fedora-security/audit fc4,1.175,1.176 fc5,1.87,1.88
Mark Cox (mjc)
fedora-extras-commits at redhat.com
Tue Mar 21 15:48:39 UTC 2006
Author: mjc
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27225
Modified Files:
fc4 fc5
Log Message:
Sort the files since from time to time I put lines in the wrong
places
Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.175
retrieving revision 1.176
diff -u -r1.175 -r1.176
--- fc4 20 Mar 2006 16:09:19 -0000 1.175
+++ fc4 21 Mar 2006 15:48:32 -0000 1.176
@@ -8,7 +8,7 @@
CVE-2006-1095 ignore (mod_python, 3.2.7 only)
CVE-2006-1079 ignore (httpd) not a vulnerability
CVE-2006-1078 ignore (httpd) not a vulnerability
-CVE-2006-1061 ignore (curl, 7.15.0 - 7.15.2 only)
+CVE-2006-1061 version (curl, 7.15.0 - 7.15.2 only)
CVE-2006-1045 VULNERABLE (thunderbird)
CVE-2006-1015 ignore (php) safe mode isn't safe
CVE-2006-1014 ignore (php) safe mode isn't safe
@@ -41,33 +41,33 @@
CVE-2006-0377 version (squirrelmail, fixed 1.4.6) [since FEDORA-2006-133]
CVE-2006-0369 ignore (mysql) this is not a security issue
CVE-2006-0321 version (fetchmail, fixed 6.3.2) 6.3.X only affected
-CVE-2006-0301 backport (xpdf) [since FEDORA-2006-104]
CVE-2006-0301 version (poppler, fixed 0.4.5) [since FEDORA-2006-103]
+CVE-2006-0301 backport (xpdf) [since FEDORA-2006-104]
CVE-2006-0301 backport (kdegraphics) [since FEDORA-2006-105]
CVE-2006-0300 VULNERABLE (tar) bz#181773
-CVE-2006-0299 version (firefox, 1.5 only)
-CVE-2006-0299 version (mozilla, 1.8 branch only)
CVE-2006-0299 version (thunderbird, 1.5 only)
-CVE-2006-0298 version (firefox, 1.5 only)
-CVE-2006-0298 version (mozilla, 1.8 branch only)
+CVE-2006-0299 version (mozilla, 1.8 branch only)
+CVE-2006-0299 version (firefox, 1.5 only)
CVE-2006-0298 version (thunderbird, 1.5 only)
-CVE-2006-0297 version (firefox, 1.5 only)
-CVE-2006-0297 version (mozilla, 1.8 branch only)
+CVE-2006-0298 version (mozilla, 1.8 branch only)
+CVE-2006-0298 version (firefox, 1.5 only)
CVE-2006-0297 version (thunderbird, 1.5 only)
-CVE-2006-0296 backport (firefox) [since FEDORA-2006-076]
+CVE-2006-0297 version (mozilla, 1.8 branch only)
+CVE-2006-0297 version (firefox, 1.5 only)
CVE-2006-0296 backport (mozilla) [since FEDORA-2006-075]
+CVE-2006-0296 backport (firefox) [since FEDORA-2006-076]
CVE-2006-0296 VULNERABLE (thunderbird)
-CVE-2006-0295 version (firefox, 1.5 only)
-CVE-2006-0295 version (mozilla, 1.8 branch only)
CVE-2006-0295 version (thunderbird, 1.5 only)
-CVE-2006-0294 version (firefox, 1.5 only)
-CVE-2006-0294 version (mozilla, 1.8 branch only)
+CVE-2006-0295 version (mozilla, 1.8 branch only)
+CVE-2006-0295 version (firefox, 1.5 only)
CVE-2006-0294 version (thunderbird, 1.5 only)
-CVE-2006-0293 version (firefox, 1.5 only)
-CVE-2006-0293 version (mozilla, 1.8 branch only)
+CVE-2006-0294 version (mozilla, 1.8 branch only)
+CVE-2006-0294 version (firefox, 1.5 only)
CVE-2006-0293 version (thunderbird, 1.5 only)
-CVE-2006-0292 backport (firefox) [since FEDORA-2006-076]
+CVE-2006-0293 version (mozilla, 1.8 branch only)
+CVE-2006-0293 version (firefox, 1.5 only)
CVE-2006-0292 backport (mozilla) [since FEDORA-2006-075]
+CVE-2006-0292 backport (firefox) [since FEDORA-2006-076]
CVE-2006-0292 VULNERABLE (thunderbird)
CVE-2006-0254 VULNERABLE (tomcat5, fixed 5.5.16) bz#178178
CVE-2006-0236 ignore (thunderbird) windows only flaw
@@ -88,9 +88,9 @@
CVE-2006-0036 backport (kernel, only 2.6.14 and 2.6.15) [since FEDORA-2006-077] patch-2.6.15.5
CVE-2006-0035 backport (kernel) [since FEDORA-2006-077] patch-2.6.15.5
CVE-2006-0019 version (kdelibs, fixed 3.5.1) [since FEDORA-2006-090] was backport since FEDORA-2006-050
+CVE-2005-4720 VULNERABLE (thunderbird)
CVE-2005-4720 VULNERABLE (mozilla)
CVE-2005-4720 VULNERABLE (firefox)
-CVE-2005-4720 VULNERABLE (thunderbird)
CVE-2005-4703 ignore (tomcat) windows only
CVE-2005-4685 VULNERABLE (mozilla)
CVE-2005-4685 VULNERABLE (firefox)
@@ -141,30 +141,30 @@
CVE-2005-3632 version (netpbm)
CVE-2005-3631 version (udev)
CVE-2005-3629 ** initscripts
-CVE-2005-3628 backport (xpdf) [since FEDORA-2005-1169]
-CVE-2005-3628 backport (tetex) [since FEDORA-2005-1126]
CVE-2005-3628 version (poppler, fixed 0.4.4) [since FEDORA-2005-026] was backport since FEDORA-2005-1171
CVE-2005-3628 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
+CVE-2005-3628 backport (xpdf) [since FEDORA-2005-1169]
+CVE-2005-3628 backport (tetex) [since FEDORA-2005-1126]
CVE-2005-3628 backport (cups) [since FEDORA-2005-1142]
+CVE-2005-3627 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
+CVE-2005-3627 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3627 backport (xpdf) [since FEDORA-2005-027]
CVE-2005-3627 backport (tetex) [since FEDORA-2006-028]
-CVE-2005-3627 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3627 backport (cups) [since FEDORA-2006-010]
-CVE-2005-3627 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
+CVE-2005-3626 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
+CVE-2005-3626 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3626 backport (xpdf) [since FEDORA-2005-027]
CVE-2005-3626 backport (tetex) [since FEDORA-2006-028]
-CVE-2005-3626 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3626 backport (cups) [since FEDORA-2006-010]
-CVE-2005-3626 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
+CVE-2005-3625 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
+CVE-2005-3625 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3625 backport (xpdf) [since FEDORA-2005-027]
CVE-2005-3625 backport (tetex) [since FEDORA-2006-028]
-CVE-2005-3625 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3625 backport (cups) [since FEDORA-2006-010]
-CVE-2005-3625 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
+CVE-2005-3624 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
+CVE-2005-3624 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
CVE-2005-3624 backport (xpdf) [since FEDORA-2005-027]
CVE-2005-3624 backport (tetex) [since FEDORA-2006-028]
-CVE-2005-3624 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
-CVE-2005-3624 version (poppler, fixed 0.4.4) [since FEDORA-2005-026]
CVE-2005-3624 backport (cups) [since FEDORA-2006-010]
CVE-2005-3623 version (kernel, fixed 2.6.14.5) [since FEDORA-2006-077] was backport since FEDORA-2006-013
CVE-2005-3582 version (ImageMagick) gentoo only
@@ -204,20 +204,20 @@
CVE-2005-3243 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
CVE-2005-3242 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
CVE-2005-3241 version (ethereal, fixed 0.10.13) [since FEDORA-2005-1011]
-CVE-2005-3193 backport (xpdf) [since FEDORA-2005-1169]
-CVE-2005-3193 backport (tetex) [since FEDORA-2005-1126]
CVE-2005-3193 version (poppler, fixed 0.4.4) [since FEDORA-2005-026] was backport since FEDORA-2005-1171
CVE-2005-3193 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
+CVE-2005-3193 backport (xpdf) [since FEDORA-2005-1169]
+CVE-2005-3193 backport (tetex) [since FEDORA-2005-1126]
CVE-2005-3193 backport (cups) [since FEDORA-2005-1142]
-CVE-2005-3192 backport (xpdf) [since FEDORA-2005-1169]
-CVE-2005-3192 backport (tetex) [since FEDORA-2005-1126]
CVE-2005-3192 version (poppler, fixed 0.4.4) [since FEDORA-2005-026] was backport since FEDORA-2005-1171
CVE-2005-3192 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
+CVE-2005-3192 backport (xpdf) [since FEDORA-2005-1169]
+CVE-2005-3192 backport (tetex) [since FEDORA-2005-1126]
CVE-2005-3192 backport (cups) [since FEDORA-2005-1142]
-CVE-2005-3191 backport (xpdf) [since FEDORA-2005-1169]
-CVE-2005-3191 backport (tetex) [since FEDORA-2005-1126]
CVE-2005-3191 version (poppler, fixed 0.4.4) [since FEDORA-2005-026] was backport since FEDORA-2005-1171
CVE-2005-3191 version (kdegraphics, fixed 3.5.1) [since FEDORA-2006-088] was backport since FEDORA-2005-1160
+CVE-2005-3191 backport (xpdf) [since FEDORA-2005-1169]
+CVE-2005-3191 backport (tetex) [since FEDORA-2005-1126]
CVE-2005-3191 backport (cups) [since FEDORA-2005-1142]
CVE-2005-3186 backport (gtk2) [since FEDORA-2005-1088]
CVE-2005-3186 backport (gdk-pixbuf) [since FEDORA-2005-1085]
Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.87
retrieving revision 1.88
diff -u -r1.87 -r1.88
--- fc5 21 Mar 2006 01:05:26 -0000 1.87
+++ fc5 21 Mar 2006 15:48:32 -0000 1.88
@@ -47,34 +47,34 @@
CVE-2006-0377 version (squirrelmail, fixed 1.4.6)
CVE-2006-0369 ignore (mysql) this is not a security issue
CVE-2006-0321 version (fetchmail, fixed 6.3.2)
-CVE-2006-0301 backport (xpdf) xpdf-3.01pl2.patch
CVE-2006-0301 version (poppler, fixed 0.4.5)
+CVE-2006-0301 backport (xpdf) xpdf-3.01pl2.patch
CVE-2006-0301 backport (kdegraphics) post-3.5.1-kdegraphics-CVE-2006-0301.diff
CVE-2006-0300 VULNERABLE (tar) [fixed rawhide in tar-1.15.1-13]
-CVE-2006-0299 version (firefox, fixed 1.5.0.1)
-CVE-2006-0299 version (mozilla, 1.8 branch only)
CVE-2006-0299 version (thunderbird, fixed 1.5)
-CVE-2006-0298 version (firefox, fixed 1.5.0.1)
-CVE-2006-0298 version (mozilla, 1.8 branch only)
+CVE-2006-0299 version (mozilla, 1.8 branch only)
+CVE-2006-0299 version (firefox, fixed 1.5.0.1)
CVE-2006-0298 version (thunderbird, fixed 1.5)
-CVE-2006-0297 version (firefox, fixed 1.5.0.1)
-CVE-2006-0297 version (mozilla, 1.8 branch only)
+CVE-2006-0298 version (mozilla, 1.8 branch only)
+CVE-2006-0298 version (firefox, fixed 1.5.0.1)
CVE-2006-0297 version (thunderbird, fixed 1.5)
+CVE-2006-0297 version (mozilla, 1.8 branch only)
+CVE-2006-0297 version (firefox, fixed 1.5.0.1)
+CVE-2006-0296 version (thunderbird, fixed 1.5)
CVE-2006-0296 version (firefox, fixed 1.5.0.1)
CVE-2006-0296 backport (mozilla) mozilla-1.7.12-CVE-2006-0296-XULDocument.persist.patch
-CVE-2006-0296 version (thunderbird, fixed 1.5)
-CVE-2006-0295 version (firefox, fixed 1.5.0.1)
-CVE-2006-0295 version (mozilla, 1.8 branch only)
CVE-2006-0295 version (thunderbird, fixed 1.5)
-CVE-2006-0294 version (firefox, fixed 1.5.0.1)
-CVE-2006-0294 version (mozilla, 1.8 branch only)
+CVE-2006-0295 version (mozilla, 1.8 branch only)
+CVE-2006-0295 version (firefox, fixed 1.5.0.1)
CVE-2006-0294 version (thunderbird, fixed 1.5)
-CVE-2006-0293 version (firefox, fixed 1.5.0.1)
-CVE-2006-0293 version (mozilla, 1.8 branch only)
+CVE-2006-0294 version (mozilla, 1.8 branch only)
+CVE-2006-0294 version (firefox, fixed 1.5.0.1)
CVE-2006-0293 version (thunderbird, fixed 1.5)
+CVE-2006-0293 version (mozilla, 1.8 branch only)
+CVE-2006-0293 version (firefox, fixed 1.5.0.1)
+CVE-2006-0292 version (thunderbird, fixed 1.5)
CVE-2006-0292 version (firefox, fixed 1.5.1)
CVE-2006-0292 backport (mozilla) mozilla-1.7.12-CVE-2006-0292-javascript-unrooted.patch
-CVE-2006-0292 version (thunderbird, fixed 1.5)
CVE-2006-0254 backport (tomcat5, fixed 5.5.16) **check this**
CVE-2006-0236 ignore (thunderbird) windows only
CVE-2006-0225 version (openssh, fixed 4.3p2)
@@ -95,10 +95,10 @@
CVE-2006-0036 backport (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6
CVE-2006-0035 backport (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6
CVE-2006-0019 version (kdelibs, fixed 3.5.1)
-CVE-2005-4703 ignore (tomcat) windows only
-CVE-2005-4720 VULNERABLE (mozilla) not fixed upstream plus only DoS
-CVE-2005-4720 version (firefox, fixed 1.5)
CVE-2005-4720 version (thunderbird, fixed 1.5)
+CVE-2005-4720 version (firefox, fixed 1.5)
+CVE-2005-4720 VULNERABLE (mozilla) not fixed upstream plus only DoS
+CVE-2005-4703 ignore (tomcat) windows only
CVE-2005-4685 VULNERABLE (mozilla) not fixed upstream
CVE-2005-4685 VULNERABLE (firefox) not fixed upstream
CVE-2005-4684 ignore (kdebase) not fixed upstream, low, can't fix
@@ -115,8 +115,8 @@
CVE-2005-4158 ignore (sudo) only env_reset will properly clean the environment
CVE-2005-4154 ignore (php) don't install untrusted pear packages
CVE-2005-4153 backport (mailman) mailman-2.1.5-date_overflows.patch
-CVE-2005-4134 backport (mozilla) mozilla-1.7.12-CVE-2005-4134-long-history-dos.patch
CVE-2005-4134 ignore (firefox) http://www.mozilla.org/security/history-title.html
+CVE-2005-4134 backport (mozilla) mozilla-1.7.12-CVE-2005-4134-long-history-dos.patch
CVE-2005-4130 ignore (HelixPlayer) not verified
CVE-2005-4126 ignore (HelixPlayer) not verified
CVE-2005-4077 version (curl, fixed 7.15.1)
@@ -147,30 +147,30 @@
CVE-2005-3632 version (netpbm)
CVE-2005-3631 version (udev)
CVE-2005-3629 version (initscripts, fixed 8.29 at least)
-CVE-2005-3628 backport (xpdf) xpdf-3.01pl2.patch
-CVE-2005-3628 backport (tetex) tetex-3.0-CVE-2005-3193.patch
CVE-2005-3628 version (poppler, fixed 0.4.4)
CVE-2005-3628 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3628 backport (xpdf) xpdf-3.01pl2.patch
+CVE-2005-3628 backport (tetex) tetex-3.0-CVE-2005-3193.patch
CVE-2005-3628 backport (cups) cups-CVE-2005-3625,6,7.patch
-CVE-2005-3627 backport (xpdf) xpdf-3.01pl2.patch
-CVE-2005-3627 backport (tetex)
CVE-2005-3627 version (poppler, fixed 0.4.4)
CVE-2005-3627 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3627 backport (xpdf) xpdf-3.01pl2.patch
+CVE-2005-3627 backport (tetex)
CVE-2005-3627 backport (cups) cups-CVE-2005-3625,6,7.patch
-CVE-2005-3626 backport (xpdf) xpdf-3.01pl2.patch
-CVE-2005-3626 backport (tetex)
CVE-2005-3626 version (poppler, fixed 0.4.4)
CVE-2005-3626 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3626 backport (xpdf) xpdf-3.01pl2.patch
+CVE-2005-3626 backport (tetex)
CVE-2005-3626 backport (cups) cups-CVE-2005-3625,6,7.patch
-CVE-2005-3625 backport (xpdf) xpdf-3.01pl2.patch
-CVE-2005-3625 backport (tetex)
CVE-2005-3625 version (poppler, fixed 0.4.4)
CVE-2005-3625 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3625 backport (xpdf) xpdf-3.01pl2.patch
+CVE-2005-3625 backport (tetex)
CVE-2005-3625 backport (cups) cups-CVE-2005-3625,6,7.patch
-CVE-2005-3624 backport (xpdf) xpdf-3.01pl2.patch
-CVE-2005-3624 backport (tetex)
CVE-2005-3624 version (poppler, fixed 0.4.4)
CVE-2005-3624 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3624 backport (xpdf) xpdf-3.01pl2.patch
+CVE-2005-3624 backport (tetex)
CVE-2005-3624 backport (cups) cups-CVE-2005-3625,6,7.patch
CVE-2005-3623 version (kernel, fixed 2.6.14.5)
CVE-2005-3582 version (ImageMagick) gentoo only
@@ -209,21 +209,21 @@
CVE-2005-3243 version (ethereal, fixed 0.10.13)
CVE-2005-3242 version (ethereal, fixed 0.10.13)
CVE-2005-3241 version (ethereal, fixed 0.10.13)
+CVE-2005-3193 version (poppler, fixed 0.4.4)
+CVE-2005-3193 version (kdegraphics, fixed 3.5.1)
CVE-2005-3193 backport (xpdf) xpdf-3.01pl2.patch
CVE-2005-3193 backport (tetex) tetex-3.0-CVE-2005-3193.patch
CVE-2005-3193 backport (cups) cups-CVE-2005-3625,6,7.patch
-CVE-2005-3193 version (poppler, fixed 0.4.4)
-CVE-2005-3193 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3192 version (poppler, fixed 0.4.4)
+CVE-2005-3192 version (kdegraphics, fixed 3.5.1)
CVE-2005-3192 backport (xpdf) xpdf-3.01pl2.patch
CVE-2005-3192 backport (tetex) tetex-3.0-CVE-2005-3193.patch
CVE-2005-3192 backport (cups) cups-CVE-2005-3625,6,7.patch
-CVE-2005-3192 version (poppler, fixed 0.4.4)
-CVE-2005-3192 version (kdegraphics, fixed 3.5.1)
+CVE-2005-3191 version (poppler, fixed 0.4.4)
+CVE-2005-3191 version (kdegraphics, fixed 3.5.1)
CVE-2005-3191 backport (xpdf) xpdf-3.01pl2.patch
CVE-2005-3191 backport (tetex) tetex-3.0-CVE-2005-3193.patch
CVE-2005-3191 backport (cups) cups-CVE-2005-3625,6,7.patch
-CVE-2005-3191 version (poppler, fixed 0.4.4)
-CVE-2005-3191 version (kdegraphics, fixed 3.5.1)
CVE-2005-3186 version (gtk2, fixed 2.8.7 at least)
CVE-2005-3186 backport (gdk-pixbuf)
CVE-2005-3185 version (wget, fixed 1.10.2 at least)
More information about the scm-commits
mailing list