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370]
CVE-2008-1468 VULNERABLE (namazu) #438667
-CVE-2008-1467 ignore (centerim) drugs
+CVE-2008-1467 VULNERABLE (centerim) #438871
CVE-2008-1394 ignore (plone)
CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438133
+CVE-2008-1372 ignore (bzip2) Just a crash
CVE-2008-1360 VULNERABLE (nagios) #437850
CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
CVE-2008-1333 ignore (asterisk) not affected
CVE-2008-1332 VULNERABLE (asterisk, fixed 1.4.18.1) #438133
CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
CVE-2008-1304 ignore (wordpress) bogus CVE id description?
+CVE-2008-1292 fixed (viewvc) #435349 [since FEDORA-2008-2159]
+CVE-2008-1291 fixed (viewvc) #435349 [since FEDORA-2008-2159]
+CVE-2008-1290 fixed (viewvc) #435349 [since FEDORA-2008-2159]
CVE-2008-1289 VULNERABLE (asterisk, fixed 1.4.18.1) #438133
CVE-2008-1284 version (horde, fixed 3.1.7) #436628 [since FEDORA-2008-2362]
CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects.
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.164
retrieving revision 1.165
diff -u -r1.164 -r1.165
--- f9 25 Mar 2008 08:41:31 -0000 1.164
+++ f9 26 Mar 2008 07:31:28 -0000 1.165
@@ -4,19 +4,18 @@
# *CVE are items that need verification for Fedora 9
# (mozilla) = (gecko-libs dependent stuff)
-# Up to date CVE as of CVE email 20071211
-# Up to date F9 as of 20071029
-
GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
GENERIC-MAP-NOMATCH VULNERABLE (wyrd) #433722
GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9]
-GENERIC-MAP-NOMATCH version (roundup) #436549 [since roundup-1.4.4-1.fc9]
GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382
+GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438848
CVE-2008-1482 VULNERABLE (xine-lib) #438671
+CVE-2008-1474 version (roundup) #436549 [since roundup-1.4.4-1.fc9]
CVE-2008-1468 VULNERABLE (namazu) #438668
-CVE-2008-1467 ignore (centerim) drugs
+CVE-2008-1467 fixed (centerim) #438871
CVE-2008-1394 ignore (plone)
CVE-2008-1390 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134
+CVE-2008-1372 ignore (bzip2) Just a crash
CVE-2008-1360 VULNERABLE (nagios) #437852
CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
CVE-2008-1333 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.329
retrieving revision 1.330
diff -u -r1.329 -r1.330
--- fc7 25 Mar 2008 08:41:31 -0000 1.329
+++ fc7 26 Mar 2008 07:31:28 -0000 1.330
@@ -5,25 +5,26 @@
# (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
# A couple of first F7 updates were marked as FEDORA-2007-0001
-# Up to date CVE as of CVE email 200711215
-# Up to date FC7 as of 20080111
-
GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986]
-GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159]
-GENERIC-MAP-NOMATCH fixed (roundup) #436548 [since FEDORA-2008-2471]
GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382
+GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846
CVE-2008-1482 VULNERABLE (xine-lib) #438669
+CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471]
CVE-2008-1468 VULNERABLE (namazu) #438666
-CVE-2008-1467 ignore (centerim) drugs
+CVE-2008-1467 VULNERABLE (centerim) #438871
CVE-2008-1394 ignore (plone)
CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438132
+CVE-2008-1372 ignore (bzip2) Just a crash
CVE-2008-1360 VULNERABLE (nagios) #437851
CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
CVE-2008-1333 ignore (asterisk) not affected
CVE-2008-1332 VULNERABLE (asterisk, fixed 1.4.18.1) #438132
CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
CVE-2008-1304 ignore (wordpress) bogus CVE id description?
+CVE-2008-1292 fixed (viewvc) #435349 [since FEDORA-2008-2159]
+CVE-2008-1291 fixed (viewvc) #435349 [since FEDORA-2008-2159]
+CVE-2008-1290 fixed (viewvc) #435349 [since FEDORA-2008-2159]
CVE-2008-1289 VULNERABLE (asterisk, fixed 1.4.18.1) #438132
CVE-2008-1284 version (horde, fixed 3.1.7) #436628 [since FEDORA-2008-2406]
CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects.
16 years
fedora-security/audit f8, 1.172, 1.173 f9, 1.163, 1.164 fc7, 1.328, 1.329
by fedora-security-commits@redhat.com
Author: lkundrak
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv18839
Modified Files:
f8 f9 fc7
Log Message:
centerim,namazu,xine-lib got CVE names
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.172
retrieving revision 1.173
diff -u -r1.172 -r1.173
--- f8 24 Mar 2008 10:44:59 -0000 1.172
+++ f8 25 Mar 2008 08:41:31 -0000 1.173
@@ -12,8 +12,9 @@
GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159]
GENERIC-MAP-NOMATCH fixed (roundup) #436547 [since FEDORA-2008-2370]
GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382
-GENERIC-MAP-NOMATCH VULNERABLE (namazu) #438667
-GENERIC-MAP-NOMATCH VULNERABLE (xine-lib) #438670
+CVE-2008-1482 VULNERABLE (xine-lib) #438670
+CVE-2008-1468 VULNERABLE (namazu) #438667
+CVE-2008-1467 ignore (centerim) drugs
CVE-2008-1394 ignore (plone)
CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438133
CVE-2008-1360 VULNERABLE (nagios) #437850
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.163
retrieving revision 1.164
diff -u -r1.163 -r1.164
--- f9 24 Mar 2008 10:44:59 -0000 1.163
+++ f9 25 Mar 2008 08:41:31 -0000 1.164
@@ -12,8 +12,9 @@
GENERIC-MAP-NOMATCH fixed (inkscape) #432807 [since inkscape-0.45.1+0.46pre1-4.fc9]
GENERIC-MAP-NOMATCH version (roundup) #436549 [since roundup-1.4.4-1.fc9]
GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382
-GENERIC-MAP-NOMATCH VULNERABLE (namazu) #438668
-GENERIC-MAP-NOMATCH VULNERABLE (xine-lib) #438671
+CVE-2008-1482 VULNERABLE (xine-lib) #438671
+CVE-2008-1468 VULNERABLE (namazu) #438668
+CVE-2008-1467 ignore (centerim) drugs
CVE-2008-1394 ignore (plone)
CVE-2008-1390 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134
CVE-2008-1360 VULNERABLE (nagios) #437852
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.328
retrieving revision 1.329
diff -u -r1.328 -r1.329
--- fc7 24 Mar 2008 10:44:59 -0000 1.328
+++ fc7 25 Mar 2008 08:41:31 -0000 1.329
@@ -13,8 +13,9 @@
GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159]
GENERIC-MAP-NOMATCH fixed (roundup) #436548 [since FEDORA-2008-2471]
GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382
-GENERIC-MAP-NOMATCH VULNERABLE (namazu) #438666
-GENERIC-MAP-NOMATCH VULNERABLE (xine-lib) #438669
+CVE-2008-1482 VULNERABLE (xine-lib) #438669
+CVE-2008-1468 VULNERABLE (namazu) #438666
+CVE-2008-1467 ignore (centerim) drugs
CVE-2008-1394 ignore (plone)
CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438132
CVE-2008-1360 VULNERABLE (nagios) #437851
16 years