fedora-security/audit fc6,1.14,1.15

Mark Cox (mjc) fedora-extras-commits at redhat.com
Tue Aug 15 15:44:05 UTC 2006 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23612

Modified Files:
	fc6 
Log Message:
Just about finished with fc6test2



Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- fc6	15 Aug 2006 14:53:03 -0000	1.14
+++ fc6	15 Aug 2006 15:44:03 -0000	1.15
@@ -1,15 +1,8 @@
-**********************************************************************
-* WORK IN PROGRESS
-**********************************************************************
-
 Up to date CVE as of CVE email 20060813
 Up to date FC6 as of Test2
 
-Notes:
-1. Removed packages no longer shipped
-2. Added packages newly shipped
-3. Deal with libutempter/utempter
-4. ### left to do (was 1771)
+ACTION: Deal with libutempter/utempter
+ACTION: Double check VULNERABLE and file fc6 bugs
 
 ** are items that need attention
 
@@ -277,7 +270,7 @@
 CVE-2006-1242 version (kernel, fixed 2.6.16.1)
 CVE-2006-1174 version (shadow-utils, fixed 4.0.3)
 CVE-2006-1173 version (sendmail, fixed 8.13.7)
-CVE-2006-1168 VULNERABLE (ncompress) #201919 ###
+CVE-2006-1168 VULNERABLE (ncompress) fc5#201919
 CVE-2006-1095 version (mod_python, 3.2.7 only)
 CVE-2006-1079 ignore (httpd) not a vulnerability
 CVE-2006-1078 ignore (httpd) not a vulnerability
@@ -295,7 +288,7 @@
 CVE-2006-0996 version (php, fixed 5.1.4)
 CVE-2006-0903 version (mysql, 4.1.19)
 CVE-2006-0884 version (thunderbird, fixed 1.5.0.2)
-CVE-2006-0836 VULNERABLE (thunderbird) ###
+CVE-2006-0836 VULNERABLE (thunderbird)
 CVE-2006-0749 version (thunderbird, fixed 1.5.0.2)
 CVE-2006-0749 version (firefox, fixed 1.5.0.2)
 CVE-2006-0748 version (thunderbird, fixed 1.5.0.2)
@@ -307,7 +300,7 @@
 CVE-2006-0742 version (kernel, fixed 2.6.16)
 CVE-2006-0741 version (kernel, fixed 2.6.15.5)
 CVE-2006-0730 version (dovecot, 1.0beta[12] only)
-CVE-2006-0678 ignore (postgresql) we don't build --enable-cassert ###
+CVE-2006-0678 ignore (postgresql) we don't build --enable-cassert
 CVE-2006-0670 version (bluez-hcidump, fixed 1.30)
 CVE-2006-0645 version (gnutls, fixed 1.2.10)
 CVE-2006-0591 version (postgresql, fixed 8.0.6)
@@ -333,7 +326,7 @@
 CVE-2006-0301 version (poppler, fixed 0.4.5)
 CVE-2006-0301 backport (xpdf) xpdf-3.01pl2.patch
 CVE-2006-0301 version (kdegraphics, fixed 3.5.2)
-CVE-2006-0300 backport (tar) ###
+CVE-2006-0300 version (tar, fixed 1.15.90 at least)
 CVE-2006-0299 version (thunderbird, fixed 1.5)
 CVE-2006-0299 version (firefox, fixed 1.5.0.1)
 CVE-2006-0298 version (thunderbird, fixed 1.5)
@@ -374,8 +367,8 @@
 CVE-2006-0019 version (kdelibs, fixed 3.5.1)
 CVE-2005-4798 version (kernel, not 2.6)
 CVE-2005-4784 ignore (glibc) struct dirent is big enough
-CVE-2005-4746 version (freeradius) we don't build vulnerable bits ###
-CVE-2005-4745 version (freeradius) we don't build vulnerable bits ###
+CVE-2005-4746 version (freeradius, fixed 1.0.5)
+CVE-2005-4745 version (freeradius, fixed 1.0.5)
 CVE-2005-4744 version (freeradius, fixed 1.0.5)
 CVE-2005-4720 version (thunderbird, fixed 1.5)
 CVE-2005-4720 version (firefox, fixed 1.5)
@@ -592,7 +585,7 @@
 CVE-2005-2494 version (kdebase, fixed after 3.4.2)
 CVE-2005-2492 version (kernel, fixed 2.6.13.1)
 CVE-2005-2491 version (pcre, fixed 6.2)
-CVE-2005-2491 ignore (python) fc4 python does not contain pcre ###
+CVE-2005-2491 ignore (python) fc6 python does not contain pcre
 CVE-2005-2491 ignore (php) php uses system pcre
 CVE-2005-2491 ignore (httpd) httpd uses system pcre
 CVE-2005-2490 version (kernel, fixed 2.6.13.1)
@@ -863,7 +856,7 @@
 CVE-2005-0384 version (kernel, fixed 2.6.11.4)
 CVE-2005-0372 version (gftp, fixed 2.0.18 at least)
 CVE-2005-0365 version (kdelibs, not 3.4)
-CVE-2005-0337 version (postfix, not 2.2) ###
+CVE-2005-0337 version (postfix, fixed 2.1.4)
 CVE-2005-0255 version (thunderbird, fixed 1.0.2)
 CVE-2005-0255 version (firefox, fixed 1.0.1)
 CVE-2005-0247 version (postgresql, fixed after 8.0)
@@ -1322,7 +1315,7 @@
 CVE-2004-0177 version (kernel, fixed 2.6.6)
 CVE-2004-0176 version (wireshark, fixed 0.10.3)
 CVE-2004-0175 version (openssh, fixed 3.4p1)
-CVE-2004-0175 backport (krb5) krb5-1.3.3-rcp-markus.patch ###
+CVE-2004-0175 backport (krb5) krb5-1.3.3-rcp-markus.patch
 CVE-2004-0174 version (httpd, not 2.2)
 CVE-2004-0173 version (httpd, not 2.2)
 CVE-2004-0164 version (racoon)
@@ -1330,7 +1323,7 @@
 CVE-2004-0154 version (nfs-utils, fixed 1.0.6)
 CVE-2004-0150 version (python, fixed 2.2.2)
 CVE-2004-0138 version (kernel, fixed 2.6.0)
-CVE-2004-0133 version (kernel, 2.6.4) ###
+CVE-2004-0133 version (kernel, fixed 2.6.4)
 CVE-2004-0113 version (httpd, not 2.2)
 CVE-2004-0112 version (openssl, not 0.9.8)
 CVE-2004-0112 backport (openssl097a, fixed 0.9.7d)
@@ -1495,7 +1488,7 @@
 CVE-2003-0388 version (pam, fixed 0.78)
 CVE-2003-0386 version (openssh, fixed after 3.6.1)
 CVE-2003-0370 version (kde, fixed 3.0)
-CVE-2003-0367 backport (gzip) ###
+CVE-2003-0367 backport (gzip) gzip-1.3.5-openbsd-owl-tmp.patch
 CVE-2003-0364 version (kernel, not 2.6)
 CVE-2003-0357 version (wireshark, fixed after 0.9.11)
 CVE-2003-0356 version (wireshark, fixed after 0.9.11)
@@ -1530,7 +1523,7 @@
 CVE-2003-0187 version (kernel, not 2.6)
 CVE-2003-0167 version (mutt, fixed 1.4.1)
 CVE-2003-0166 version (php, fixed 4.3.2)
-CVE-2003-0165 version (eog, fixed 2.2.2??) ###
+CVE-2003-0165 version (eog, fixed 2.2.2)
 CVE-2003-0161 version (sendmail, fixed 8.12.9)
 CVE-2003-0160 version (squirrelmail, fixed 1.2.11)
 CVE-2003-0159 version (wireshark, fixed after 0.9.9)

More information about the scm-commits mailing list