fedora-security/audit fc5,1.278,1.279
Mark Cox (mjc)
fedora-extras-commits at redhat.com
Wed Aug 16 10:36:36 UTC 2006
Author: mjc
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26491
Modified Files:
fc5
Log Message:
Update from new mails, also note gtkhtml which needs an investigation
Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.278
retrieving revision 1.279
diff -u -r1.278 -r1.279
--- fc5 14 Aug 2006 23:59:15 -0000 1.278
+++ fc5 16 Aug 2006 10:36:33 -0000 1.279
@@ -1,11 +1,12 @@
-Up to date CVE as of CVE email 20060813
+Up to date CVE as of CVE email 20060815
Up to date FC5 as of 20060813
** are items that need attention
+CVE-2006-4144 ** (ImageMagick, fixed 6.2.9)
CVE-2006-4031 VULNERABLE (mysql, fixed 5.0.24) #202247
CVE-2006-4020 VULNERABLE (php) #201767
-CVE-2006-4019 VULNERABLE (squirrelmail, fixed 1.4.8) #202196
+CVE-2006-4019 version (squirrelmail, fixed 1.4.8) #202196 [since FEDORA-2006-913]
CVE-2006-3918 version httpd, fixed 2.2.2 [since FEDORA-2006-364]
CVE-2006-3879 version (mikmod, not 3.1.6)
CVE-2006-3835 VULNERABLE (tomcat, fixed 5.5.17)
@@ -68,7 +69,7 @@
CVE-2006-3469 VULNERABLE (mysql)
CVE-2006-3468 version (kernel, fixed 2.6.17.8) [since FEDORA-2006-906]
CVE-2006-3467 VULNERABLE (freetype)
-CVE-2006-3467 VULNERABLE (xorg) #202475 [since FEDORA-2006-912]
+CVE-2006-3467 backport (libXfont) #202475 [since FEDORA-2006-912]
CVE-2006-3465 backport (libtiff) [since FEDORA-2006-877]
CVE-2006-3464 backport (libtiff) [since FEDORA-2006-877]
CVE-2006-3463 backport (libtiff) [since FEDORA-2006-877]
@@ -84,7 +85,7 @@
CVE-2006-3334 ignore (libpng, fixed 1.2.12) not exploitable
CVE-2006-3242 backport (mutt, fixed 1.4.2.2, 1.5.12) #197152 [since FEDORA-2006-760]
CVE-2006-3174 version (squirrelmail, fixed 1.4.7) #197369 [since FEDORA-2006-788]
-CVE-2006-3145 VULNERABLE (netpbm, fixed 10.34)
+CVE-2006-3145 version (netpbm, fixed 10.34) [since FEDORA-2006-909]
CVE-2006-3127 version (nss, only affected 3.11) [since FEDORA-2006-728]
CVE-2006-3122 ** dhcp
CVE-2006-3117 backport (openoffice.org, fixed 2.0.3) [since FEDORA-2006-770]
@@ -413,6 +414,8 @@
CVE-2006-0052 version (mailman, fixed 2.1.6)
CVE-2006-0049 version (gnupg, fixed 1.4.2.2)
CVE-2006-0040 VULNERABLE (gtkhtml) #183680 no upstream fix
+CVE-2006-0040 ** (gtkhtml2)
+CVE-2006-0040 ** (gtkhtml3)
CVE-2006-0039 version (kernel, fixed 2.6.16.17) [since FEDORA-2006-572]
CVE-2006-0037 version (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6 [since FEDORA-2006-233]
CVE-2006-0036 version (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6 [since FEDORA-2006-233]
@@ -1647,6 +1650,8 @@
CVE-2003-0543 backport (openssl097a, fixed 0.9.7c)
CVE-2003-0542 version (httpd, fixed 2.0.48)
CVE-2003-0541 backport (gtkhtml, fixed 1.1.10) gtkhtml-1.1.9-textslave.patch
+CVE-2003-0541 ** (gtkhtml2)
+CVE-2003-0541 ** (gtkhtml3)
CVE-2003-0540 version (postfix, not 2.0 onwards)
CVE-2003-0517 version (mgetty, fixed 1.1.29)
CVE-2003-0516 version (mgetty, fixed 1.1.29)
More information about the scm-commits
mailing list