Author: thoger
Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22708/audit
Modified Files: f8 f9 fc7 Log Message: add kdebase correct httpd 'fixed-in' version
Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.112 retrieving revision 1.113 diff -u -r1.112 -r1.113 --- f8 5 Feb 2008 14:20:51 -0000 1.112 +++ f8 6 Feb 2008 13:04:02 -0000 1.113 @@ -45,7 +45,7 @@ CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0199] CVE-2008-0008 fixed (pulseaudio) #425481 [since FEDORA-2008-0994] CVE-2008-0006 fixed (libXfont) #429132 [since FEDORA-2008-0794] -CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427982 +CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.8) #427982 CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427829 [since FEDORA-2008-0572] CVE-2007-6698 version (openldap, fixed 2.3.36) CVE-2007-6697 fixed (SDL_image, fixed 1.2.7) #430241 [since FEDORA-2008-1208] @@ -80,11 +80,11 @@ CVE-2007-6428 fixed (xorg-x11-server, fixed 1.4.1) #429126 [since FEDORA-2008-0760] CVE-2007-6427 fixed (xorg-x11-server, fixed 1.4.1) #429126 [since FEDORA-2008-0760] CVE-2007-6423 ignore (httpd) can not be reproduced by upstream -CVE-2007-6422 VULNERABLE (httpd, fixed 2.2.7) #427982 -CVE-2007-6421 VULNERABLE (httpd, fixed 2.2.7) #427982 +CVE-2007-6422 VULNERABLE (httpd, fixed 2.2.8) #427982 +CVE-2007-6421 VULNERABLE (httpd, fixed 2.2.8) #427982 CVE-2007-6420 ignore (httpd) wontfix by upstream CVE-2007-6415 VULNERABLE (scponly, fixed 4.8) #429732 -CVE-2007-6388 VULNERABLE (httpd, fixed 2.2.7) #427982 +CVE-2007-6388 VULNERABLE (httpd, fixed 2.2.8) #427982 CVE-2007-6337 fixed (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115] CVE-2007-6336 fixed (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115] CVE-2007-6335 fixed (clamav, fixed 0.92) #426212 [since FEDORA-2008-0115] @@ -140,6 +140,7 @@ CVE-2007-5969 backport (mysql, fixed 5.0.51) #424931 [since FEDORA-2007-4465] CVE-2007-5965 version (qt4, fixed 4.3.3) [since FEDORA-2007-4285] CVE-2007-5964 backport (autofs) #409701 [since FEDORA-2007-4532] +CVE-2007-5963 backport (kdebase) [since FEDORA-2008-1283] CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3962] CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3962] CVE-2007-5958 fixed (xorg-x11-server, fixed 1.4.1) #429126 [since FEDORA-2008-0760] @@ -201,7 +202,7 @@ CVE-2007-5079 VULNERABLE (gdm) #363021 Red Hat specific problem CVE-2007-5037 version (inotify-tools, fixed 3.11) #299771 CVE-2007-5007 version (balsa, before 2.3.20) #297601 -CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7) #427982 +CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.8) #427982 CVE-2007-4999 version (pidgin, fixed 2.2.2) CVE-2007-4990 version (xorg-x11-xfs, fixed 1.0.5) CVE-2007-4841 version (thunderbird) [since FEDORA-2007-3414] windows only anyway
Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.103 retrieving revision 1.104 diff -u -r1.103 -r1.104 --- f9 5 Feb 2008 14:20:51 -0000 1.103 +++ f9 6 Feb 2008 13:04:02 -0000 1.104 @@ -140,6 +140,7 @@ CVE-2007-5969 backport (mysql, fixed 5.0.51) [since mysql-5.0.45-6.fc9] CVE-2007-5965 version (qt4, fixed 4.3.3) [since qt4-4.3.3-1.fc9] CVE-2007-5964 backport (autofs) #421371 [since autofs-5.0.2-21] +CVE-2007-5963 version (kdebase) CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) CVE-2007-5958 fixed (xorg-x11-server, fixed 1.4.1) #429127 [since xorg-x11-server-1.4.99.1-0.17.20080107.fc9] code removed upstream
Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.268 retrieving revision 1.269 diff -u -r1.268 -r1.269 --- fc7 5 Feb 2008 14:20:51 -0000 1.268 +++ fc7 6 Feb 2008 13:04:02 -0000 1.269 @@ -46,7 +46,7 @@ CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since FEDORA-2008-0198] CVE-2008-0008 fixed (pulseaudio) #425481 [since FEDORA-2008-0994] CVE-2008-0006 fixed (libXfont) #429131 [since FEDORA-2008-0891] -CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427983 +CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.8) #427983 CVE-2008-0003 fixed (tog-pegasus, fixed 2.7.0) #427828 [since FEDORA-2008-0506] CVE-2007-6698 VULNERABLE (openldap, fixed 2.3.36) #431409 CVE-2007-6697 fixed (SDL_image, fixed 1.2.7) #430239 [since FEDORA-2008-1231] @@ -80,11 +80,11 @@ CVE-2007-6428 fixed (xorg-x11-server, fixed 1.4.1) #429125 [since FEDORA-2008-0831] CVE-2007-6427 fixed (xorg-x11-server, fixed 1.4.1) #429125 [since FEDORA-2008-0831] CVE-2007-6423 ignore (httpd) can not be reproduced by upstream -CVE-2007-6422 VULNERABLE (httpd, fixed 2.2.7) #427983 -CVE-2007-6421 VULNERABLE (httpd, fixed 2.2.7) #427983 +CVE-2007-6422 VULNERABLE (httpd, fixed 2.2.8) #427983 +CVE-2007-6421 VULNERABLE (httpd, fixed 2.2.8) #427983 CVE-2007-6420 ignore (httpd) wontfix by upstream CVE-2007-6415 VULNERABLE (scponly, fixed 4.8) #429731 -CVE-2007-6388 VULNERABLE (httpd, fixed 2.2.7) #427983 +CVE-2007-6388 VULNERABLE (httpd, fixed 2.2.8) #427983 CVE-2007-6337 fixed (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170] CVE-2007-6336 fixed (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170] CVE-2007-6335 fixed (clamav, fixed 0.92) #426211 [since FEDORA-2008-0170] @@ -140,6 +140,7 @@ CVE-2007-5969 backport (mysql, fixed 5.0.51) #424921 [since FEDORA-2007-4471] CVE-2007-5965 version (qt4, fixed 4.3.3) [since FEDORA-2007-4354] CVE-2007-5964 backport (autofs) #421351 [since FEDORA-2007-4469] +CVE-2007-5963 backport (kdebase) [since FEDORA-2008-1264] CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952] CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) [since FEDORA-2007-3952] CVE-2007-5958 fixed (xorg-x11-server, fixed 1.4.1) #429125 [since FEDORA-2008-0831] @@ -233,7 +234,7 @@ CVE-2007-5034 version (elinks) #297981 [since FEDORA-2007-2224] CVE-2007-5007 version (balsa) #297601 [since FEDORA-2007-2302] GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 -CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.7) #427983 +CVE-2007-5000 VULNERABLE (httpd, fixed 2.2.8) #427983 CVE-2007-4999 version (pidgin, fixed 2.2.2) [since FEDORA-2007-2714] CVE-2007-4996 version (pidgin, fixed 2.2.1) [since FEDORA-2007-2368] CVE-2007-4995 backport (openssl, fixed 0.9.8f) [since FEDORA-2007-2530]
security-commits@lists.fedoraproject.org