fedora-security/audit fc4,1.110,1.111 fc5,1.20,1.21

Tue Dec 20 10:12:31 UTC 2005

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2707

Modified Files:
	fc4 fc5 
Log Message:
More fc4 releases and CVE feed entries



Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.110
retrieving revision 1.111
diff -u -r1.110 -r1.111

--- fc4	19 Dec 2005 09:44:50 -0000	1.110
+++ fc4	20 Dec 2005 10:12:13 -0000	1.111
@@ -1,12 +1,17 @@
-Up to date CVE as of CVE email 20051218
-Up to date FC4 as of 20051218
+Up to date CVE as of CVE email 20051219
+Up to date FC4 as of 20051219
 
 ** are items that need attention
 
+CVE-2005-4348 VULNERABLE (fetchmail)
 CVE-2005-4268 blocked (cpio) by FORTIFY_SOURCE
 CVE-2005-4158 backport (sudo) [since FEDORA-2005-1147] was ignore only env_reset will properly clean the environment
 CVE-2005-4154 ignore (php) don't install untrusted pear packages
+CVE-2005-4153 VULNERABLE (mailman)
+CVE-2005-4134 ignore (mozilla) http://www.mozilla.org/security/history-title.html
+CVE-2005-4134 ignore (firefox) http://www.mozilla.org/security/history-title.html
 CVE-2005-4077 backport (curl) [since FEDORA-2005-1137]
+CVE-2005-3896 ignore (mozilla) recoverable DoS only
 CVE-2005-3651 VULNERABLE (ethereal)
 CVE-2005-3358 version (kernel, fixed 2.6.11)
 CVE-2005-3352 VULNERABLE (httpd, fixed 2.0.56)
@@ -14,17 +19,17 @@
 CVE-2005-3193 backport (xpdf) [since FEDORA-2005-1169]
 CVE-2005-3193 backport (kdegraphics) [since FEDORA-2005-1160]
 CVE-2005-3193 backport (tetex) [since FEDORA-2005-1126]
-CVE-2005-3193 backport (poppler) [since FEDORA-2005-1132]
+CVE-2005-3193 backport (poppler) [since FEDORA-2005-1171]
 CVE-2005-3192 backport (cups) [since FEDORA-2005-1142]
 CVE-2005-3192 backport (xpdf) [since FEDORA-2005-1169]
 CVE-2005-3192 backport (kdegraphics) [since FEDORA-2005-1160]
 CVE-2005-3192 backport (tetex) [since FEDORA-2005-1126]
-CVE-2005-3192 backport (poppler) [since FEDORA-2005-1132]
+CVE-2005-3192 backport (poppler) [since FEDORA-2005-1171]
 CVE-2005-3191 backport (cups) [since FEDORA-2005-1142]
 CVE-2005-3191 backport (xpdf) [since FEDORA-2005-1169]
 CVE-2005-3191 backport (kdegraphics) [since FEDORA-2005-1160]
 CVE-2005-3191 backport (tetex) [since FEDORA-2005-1126]
-CVE-2005-3191 backport (poppler) [since FEDORA-2005-1132]
+CVE-2005-3191 backport (poppler) [since FEDORA-2005-1171]
 CVE-2005-3964 VULNERABLE (openmotif) bz#174815
 CVE-2005-3962 backport (perl) [since FEDORA-2005-1144]
 CVE-2005-3912 backport (perl) [since FEDORA-2005-1144]


Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- fc5	16 Dec 2005 09:00:46 -0000	1.20
+++ fc5	20 Dec 2005 10:12:13 -0000	1.21
@@ -1,4 +1,4 @@
-Up to date CVE as of CVE email 20051214
+Up to date CVE as of CVE email 20051219
 Up to date FC5 as of FC5-Test1-RC
 
 1. Removed packages with security issues that are no longer in FC5 
@@ -12,10 +12,15 @@
 
 ** are items that need attention
 
+CVE-2005-4348 VULNERABLE (fetchmail, fixed 6.2.5.5, fixed 6.3.1)
 CVE-2005-4268 blocked (cpio) by FORTIFY_SOURCE
 CVE-2005-4158 ignore (sudo) only env_reset will properly clean the environment
 CVE-2005-4154 ignore (php) don't install untrusted pear packages
+CVE-2005-4153 VULNERABLE (mailman)
+CVE-2005-4134 ignore (mozilla) http://www.mozilla.org/security/history-title.html
+CVE-2005-4134 ignore (firefox) http://www.mozilla.org/security/history-title.html
 CVE-2005-4077 VULNERABLE (curl)
+CVE-2005-3896 ignore (mozilla) recoverable DoS only
 CVE-2005-3651 VULNERABLE (ethereal)
 CVE-2005-3358 version (kernel, fixed 2.6.11)
 CVE-2005-3352 VULNERABLE (httpd, fixed 2.2.1)


