Author: thoger
Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25772/audit
Modified Files: f8 f9 fc7 Log Message: paramiko cve id rawhide updates
Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.91 retrieving revision 1.92 diff -u -r1.91 -r1.92 --- f8 17 Jan 2008 15:20:06 -0000 1.91 +++ f8 18 Jan 2008 10:02:36 -0000 1.92 @@ -7,11 +7,11 @@ # Up to date CVE as of CVE email 20071215 # Up to date F8 as of 20080111
+CVE-2008-0299 fixed (python-paramiko) #428728 [since FEDORA-2008-0722] CVE-2008-0285 ignore (ngircd) Not yet in Fedora, review request #234926 CVE-2008-0274 version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0485] CVE-2008-0273 version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0485] CVE-2008-0272 version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0485] -GENERIC-MAP-NOMATCH fixed (python-paramiko) #428728 [since FEDORA-2008-0722] CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0299] **CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1) CVE-2008-0225 VULNERABLE (xine-lib, fixed 1.1.9.1)
Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.83 retrieving revision 1.84 diff -u -r1.83 -r1.84 --- f9 17 Jan 2008 15:20:06 -0000 1.83 +++ f9 18 Jan 2008 10:02:36 -0000 1.84 @@ -7,10 +7,10 @@ # Up to date CVE as of CVE email 20071211 # Up to date F9 as of 20071029
+CVE-2008-0299 fixed (python-paramiko) #428730 [since python-paramiko-1.7.1-3.fc9] CVE-2008-0274 version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-007 CVE-2008-0273 version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-006 CVE-2008-0272 version (drupal, fixed 5.6) [since drupal-5.6-1.fc9] DRUPAL-SA-2008-005 -GENERIC-MAP-NOMATCH fixed (python-paramiko) #428730 [since python-paramiko-1.7.1-3.fc9] CVE-2008-0285 ignore (ngircd) Not yet in Fedora, review request #234926 CVE-2008-0252 backport (python-cherrypy) [since python-cherrypy-2.2.1-8.fc9] **CVE-2008-0238 version (xine-lib, fixed 1.1.9.1) [since xine-lib-1.1.9.1-1.fc9] @@ -21,11 +21,11 @@ CVE-2008-0193 version (wordpress, not fixed 2.0.11, and possibly 2.1.x and 2.3.x) wp-db-backup not in wp 2.3.2 **CVE-2008-0192 version (wordpress, not fixed 2.0.9) CVE-2008-0191 ignore (wordpress) File path is not a sensitive information -CVE-2008-0172 VULNERABLE (boost) #428976 -CVE-2008-0171 VULNERABLE (boost) #428976 +CVE-2008-0172 backport (boost) #428976 [since boost-1.34.1-7.fc9] +CVE-2008-0171 backport (boost) #428976 [since boost-1.34.1-7.fc9] CVE-2008-0123 fixed (moodle) #428731 [since moodle-1.8.4-1.fc9] CVE-2008-0095 version (asterisk, fixed 1.4.17) AST-2008-001 [since asterisk-1.4.17-1.fc9] -CVE-2008-0006 VULNERABLE (libXfont) #429133 +CVE-2008-0006 backport (libXfont) #429133 [since libXfont-1.3.1-3.fc9] CVE-2008-0005 VULNERABLE (httpd, fixed 2.2.7) #427984 CVE-2008-0003 version (tog-pegasus, fixed 2.7.0) CVE-2007-6672 VULNERABLE (jetty) #428018 @@ -46,9 +46,9 @@ CVE-2007-6441 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] CVE-2007-6439 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] CVE-2007-6438 version (wireshark, fixed 0.99.7) [since wireshark-0.99.7-1.fc9] -CVE-2007-6429 VULNERABLE (xorg-x11-server, fixed 1.4.1) #429127 -CVE-2007-6428 VULNERABLE (xorg-x11-server, fixed 1.4.1) #429127 -CVE-2007-6427 VULNERABLE (xorg-x11-server, fixed 1.4.1) #429127 +CVE-2007-6429 backport (xorg-x11-server, fixed 1.4.1) #429127 [since xorg-x11-server-1.4.99.1-0.17.20080107.fc9] +CVE-2007-6428 backport (xorg-x11-server, fixed 1.4.1) #429127 [since xorg-x11-server-1.4.99.1-0.17.20080107.fc9] +CVE-2007-6427 backport (xorg-x11-server, fixed 1.4.1) #429127 [since xorg-x11-server-1.4.99.1-0.17.20080107.fc9] CVE-2007-6423 ignore (httpd) can not be reproduced by upstream CVE-2007-6422 VULNERABLE (httpd, fixed 2.2.7) #427984 CVE-2007-6421 VULNERABLE (httpd, fixed 2.2.7) #427984 @@ -111,7 +111,7 @@ CVE-2007-5964 backport (autofs) #421371 [since autofs-5.0.2-21] CVE-2007-5960 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) CVE-2007-5959 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) -CVE-2007-5958 VULNERABLE (xorg-x11-server, fixed 1.4.1) #429127 +CVE-2007-5958 fixed (xorg-x11-server, fixed 1.4.1) #429127 [since xorg-x11-server-1.4.99.1-0.17.20080107.fc9] code removed upstream CVE-2007-5947 version (mozilla, fixed ff 2.0.0.10, sm 1.1.7) CVE-2007-5938 VULNERABLE (kernel) #385861 iwlwifi CVE-2007-5937 backport (tetex) #379851 Multiple dviljk buffer overflows [since tetex-3.0-48.fc9] @@ -129,7 +129,7 @@ CVE-2007-5795 backport (emacs) #367601 [since emacs-22.1-8.fc9] GENERIC-MAP-NOMATCH VULNERABLE (nx) #293031 CVE-2007-5770 backport (ruby) #373401 [since ruby-1.8.6.111-1] -CVE-2007-5760 VULNERABLE (xorg-x11-server, fixed 1.4.1) #429127 +CVE-2007-5760 backport (xorg-x11-server, fixed 1.4.1) #429127 [since xorg-x11-server-1.4.99.1-0.17.20080107.fc9] CVE-2007-5759 ignore (clamav, fixed 0.92) duplicate of CVE-2007-6335 CVE-2007-5751 version (liferea, fixed 1.4.6) #360641 [since liferea-1.4.6-3.fc9] CVE-2007-5742 version (wesnoth, fixed 1.2.8) [since wesnoth-1.2.8-3.fc9]
Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.247 retrieving revision 1.248 diff -u -r1.247 -r1.248 --- fc7 17 Jan 2008 15:20:06 -0000 1.247 +++ fc7 18 Jan 2008 10:02:36 -0000 1.248 @@ -8,10 +8,10 @@ # Up to date CVE as of CVE email 200711215 # Up to date FC7 as of 20080111
+CVE-2008-0299 fixed (python-paramiko) #428729 [since FEDORA-2008-0644] CVE-2008-0274 version (drupal, fixed 5.6) DRUPAL-SA-2008-007 [since FEDORA-2008-0469] CVE-2008-0273 version (drupal, fixed 5.6) DRUPAL-SA-2008-006 [since FEDORA-2008-0469] CVE-2008-0272 version (drupal, fixed 5.6) DRUPAL-SA-2008-005 [since FEDORA-2008-0469] -GENERIC-MAP-NOMATCH fixed (python-paramiko) #428729 [since FEDORA-2008-0644] CVE-2008-0285 ignore (ngircd) Not yet in Fedora, review request #234926 CVE-2008-0252 backport (python-cherrypy) [since FEDORA-2008-0333] **CVE-2008-0238 VULNERABLE (xine-lib, fixed 1.1.9.1)
security-commits@lists.fedoraproject.org