Author: thoger
Update of /cvs/fedora/fedora-security/audit In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28224/audit
Modified Files: f10 f8 f9 Log Message: mantis cleanup
Index: f10 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f10,v retrieving revision 1.19 retrieving revision 1.20 diff -u -r1.19 -r1.20 --- f10 10 Oct 2008 13:03:05 -0000 1.19 +++ f10 14 Oct 2008 16:05:00 -0000 1.20 @@ -152,7 +152,7 @@ CVE-2008-3139 version (wireshark, fixed 1.0.1) [since wireshark-1.0.1-1.fc10] CVE-2008-3138 version (wireshark, fixed 1.0.1) [since wireshark-1.0.1-1.fc10] CVE-2008-3137 version (wireshark, fixed 1.0.1) [since wireshark-1.0.1-1.fc10] -CVE-2008-3102 VULNERABLE (mantis) #464137 +CVE-2008-3102 VULNERABLE (mantis, fixed 1.1.3) #464137 CVE-2008-3067 version (sudo, fixed 1.6.9p12) CVE-2008-2960 version (phpMyAdmin, fixed 2.11.7) [since phpMyAdmin-2.11.7-1.fc10] PMASA-2008-4 CVE-2008-2954 backport (linuxdcpp) #453734 [since linuxdcpp-1.0.1-3.fc10] @@ -251,7 +251,7 @@ CVE-2008-2307 version (WebKit, fixed svn34204) [since WebKit-1.0.0-0.11.svn34279.fc10] CVE-2008-2302 version (Django, fixed 0.96.2) #447260 [since Django-0.96.2-1.fc10] CVE-2008-2292 backport (net-snmp, fixed 5.4.2.pre1) [since net-snmp-5.4.1-19.fc10] -CVE-2008-2276 VULNERABLE (mantis) upstream fix in 1.2.0a1 seems useless +CVE-2008-2276 version (mantis) [since mantis-1.1.2-1.fc10] CVE-2008-2266 ignore (perl-Convert-UUlib) embedded uulib copy uses mkstemp CVE-2008-2235 version (opensc, fixed 0.11.5) [since opensc-0.11.6-1.fc10] CVE-2008-2168 ignore (httpd) browser issue, not apache
Index: f8 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f8,v retrieving revision 1.238 retrieving revision 1.239 diff -u -r1.238 -r1.239 --- f8 10 Oct 2008 13:03:05 -0000 1.238 +++ f8 14 Oct 2008 16:05:00 -0000 1.239 @@ -147,7 +147,7 @@ CVE-2008-3139 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6645] CVE-2008-3138 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6645] CVE-2008-3137 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6645] -CVE-2008-3102 VULNERABLE (mantis) #464135 +CVE-2008-3102 VULNERABLE (mantis, fixed 1.1.3) #464135 CVE-2008-3067 VULNERABLE (sudo, fixed 1.6.9p12) CVE-2008-2960 fixed (phpMyAdmin, fixed 2.11.7) [since FEDORA-2008-5640] PMASA-2008-4 CVE-2008-2954 fixed (linuxdcpp) #453732 [since FEDORA-2008-6038] @@ -245,7 +245,7 @@ CVE-2008-2307 fixed (WebKit, fixed svn34204) #454094 [since FEDORA-2008-6220] CVE-2008-2302 fixed (Django, fixed 0.96.2) #447258 [since FEDORA-2008-4248] CVE-2008-2292 fixed (net-snmp, fixed 5.4.2.pre1) [since FEDORA-2008-5218] -CVE-2008-2276 VULNERABLE (mantis) upstream fix in 1.2.0a1 seems useless +CVE-2008-2276 fixed (mantis) [since FEDORA-2008-6657] CVE-2008-2266 ignore (perl-Convert-UUlib) embedded uulib copy uses mkstemp CVE-2008-2235 VULNERABLE (opensc, fixed 0.11.5) CVE-2008-2168 ignore (httpd) browser issue, not apache
Index: f9 =================================================================== RCS file: /cvs/fedora/fedora-security/audit/f9,v retrieving revision 1.229 retrieving revision 1.230 diff -u -r1.229 -r1.230 --- f9 10 Oct 2008 13:03:05 -0000 1.229 +++ f9 14 Oct 2008 16:05:00 -0000 1.230 @@ -153,7 +153,7 @@ CVE-2008-3139 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6440] CVE-2008-3138 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6440] CVE-2008-3137 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6440] -CVE-2008-3102 VULNERABLE (mantis) #464136 +CVE-2008-3102 VULNERABLE (mantis, fixed 1.1.3) #464136 CVE-2008-3067 version (sudo, fixed 1.6.9p12) CVE-2008-2960 fixed (phpMyAdmin, fixed 2.11.7) [since FEDORA-2008-5676] PMASA-2008-4 CVE-2008-2954 fixed (linuxdcpp) #453733 [since FEDORA-2008-6018] @@ -252,7 +252,7 @@ CVE-2008-2307 fixed (WebKit, fixed svn34204) #454095 [since FEDORA-2008-6186] CVE-2008-2302 fixed (Django, fixed 0.96.2) #447259 [since FEDORA-2008-4267] CVE-2008-2292 fixed (net-snmp, fixed 5.4.2.pre1) [since FEDORA-2008-5215] -CVE-2008-2276 VULNERABLE (mantis) upstream fix in 1.2.0a1 seems useless +CVE-2008-2276 fixed (mantis) [since FEDORA-2008-6647] CVE-2008-2266 ignore (perl-Convert-UUlib) embedded uulib copy uses mkstemp CVE-2008-2235 VULNERABLE (opensc, fixed 0.11.5) CVE-2008-2168 ignore (httpd) browser issue, not apache
security-commits@lists.fedoraproject.org