Author: thoger
Update of /cvs/fedora/fedora-security/audit In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv820/audit
Modified Files: f10 f8 f9 Log Message: add cups updates
Index: f10 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f10,v retrieving revision 1.18 retrieving revision 1.19 diff -u -r1.18 -r1.19 --- f10 8 Oct 2008 06:54:26 -0000 1.18 +++ f10 10 Oct 2008 13:03:05 -0000 1.19 @@ -76,15 +76,15 @@ CVE-2008-3835 ignore (firefox) ff2 only CVE-2008-3835 version (seamonkey, fixed 1.1.12) [since seamonkey-1.1.12-1.fc9] CVE-2008-3834 VULNERABLE (dbus) -CVE-2008-3830 VULNERABLE (condor, fixed 7.0.5) #466076 -CVE-2008-3829 VULNERABLE (condor, fixed 7.0.5) #466076 -CVE-2008-3828 VULNERABLE (condor, fixed 7.0.5) #466076 -CVE-2008-3826 VULNERABLE (condor, fixed 7.0.5) #466076 +CVE-2008-3830 version (condor, fixed 7.0.5) #466076 [since condor-7.0.5-1.fc10] +CVE-2008-3829 version (condor, fixed 7.0.5) #466076 [since condor-7.0.5-1.fc10] +CVE-2008-3828 version (condor, fixed 7.0.5) #466076 [since condor-7.0.5-1.fc10] +CVE-2008-3826 version (condor, fixed 7.0.5) #466076 [since condor-7.0.5-1.fc10] CVE-2008-3825 VULNERABLE (pam_krb5, 2.3.2) CVE-2008-3824 VULNERABLE (horde) oCERT-2008-012 CVE-2008-3823 VULNERABLE (horde) oCERT-2008-012 CVE-2008-3796 version (swfdec, fixed 0.6.8) [since swfdec-0.7.4-1.fc10] -CVE-2008-3790 VULNERABLE (ruby) +CVE-2008-3790 backport (ruby) [since ruby-1.8.6.287-2.fc10] CVE-2008-3789 VULNERABLE (samba, fixed 3.2.3) CVE-2008-3747 version (wordpress, fixed 2.6.1) [since wordpress-2.6.1-1.fc10] CVE-2008-3746 version (neon, fixed 0.28.3) [since neon-0.28.3-2] @@ -104,6 +104,9 @@ CVE-2008-3655 version (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since ruby-1.8.6.287-1.fc10] CVE-2008-3652 VULNERABLE (ipsec-tools) #465474 CVE-2008-3651 version (ipsec-tools, fixed 0.7.1) [since ipsec-tools-0.7.1-1.fc10] +CVE-2008-3641 version (cups, fixed 1.3.9) #466420 [since cups-1.3.9-1.fc10] +CVE-2008-3640 version (cups, fixed 1.3.9) #466420 [since cups-1.3.9-1.fc10] +CVE-2008-3639 version (cups, fixed 1.3.9) #466420 [since cups-1.3.9-1.fc10] CVE-2008-3546 version (git, fixed 1.5.6.4) [since git-1.5.6.4-1.fc10] CVE-2008-3533 ignore (yelp, fixed 2.24) caught by glibc CVE-2008-3529 version (libxml2, fixed 2.7.0) [since libxml2-2.7.1-1.fc10]
Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.237 retrieving revision 1.238 diff -u -r1.237 -r1.238 --- f8 7 Oct 2008 15:09:59 -0000 1.237 +++ f8 10 Oct 2008 13:03:05 -0000 1.238 @@ -69,8 +69,8 @@ CVE-2008-3920 fixed (bitlbee, fixed 1.2.2) [since FEDORA-2008-7761] CVE-2008-3916 VULNERABLE (ed, fixed 1.0) CVE-2008-3906 VULNERABLE (mono) #461753 -CVE-2008-3905 VULNERABLE (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-7554] -CVE-2008-3889 VULNERABLE (postfix, fixed 2.4.9, 2.5.5) #459099 [since FEDORA-2008-8595] +CVE-2008-3905 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8736] +CVE-2008-3889 fixed (postfix, fixed 2.4.9, 2.5.5) #459099 [since FEDORA-2008-8595] CVE-2008-3837 fixed (firefox, fixed 2.0.0.17) [since FEDORA-2008-8399] CVE-2008-3837 fixed (seamonkey, fixed 1.1.12) [since FEDORA-2008-8401] CVE-2008-3836 fixed (firefox, fixed 2.0.0.17) [since FEDORA-2008-8399] @@ -81,7 +81,7 @@ CVE-2008-3825 fixed (pam_krb5, 2.3.2) [since FEDORA-2008-8605] CVE-2008-3824 VULNERABLE (horde) oCERT-2008-012 CVE-2008-3823 VULNERABLE (horde) oCERT-2008-012 -CVE-2008-3790 VULNERABLE (ruby) +CVE-2008-3790 fixed (ruby) [since FEDORA-2008-8736] CVE-2008-3789 ignore (samba, fixed 3.2.3) 3.2.x only CVE-2008-3747 fixed (wordpress, fixed 2.6.1) [since FEDORA-2008-7463] CVE-2008-3746 ignore (neon, fixed 0.28.3) 0.28.x only @@ -96,15 +96,18 @@ CVE-2008-3663 VULNERABLE (squirrelmail, fixed 1.4.16) #464184 CVE-2008-3662 VULNERABLE (gallery2, fixed 2.2.6) #462871 CVE-2008-3661 VULNERABLE (drupal) #464163 ignored by upstream -CVE-2008-3657 VULNERABLE (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-7554] -CVE-2008-3656 VULNERABLE (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-7554] -CVE-2008-3655 VULNERABLE (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-7554] +CVE-2008-3657 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8736] +CVE-2008-3656 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8736] +CVE-2008-3655 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8736] CVE-2008-3652 VULNERABLE (ipsec-tools) #465472 CVE-2008-3651 VULNERABLE (ipsec-tools, fixed 0.7.1) #465472 +CVE-2008-3641 VULNERABLE (cups, fixed 1.3.9) #466418 +CVE-2008-3640 VULNERABLE (cups, fixed 1.3.9) #466418 +CVE-2008-3639 VULNERABLE (cups, fixed 1.3.9) #466418 CVE-2008-3546 ignore (git, fixed 1.5.6.4) caught by fortify_source CVE-2008-3533 fixed (yelp, fixed 2.24) #459502 [since FEDORA-2008-7293] CVE-2008-3529 fixed (libxml2, fixed 2.7.0) [since FEDORA-2008-7666] -CVE-2008-3443 VULNERABLE (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-7554] +CVE-2008-3443 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8736] CVE-2008-3429 fixed (httrack, fixed 3.42-3) [since FEDORA-2008-7896] CVE-2008-3422 VULNERABLE (mono) #461753 CVE-2008-3381 ignore (moin) not affected @@ -156,8 +159,8 @@ CVE-2008-2941 ignore (hplip) #458989 not run as service CVE-2008-2940 ignore (hplip) #458989 not run as service CVE-2008-2938 fixed (tomcat5, fixed 5.5.27) #460125 [since FEDORA-2008-8130] -CVE-2008-2937 VULNERABLE (postfix, fixed 2.4.8, 2.5.4) #459099 [since FEDORA-2008-8595] -CVE-2008-2936 VULNERABLE (postfix, fixed 2.4.8, 2.5.4) #459099 [since FEDORA-2008-8595] +CVE-2008-2937 fixed (postfix, fixed 2.4.8, 2.5.4) #459099 [since FEDORA-2008-8595] +CVE-2008-2936 fixed (postfix, fixed 2.4.8, 2.5.4) #459099 [since FEDORA-2008-8595] CVE-2008-2935 fixed (libxslt) [since FEDORA-2008-7029] CVE-2008-2933 fixed (firefox, fixed 2.0.0.16) [since FEDORA-2008-6491] CVE-2008-2932 fixed (adminutil, fixed 1.1.7) [since FEDORA-2008-7642]
Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.228 retrieving revision 1.229 diff -u -r1.228 -r1.229 --- f9 8 Oct 2008 06:54:26 -0000 1.228 +++ f9 10 Oct 2008 13:03:05 -0000 1.229 @@ -68,24 +68,24 @@ CVE-2008-3920 fixed (bitlbee, fixed 1.2.2) [since FEDORA-2008-7830] CVE-2008-3916 VULNERABLE (ed, fixed 1.0) CVE-2008-3906 VULNERABLE (mono) #461754 -CVE-2008-3905 VULNERABLE (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-7697] -CVE-2008-3889 VULNERABLE (postfix, fixed 2.4.9, 2.5.5) #459100 [since FEDORA-2008-8593] +CVE-2008-3905 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8738] +CVE-2008-3889 fixed (postfix, fixed 2.4.9, 2.5.5) #459100 [since FEDORA-2008-8593] CVE-2008-3837 fixed (firefox, fixed 3.0.2) [since FEDORA-2008-8425] CVE-2008-3837 fixed (seamonkey, fixed 1.1.12) [since FEDORA-2008-8429] CVE-2008-3836 ignore (firefox) ff2 only CVE-2008-3836 ignore (seamonkey) ff only CVE-2008-3835 ignore (firefox) ff2 only CVE-2008-3835 fixed (seamonkey, fixed 1.1.12) [since FEDORA-2008-8429] -CVE-2008-3834 VULNERABLE (dbus) #465836 -CVE-2008-3830 VULNERABLE (condor, fixed 7.0.5) #466075 -CVE-2008-3829 VULNERABLE (condor, fixed 7.0.5) #466075 -CVE-2008-3828 VULNERABLE (condor, fixed 7.0.5) #466075 -CVE-2008-3826 VULNERABLE (condor, fixed 7.0.5) #466075 +CVE-2008-3834 fixed (dbus) #465836 [since FEDORA-2008-8764] +CVE-2008-3830 fixed (condor, fixed 7.0.5) #466075 [since FEDORA-2008-8733] +CVE-2008-3829 fixed (condor, fixed 7.0.5) #466075 [since FEDORA-2008-8733] +CVE-2008-3828 fixed (condor, fixed 7.0.5) #466075 [since FEDORA-2008-8733] +CVE-2008-3826 fixed (condor, fixed 7.0.5) #466075 [since FEDORA-2008-8733] CVE-2008-3825 fixed (pam_krb5, 2.3.2) [since FEDORA-2008-8618] CVE-2008-3824 VULNERABLE (horde) oCERT-2008-012 CVE-2008-3823 VULNERABLE (horde) oCERT-2008-012 CVE-2008-3796 version (swfdec, fixed 0.6.8) [since swfdec-0.6.8-1.fc9] -CVE-2008-3790 VULNERABLE (ruby) +CVE-2008-3790 fixed (ruby) [since FEDORA-2008-8738] CVE-2008-3789 fixed (samba, fixed 3.2.3) [since FEDORA-2008-7243] CVE-2008-3747 fixed (wordpress, fixed 2.6.1) [since FEDORA-2008-7279] CVE-2008-3746 VULNERABLE (neon, fixed 0.28.3) #460415 [since FEDORA-2008-7661] @@ -100,15 +100,18 @@ CVE-2008-3663 VULNERABLE (squirrelmail, fixed 1.4.16) #464185 [since FEDORA-2008-8559] CVE-2008-3662 VULNERABLE (gallery2, fixed 2.2.6) #462872 CVE-2008-3661 VULNERABLE (drupal) #464164 ignored by upstream -CVE-2008-3657 VULNERABLE (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-7697] -CVE-2008-3656 VULNERABLE (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-7697] -CVE-2008-3655 VULNERABLE (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-7697] +CVE-2008-3657 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8738] +CVE-2008-3656 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8738] +CVE-2008-3655 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8738] CVE-2008-3652 VULNERABLE (ipsec-tools) #465473 CVE-2008-3651 VULNERABLE (ipsec-tools, fixed 0.7.1) #465473 +CVE-2008-3641 VULNERABLE (cups, fixed 1.3.9) #466419 +CVE-2008-3640 VULNERABLE (cups, fixed 1.3.9) #466419 +CVE-2008-3639 VULNERABLE (cups, fixed 1.3.9) #466419 CVE-2008-3546 ignore (git, fixed 1.5.6.4) caught by fortify_source CVE-2008-3533 ignore (yelp, fixed 2.24) caught by glibc CVE-2008-3529 fixed (libxml2, fixed 2.7.0) [since FEDORA-2008-7594] -CVE-2008-3443 VULNERABLE (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-7697] +CVE-2008-3443 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8738] CVE-2008-3429 fixed (httrack, fixed 3.42-3) [since FEDORA-2008-7862] CVE-2008-3424 fixed (condor, fixed 7.0.4) #457895 [since FEDORA-2008-7205] CVE-2008-3422 VULNERABLE (mono) #461754 @@ -163,8 +166,8 @@ CVE-2008-2940 ignore (hplip) #458990 not run as service CVE-2008-2938 fixed (tomcat6, fixed 6.0.18) #460131 [since FEDORA-2008-7977] CVE-2008-2938 fixed (tomcat5, fixed 5.5.27) #460126 [since FEDORA-2008-8113] -CVE-2008-2937 VULNERABLE (postfix, fixed 2.4.8, 2.5.4) #459100 [since FEDORA-2008-8593] -CVE-2008-2936 VULNERABLE (postfix, fixed 2.4.8, 2.5.4) #459100 [since FEDORA-2008-8593] +CVE-2008-2937 fixed (postfix, fixed 2.4.8, 2.5.4) #459100 [since FEDORA-2008-8593] +CVE-2008-2936 fixed (postfix, fixed 2.4.8, 2.5.4) #459100 [since FEDORA-2008-8593] CVE-2008-2935 fixed (libxslt) [since FEDORA-2008-7062] CVE-2008-2933 fixed (firefox, fixed 3.0.1) [since FEDORA-2008-6518] CVE-2008-2932 fixed (adminutil, fixed 1.1.7) [since FEDORA-2008-7339]
security-commits@lists.fedoraproject.org