Author: thoger
Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21516/audit
Modified Files: f8 f9 fc6 fc7 Log Message: xpdf issues
Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.10 retrieving revision 1.11 diff -u -r1.10 -r1.11 --- f8 9 Nov 2007 09:51:28 -0000 1.10 +++ f8 9 Nov 2007 17:04:36 -0000 1.11 @@ -19,6 +19,18 @@ CVE-2007-5589 VULNERABLE (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 CVE-2007-5461 VULNERABLE (tomcat5, not fixed 5.5.25) #363001 CVE-2007-5395 VULNERABLE (link-grammar) #372351 +CVE-2007-5393 VULNERABLE (xpdf) #372471 +CVE-2007-5393 backport (cups) [since FEDORA-2007-2982] +CVE-2007-5393 VULNERABLE (poppler) #372511 +CVE-2007-5393 VULNERABLE (kdegraphics) #372571 +CVE-2007-5393 VULNERABLE (koffice) #372601 +CVE-2007-5393 VULNERABLE (tetex) #372661 +CVE-2007-5392 VULNERABLE (xpdf) #372471 +CVE-2007-5392 backport (cups) [since FEDORA-2007-2982] +CVE-2007-5392 VULNERABLE (poppler) #372511 +CVE-2007-5392 VULNERABLE (kdegraphics) #372571 +CVE-2007-5392 VULNERABLE (koffice) #372601 +CVE-2007-5392 VULNERABLE (tetex) #372661 CVE-2007-5386 version (phpmyadmin, fixed 2.11.1.1) #333661 PMASA-2007-5 CVE-2007-5201 VULNERABLE (duplicity, no upstream fix) #362831 CVE-2007-5200 verions (hugin) #362861 [since FEDORA-2007-2807] hugin-0.6.1-11.fc8 @@ -37,6 +49,12 @@ CVE-2007-4476 backport (tar) #280961 [since FEDORA-2007-2800] tar-1.17-4.fc8 CVE-2007-4476 backport (cpio, not fixed 2.9) #363891 [since FEDORA-2007-2827] cpio-2.9-5.fc8 CVE-2007-4400 VULNERABLE (konversation) #362921 Remove media script? +CVE-2007-4352 VULNERABLE (xpdf) #372471 +CVE-2007-4352 backport (cups) [since FEDORA-2007-2982] +CVE-2007-4352 VULNERABLE (poppler) #372511 +CVE-2007-4352 VULNERABLE (kdegraphics) #372571 +CVE-2007-4352 VULNERABLE (koffice) #372601 +CVE-2007-4352 VULNERABLE (tetex) #372661 CVE-2007-4351 VULNERABLE (cups) #362971 CVE-2007-3999 VULNERABLE (nfs-utils-lib) #362091 CVE-2007-3999 VULNERABLE (libtirpc) #362111
Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.9 retrieving revision 1.10 diff -u -r1.9 -r1.10 --- f9 9 Nov 2007 09:51:28 -0000 1.9 +++ f9 9 Nov 2007 17:04:36 -0000 1.10 @@ -18,6 +18,18 @@ CVE-2007-5589 version (phpMyAdmin, fixed 2.11.1.2) #333661 PMASA-2007-6 CVE-2007-5461 VULNERABLE (tomcat5, not fixed 5.5.25) #334531 CVE-2007-5395 VULNERABLE (link-grammar) #372361 +CVE-2007-5393 VULNERABLE (xpdf) #372481 +CVE-2007-5393 backport (cups) +CVE-2007-5393 VULNERABLE (poppler) #372521 +CVE-2007-5393 VULNERABLE (kdegraphics) #372581 +CVE-2007-5393 VULNERABLE (koffice) #372611 +CVE-2007-5393 VULNERABLE (tetex) #372671 +CVE-2007-5392 VULNERABLE (xpdf) #372481 +CVE-2007-5392 backport (cups) +CVE-2007-5392 VULNERABLE (poppler) #372521 +CVE-2007-5392 VULNERABLE (kdegraphics) #372581 +CVE-2007-5392 VULNERABLE (koffice) #372611 +CVE-2007-5392 VULNERABLE (tetex) #372671 CVE-2007-5386 version (phpmyadmin, fixed 2.11.1.1) #333661 PMASA-2007-5 CVE-2007-5201 VULNERABLE (duplicity, no upstream fix) #362841 CVE-2007-5200 VULNERABLE (hugin) #362871 @@ -35,6 +47,12 @@ CVE-2007-4559 VULNERABLE (python, not fixed upstream) #315291 Upstream WONTFIX. See where we use the code. CVE-2007-4476 backport (cpio, not fixed 2.9) #339691 [since cpio-2.9-5.fc9] CVE-2007-4400 VULNERABLE (konversation) #362931 Remove media script? +CVE-2007-4352 VULNERABLE (xpdf) #372481 +CVE-2007-4352 backport (cups) +CVE-2007-4352 VULNERABLE (poppler) #372521 +CVE-2007-4352 VULNERABLE (kdegraphics) #372581 +CVE-2007-4352 VULNERABLE (koffice) #372611 +CVE-2007-4352 VULNERABLE (tetex) #372671 CVE-2007-4351 version (cups) #361681 CVE-2007-3999 VULNERABLE (nfs-utils-lib) #362101 CVE-2007-3999 VULNERABLE (libtirpc) #362121
Index: fc6 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc6,v retrieving revision 1.292 retrieving revision 1.293 diff -u -r1.292 -r1.293 --- fc6 5 Nov 2007 22:07:37 -0000 1.292 +++ fc6 9 Nov 2007 17:04:36 -0000 1.293 @@ -10,6 +10,12 @@ CVE-2007-5795 version (emacs, only 22) CVE-2007-5770 VULNERABLE (ruby) CVE-2007-5461 VULNERABLE (tomcat5) #334521 +CVE-2007-5393 VULNERABLE (cups) +CVE-2007-5393 VULNERABLE (poppler) #372491 +CVE-2007-5393 VULNERABLE (kdegraphics) #372551 +CVE-2007-5392 VULNERABLE (cups) +CVE-2007-5392 VULNERABLE (poppler) #372491 +CVE-2007-5392 VULNERABLE (kdegraphics) #372551 CVE-2007-5340 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 CVE-2007-5339 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 CVE-2007-5338 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 @@ -57,6 +63,9 @@ CVE-2007-4558 ignore (star, fixed 1.5a84) duplicate of CVE-2007-4134 CVE-2007-4465 version (httpd) [since FEDORA-2007-707] CVE-2007-4357 ignore (firefox) status bar can be overwrittten +CVE-2007-4352 VULNERABLE (cups) +CVE-2007-4352 VULNERABLE (poppler) #372491 +CVE-2007-4352 VULNERABLE (kdegraphics) #372551 CVE-2007-4351 VULNERABLE (cups) #361671 CVE-2007-4255 ignore (php) msql extension not shipped CVE-2007-4251 ignore (openoffice.org) just a crash
Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.167 retrieving revision 1.168 diff -u -r1.167 -r1.168 --- fc7 9 Nov 2007 09:51:28 -0000 1.167 +++ fc7 9 Nov 2007 17:04:36 -0000 1.168 @@ -30,6 +30,18 @@ CVE-2007-5461 VULNERABLE (tomcat5) #334511 CVE-2007-5416 ignore (drupal) Vulnerability in PHP<5.1.3, we're safe CVE-2007-5395 VULNERABLE (link-grammar) #372341 +CVE-2007-5393 VULNERABLE (xpdf) #372461 +CVE-2007-5393 VULNERABLE (cups) +CVE-2007-5393 VULNERABLE (poppler) #372501 +CVE-2007-5393 VULNERABLE (kdegraphics) #372561 +CVE-2007-5393 VULNERABLE (koffice) #372591 +CVE-2007-5393 VULNERABLE (tetex) #372651 +CVE-2007-5392 VULNERABLE (xpdf) #372461 +CVE-2007-5392 VULNERABLE (cups) +CVE-2007-5392 VULNERABLE (poppler) #372501 +CVE-2007-5392 VULNERABLE (kdegraphics) #372561 +CVE-2007-5392 VULNERABLE (koffice) #372591 +CVE-2007-5392 VULNERABLE (tetex) #372651 CVE-2007-5386 version (phpmyadmin, fixed 2.11.1.1) #333661 PMASA-2007-5 [since FEDORA-2007-2738] CVE-2007-5340 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 [since FEDORA-2007-2664] CVE-2007-5339 version (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 [since FEDORA-2007-2664] @@ -117,6 +129,12 @@ CVE-2007-4460 backport (id3lib) #253553 [since FEDORA-2007-1774] CVE-2007-4400 VULNERABLE (konversation) #362911 CVE-2007-4357 ignore (firefox) status bar can be overwrittten +CVE-2007-4352 VULNERABLE (xpdf) #372461 +CVE-2007-4352 VULNERABLE (cups) +CVE-2007-4352 VULNERABLE (poppler) #372501 +CVE-2007-4352 VULNERABLE (kdegraphics) #372561 +CVE-2007-4352 VULNERABLE (koffice) #372591 +CVE-2007-4352 VULNERABLE (tetex) #372651 CVE-2007-4351 backport (cups) #361661 [since FEDORA-2007-2715] CVE-2007-4323 backport (denyhosts) #252291 [since FEDORA-2007-0589] CVE-2007-4321 backport (fail2ban) #252290 [since FEDORA-2007-0621] version since FEDORA-2007-1643
security-commits@lists.fedoraproject.org