fedora-security/audit fc6,1.46,1.47

Mark Cox (mjc) fedora-extras-commits at redhat.com
Tue Aug 29 14:12:50 UTC 2006 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19726

Modified Files:
	fc6 
Log Message:
Another set of fc6 issues



Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -r1.46 -r1.47
--- fc6	29 Aug 2006 11:01:38 -0000	1.46
+++ fc6	29 Aug 2006 14:12:47 -0000	1.47
@@ -1635,7 +1635,7 @@
 CVE-2002-1649 version (squirrelmail, fixed 1.2.3)
 CVE-2002-1648 version (squirrelmail, fixed 1.2.3)
 CVE-2002-1642 version (postgresql, fixed 7.2.3)
-CVE-2002-1602 ** screen
+CVE-2002-1602 ignore (screen) not setuid
 CVE-2002-1594 ** shadow-utils
 CVE-2002-1593 version (httpd, not 2.2)
 CVE-2002-1592 version (httpd, not 2.2)
@@ -1643,16 +1643,16 @@
 CVE-2002-1573 version (kernel, not 2.6)
 CVE-2002-1572 version (kernel, not 2.6)
 CVE-2002-1571 version (kernel, not 2.6)
-CVE-2002-1570 ** net-snmp
+CVE-2002-1570 version (net-snmp, fixed in 5.0.8 at least)
 CVE-2002-1568 version (openssl, fixed 0.9.6f)
 CVE-2002-1568 version (openssl097a, fixed 0.9.6f)
-CVE-2002-1567 ** tomcat
-CVE-2002-1565 ** wget
+CVE-2002-1567 version (tomcat, fixed 4.1.3)
+CVE-2002-1565 version (wget, not 1.9+)
 CVE-2002-1563 ** stunnel
 CVE-2002-1511 version (vnc, fixed 3.3.3)
 CVE-2002-1510 version (XFree86, fixed 4.2.0)
 CVE-2002-1509 ** shadow-utils
-CVE-2002-1508 ** openldap
+CVE-2002-1508 version (openldap, not 2.3.24+)
 CVE-2002-1472 version (XFree86, fixed 4.2.1)
 CVE-2002-1471 ** evolution
 CVE-2002-1405 version (lynx, fixed 2.8.5dev9)
@@ -1672,8 +1672,8 @@
 CVE-2002-1384 version (cups, fixed 1.1.18)
 CVE-2002-1383 version (cups, fixed 1.1.18)
 CVE-2002-1380 ** kernel
-CVE-2002-1379 ** openldap
-CVE-2002-1378 ** openldap
+CVE-2002-1379 version (openldap, not 2.3.24+)
+CVE-2002-1378 version (openldap, not 2.3.24+)
 CVE-2002-1377 ** vim
 CVE-2002-1376 version (mysql, fixed 4.0.6)
 CVE-2002-1375 version (mysql, fixed 4.0.6)
@@ -1708,7 +1708,7 @@
 CVE-2002-1235 version (krb5, fixed after 1.2.6)
 CVE-2002-1233 ignore (httpd) Debian regression
 CVE-2002-1232 version (ypserv, fixed 2.5)
-CVE-2002-1227 ** pam
+CVE-2002-1227 version (pam, only 0.76)
 CVE-2002-1224 version (kde, fixed 3.0.4)
 CVE-2002-1223 version (kdegraphics, fixed 3.0.4)
 CVE-2002-1221 version (bind, not 9)
@@ -1719,7 +1719,7 @@
 CVE-2002-1174 version (fetchmail, fixed 6.2.0)
 CVE-2002-1170 ** net-snmp
 CVE-2002-1165 ** sendmail
-CVE-2002-1160 ** pam
+CVE-2002-1160 version (pam) was our config
 CVE-2002-1157 version (httpd, not 2.0)
 CVE-2002-1156 version (httpd, fixed 2.0.43)
 CVE-2002-1154 ** kon2

More information about the scm-commits mailing list