Author: thoger
Update of /cvs/fedora/fedora-security/audit In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27121/audit
Modified Files: fc6 fc7 Log Message: compact mozilla issues
Index: fc6 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc6,v retrieving revision 1.282 retrieving revision 1.283 diff -u -r1.282 -r1.283 --- fc6 24 Oct 2007 10:51:07 -0000 1.282 +++ fc6 24 Oct 2007 12:25:12 -0000 1.283 @@ -7,21 +7,12 @@ # Up to date CVE as of CVE email 20071015 # Up to date FC6 as of 20071017
-CVE-2007-5340 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-5340 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-5340 VULNERABLE (seamonkey, fixed 1.1.5) -CVE-2007-5339 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-5339 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-5339 VULNERABLE (seamonkey, fixed 1.1.5) -CVE-2007-5338 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-5338 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-5338 VULNERABLE (seamonkey, fixed 1.1.5) -CVE-2007-5337 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-5337 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-5337 VULNERABLE (seamonkey, fixed 1.1.5) -CVE-2007-5334 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-5334 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-5334 VULNERABLE (seamonkey, fixed 1.1.5) +CVE-2007-5340 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 +CVE-2007-5339 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 +CVE-2007-5338 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 +CVE-2007-5337 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 +CVE-2007-5335 ignore (mozilla) ff2 only +CVE-2007-5334 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 CVE-2007-5269 VULNERABLE (libpng, fixed 1.2.21) #337471 CVE-2007-5268 ignore (libpng) shipped version too old and not affected CVE-2007-5267 ignore (libpng) shipped version too old and not affected @@ -95,9 +86,7 @@ CVE-2007-3781 VULNERABLE (mysql, fixed 5.0.44) CVE-2007-3780 VULNERABLE (mysql, fixed 5.0.44) CVE-2007-3642 version (kernel, fixed 2.6.22) [since FEDORA-2007-655] -CVE-2007-3511 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-3511 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-3511 VULNERABLE (seamonkey, fixed 1.1.5) +CVE-2007-3511 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 CVE-2007-3508 ignore (glibc) not an issue CVE-2007-3506 backport (freetype, fixed 2.3.4) #235479 [since FEDORA-2007-561] CVE-2007-3478 version (gd, fixed 2.0.35) #277421 [since FEDORA-2007-692] @@ -148,9 +137,7 @@ CVE-2007-2451 version (kernel, fixed 2.6.21.4) [since FEDORA-2007-600] CVE-2007-2445 backport (libpng) #239542 [since FEDORA-2007-529] CVE-2007-2438 version (vim, fixed 7.0.235) #238734 [since FEDORA-2007-492] -CVE-2007-2292 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-2292 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-2292 VULNERABLE (seamonkey, fixed 1.1.5) +CVE-2007-2292 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 CVE-2007-2242 version (kernel) [since FEDORA-2007-482] CVE-2007-2138 version (postgresql, fixed 8.1.9) [since FEDORA-2007-565] CVE-2007-2028 backport (freeradius) [since FEDORA-2007-499] @@ -185,9 +172,7 @@ CVE-2007-1263 version (gnupg, fixed 1.4.7) [since FEDORA-2007-315] CVE-2007-1262 version (squirrelmail, fixed 1.4.10a) #239704 [since FEDORA-2007-505] CVE-2007-1218 backport (tcpdump) 232349 [since FEDORA-2007-347] -CVE-2007-1095 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-1095 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-1095 VULNERABLE (seamonkey, fixed 1.1.5) +CVE-2007-1095 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 CVE-2007-1006 version (ekiga, fixed 2.0.5) #229259 [since FEDORA-2007-322] CVE-2007-1004 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=390627 CVE-2007-1003 backport (xorg-x11-server, fixed > X11R7.2) #235263 [since FEDORA-2007-425]
Index: fc7 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/fc7,v retrieving revision 1.152 retrieving revision 1.153 diff -u -r1.152 -r1.153 --- fc7 24 Oct 2007 10:51:07 -0000 1.152 +++ fc7 24 Oct 2007 12:25:12 -0000 1.153 @@ -20,21 +20,12 @@ CVE-2007-5585 (tempest) #336331 CVE-2007-5416 ignore (drupal) Vulnerability in PHP<5.1.3, we're safe CVE-2007-5386 VULNERABLE (phpmyadmin, fixed 2.11.1.1) #333661 PMASA-2007-5 -CVE-2007-5340 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-5340 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-5340 VULNERABLE (seamonkey, fixed 1.1.5) -CVE-2007-5339 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-5339 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-5339 VULNERABLE (seamonkey, fixed 1.1.5) -CVE-2007-5338 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-5338 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-5338 VULNERABLE (seamonkey, fixed 1.1.5) -CVE-2007-5337 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-5337 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-5337 VULNERABLE (seamonkey, fixed 1.1.5) -CVE-2007-5334 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-5334 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-5334 VULNERABLE (seamonkey, fixed 1.1.5) +CVE-2007-5340 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 +CVE-2007-5339 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 +CVE-2007-5338 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 +CVE-2007-5337 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 +CVE-2007-5335 VULNERABLE (mozilla) ff 2.0.0.8, does not affect ff1.5 +CVE-2007-5334 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 CVE-2007-5269 VULNERABLE (libpng10) update pending CVE-2007-5269 VULNERABLE (libpng, fixed 1.2.21) #337461 CVE-2007-5268 ignore (libpng) shipped version too old and not affected @@ -177,9 +168,7 @@ CVE-2007-3528 version (dar, fixed 2.3.4) #246760 [since FEDORA-2007-0904] CVE-2007-3544 VULNERABLE (wordpress, NOT fixed 2.2.1) #245211 Incomplete fix for CVE-2007-3543 CVE-2007-3543 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894] -CVE-2007-3511 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-3511 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-3511 VULNERABLE (seamonkey, fixed 1.1.5) +CVE-2007-3511 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 CVE-2007-3508 ignore (glibc) not an issue CVE-2007-3506 version (freetype, fixed 2.3.4) #235479 [since FEDORA-2007-0033] CVE-2007-3507 version (flac123, fixed 0.0.10) #246322 [since FEDORA-2007-1045] @@ -300,9 +289,7 @@ CVE-2007-2381 ignore (MochiKit) #238616 *CVE-2007-2356 ** (gimp) *CVE-2007-2353 ** (axis) -CVE-2007-2292 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-2292 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-2292 VULNERABLE (seamonkey, fixed 1.1.5) +CVE-2007-2292 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 *CVE-2007-2245 VULNERABLE (phpMyAdmin, fixed 2.10.1) #237882 CVE-2007-2243 ignore (openssh, fixed 4.6) needs S/KEY support which is not shipped. CVE-2007-2241 backport (bind) [since FEDORA-2007-0300] @@ -423,9 +410,7 @@ *CVE-2007-1218 backport (tcpdump) 232349 [since FEDORA-2007-347] CVE-2007-1216 version (krb5, fixed 1.6-3) #231537 *CVE-2007-1103 VULNERABLE (tor) #230927 -CVE-2007-1095 VULNERABLE (firefox, fixed 2.0.0.8) -CVE-2007-1095 VULNERABLE (thunderbird, fixed 2.0.0.6) -CVE-2007-1095 VULNERABLE (seamonkey, fixed 1.1.5) +CVE-2007-1095 VULNERABLE (mozilla) ff 2.0.0.8, tb 2.0.0.6, sm 1.1.5 CVE-2007-1092 version (seamonkey, fixed 1.0.8) CVE-2007-1055 version (mediawiki, fixed 1.8.3) CVE-2007-1054 version (mediawiki, fixed 1.9.3) [since FEDORA-2007-1442]
security-commits@lists.fedoraproject.org