fedora-security/audit fc4,1.162,1.163 fc5,1.70,1.71

Mark Cox (mjc) fedora-extras-commits at redhat.com
Tue Feb 28 09:29:46 UTC 2006 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27272

Modified Files:
	fc4 fc5 
Log Message:
fix xscreensaver versions and add missing entries



Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.162
retrieving revision 1.163
diff -u -r1.162 -r1.163
--- fc4	28 Feb 2006 02:14:01 -0000	1.162
+++ fc4	28 Feb 2006 09:29:30 -0000	1.163
@@ -1,9 +1,10 @@
-Up to date CVE as of CVE email 20060223
-Up to date FC4 as of 20060223
+Up to date CVE as of CVE email 20060227
+Up to date FC4 as of 20060227
 
 ** are items that need attention
 
 CVE-2006-0903 VULNERABLE (mysql) bz#183261
+CVE-2006-0884 ** thunderbird
 CVE-2006-0836 version (thunderbird, 1.5 only)
 CVE-2006-0730 version (dovecot, 1.0beta[12] only)
 CVE-2006-0678 version (postgresql, 8.1 only)
@@ -25,7 +26,7 @@
 CVE-2006-0301 backport (xpdf) [since FEDORA-2006-104]
 CVE-2006-0301 version (poppler, fixed 0.4.5) [since FEDORA-2006-103]
 CVE-2006-0301 backport (kdegraphics) [since FEDORA-2006-105]
-CVE-2006-0300 ** tar
+CVE-2006-0300 VULNERABLE (tar) bz#181773
 CVE-2006-0299 version (firefox, 1.5 only)
 CVE-2006-0299 version (mozilla, 1.8 branch only)
 CVE-2006-0299 version (thunderbird, 1.5 only)
@@ -241,7 +242,7 @@
 CVE-2005-2933 VULNERABLE (uw-imap) bz#171345
 CVE-2005-2929 backport (lynx) [since FEDORA-2005-1079]
 CVE-2005-2917 version (squid, fixed 2.5.STABLE11) [since FEDORA-2005-913]
-CVE-2005-2876 backport (util-linux) [since FEDORA-2005-887]
+CVE-2005-2876 backport (util-linux, fixed 2.12r) [since FEDORA-2005-887]
 CVE-2005-2874 version (cups, fixed 1.1.23)
 CVE-2005-2873 VULNERABLE (kernel) not upstream fixed
 CVE-2005-2872 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
@@ -692,6 +693,7 @@
 CVE-2005-0004 version (mysql, fixed 4.1.10)
 CVE-2005-0003 version (kernel, fixed 2.6.10)
 CVE-2005-0001 version (kernel, fixed 2.6.10)
+CVE-2004-2654 version (squid, fixed 2.6STABLE6)
 CVE-2004-2607 version (kernel, fixed 2.6.5)
 CVE-2004-2589 version (gaim, fixed 0.82)
 CVE-2004-2546 version (samba, fixed 3.0.6)
@@ -1121,7 +1123,7 @@
 CVE-2004-0005 version (gaim, fixed 0.76)
 CVE-2004-0003 version (kernel, not 2.6)
 CVE-2004-0001 version (kernel, not 2.6)
-CVE-2003-1295 version (xscreensaver, fixed 4.12)
+CVE-2003-1295 version (xscreensaver)
 CVE-2003-1294 version (xscreensaver, fixed 4.15)
 CVE-2003-1265 VULNERABLE (mozilla)
 CVE-2003-1265 VULNERABLE (firefox)
@@ -1143,6 +1145,7 @@
 CVE-2003-0988 version (kdepim, fixed 3.1.5)
 CVE-2003-0988 version (kde, fixed 3.1.5)
 CVE-2003-0987 version (httpd, not 2.0)
+CVE-2003-0986 version (kernel, fixed 2.6.2)
 CVE-2003-0985 version (kernel, not 2.6)
 CVE-2003-0984 version (kernel, fixed 2.4.23)
 CVE-2003-0977 version (cvs, fixed 1.11.10)
@@ -1164,7 +1167,7 @@
 CVE-2003-0914 version (bind, not 9)
 CVE-2003-0901 version (postgresql, not 8)
 CVE-2003-0900 version (perl, only 5.8.1)
-CVE-2003-0885 version (xscreensaver, fixed 4.14)
+CVE-2003-0885 version (xscreensaver, fixed 4.15)
 CVE-2003-0865 version (tomcat, fixed after 4.0.3)
 CVE-2003-0863 ignore (php, not a bug) http://lists.nyphp.org/pipermail/talk/2003-November/006392.html
 CVE-2003-0861 version (php, fixed 4.3.3)
@@ -1275,6 +1278,7 @@
 CVE-2003-0253 version (httpd, fixed 2.0.47)
 CVE-2003-0252 version (nfs-utils, fixed 1.0.4)
 CVE-2003-0251 version (ypserv, fixed 2.7)
+CVE-2003-0249 ignore (php) see CVE
 CVE-2003-0248 version (kernel, not 2.6)
 CVE-2003-0247 version (kernel, not 2.6)
 CVE-2003-0246 version (kernel, not 2.6)


Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.70
retrieving revision 1.71
diff -u -r1.70 -r1.71
--- fc5	28 Feb 2006 02:14:01 -0000	1.70
+++ fc5	28 Feb 2006 09:29:30 -0000	1.71
@@ -1,4 +1,4 @@
-Up to date CVE as of CVE email 20060223
+Up to date CVE as of CVE email 20060227
 Up to date FC5 as of FC5-Test3
 
 1. Removed packages with security issues that are no longer in FC5 
@@ -18,6 +18,7 @@
 ** are items that need attention
 
 CVE-2006-0903 VULNERABLE (mysql)
+CVE-2006-0884 ** thunderbird
 CVE-2006-0836 VULNERABLE (thunderbird)
 CVE-2006-0730 version (dovecot, 1.0beta[12] only)
 CVE-2006-0678 ignore (postgresql) we don't build --enable-cassert
@@ -39,7 +40,7 @@
 CVE-2006-0301 backport (xpdf) xpdf-3.01pl2.patch
 CVE-2006-0301 version (poppler, fixed 0.4.5)
 CVE-2006-0301 backport (kdegraphics) post-3.5.1-kdegraphics-CVE-2006-0301.diff
-CVE-2006-0300 ** tar
+CVE-2006-0300 VULNERABLE (tar)
 CVE-2006-0299 version (firefox, fixed 1.5.0.1)
 CVE-2006-0299 version (mozilla, 1.8 branch only)
 CVE-2006-0299 version (thunderbird, fixed 1.5)
@@ -730,6 +731,7 @@
 CVE-2005-0004 version (mysql, fixed 4.1.10)
 CVE-2005-0003 version (kernel, fixed 2.6.10)
 CVE-2005-0001 version (kernel, fixed 2.6.10)
+CVE-2004-2654 version (squid, fixed 2.6STABLE6)
 CVE-2004-2607 version (kernel, fixed 2.6.5)
 CVE-2004-2589 version (gaim, fixed 0.82)
 CVE-2004-2546 version (samba, fixed 3.0.6)
@@ -1179,7 +1181,7 @@
 CVE-2004-0005 version (gaim, fixed 0.76)
 CVE-2004-0003 version (kernel, not 2.6)
 CVE-2004-0001 version (kernel, not 2.6)
-CVE-2003-1295 version (xscreensaver, fixed 4.12)
+CVE-2003-1295 version (xscreensaver)
 CVE-2003-1294 version (xscreensaver, fixed 4.15)
 CVE-2003-1265 VULNERABLE (mozilla) not fixed upstream
 CVE-2003-1265 VULNERABLE (firefox) not fixed upstream
@@ -1201,6 +1203,7 @@
 CVE-2003-0988 version (kdepim, fixed 3.1.5)
 CVE-2003-0988 version (kde, fixed 3.1.5)
 CVE-2003-0987 version (httpd, not 2.0)
+CVE-2003-0986 version (kernel, fixed 2.6.2)
 CVE-2003-0985 version (kernel, not 2.6)
 CVE-2003-0984 version (kernel, fixed 2.4.23)
 CVE-2003-0977 version (cvs, fixed 1.11.10)
@@ -1222,7 +1225,7 @@
 CVE-2003-0914 version (bind, not 9)
 CVE-2003-0901 version (postgresql, not 8)
 CVE-2003-0900 version (perl, only 5.8.1)
-CVE-2003-0885 version (xscreensaver, fixed 4.14)
+CVE-2003-0885 version (xscreensaver, fixed 4.15)
 CVE-2003-0865 version (tomcat, fixed after 4.0.3)
 CVE-2003-0863 ignore (php) http://lists.nyphp.org/pipermail/talk/2003-November/006392.html
 CVE-2003-0861 version (php, fixed 4.3.3)
@@ -1331,6 +1334,7 @@
 CVE-2003-0253 version (httpd, fixed 2.0.47)
 CVE-2003-0252 version (nfs-utils, fixed 1.0.4)
 CVE-2003-0251 version (ypserv, fixed 2.7)
+CVE-2003-0249 ignore (php) see CVE
 CVE-2003-0248 version (kernel, not 2.6)
 CVE-2003-0247 version (kernel, not 2.6)
 CVE-2003-0246 version (kernel, not 2.6)

More information about the scm-commits mailing list