fedora-security/audit fc5,1.379,1.380 fc6,1.132,1.133

Thu Nov 2 09:11:14 UTC 2006

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22903

Modified Files:
	fc5 fc6 
Log Message:
Updates from last few days; I've not dealt with kde yet since some of
the backports may have gone away with rebase



Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.379
retrieving revision 1.380
diff -u -r1.379 -r1.380

--- fc5	1 Nov 2006 19:06:43 -0000	1.379
+++ fc5	2 Nov 2006 09:11:11 -0000	1.380
@@ -1,17 +1,18 @@
-Up to date CVE as of CVE email 20061029
-Up to date FC5 as of 20061029
+Up to date CVE as of CVE email 20061101
+Up to date FC5 as of 20061101
 
 ** are items that need attention
 
+CVE-2006-5633 ignore (firefox) just a client DoS
 CVE-2006-5619 VULNERABLE (kernel, fixed after 2.6.19-rc3)
-CVE-2006-5595 VULNERABLE (wireshark, fixed 0.99.4)
+CVE-2006-5595 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1141]
 CVE-2006-5542 VULNERABLE (postgresql, fixed 8.1.5) #212360
 CVE-2006-5541 VULNERABLE (postgresql, fixed 8.1.5) #212360
 CVE-2006-5540 VULNERABLE (postgresql, fixed 8.1.5) #212360
-CVE-2006-5470 VULNERABLE (wireshark, fixed 0.99.4)
-CVE-2006-5469 VULNERABLE (wireshark, fixed 0.99.4)
-CVE-2006-5468 VULNERABLE (wireshark, fixed 0.99.4)
-CVE-2006-5467 VULNERABLE (ruby) #212396
+CVE-2006-5470 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1141]
+CVE-2006-5469 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1141]
+CVE-2006-5468 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1141]
+CVE-2006-5467 backport (ruby) #212396 [since FEDORA-2006-1110]
 CVE-2006-5466 VULNERABLE (rpm) #212833
 CVE-2006-5456 VULNERABLE (ImageMagick) #210921
 CVE-2006-5397 version (libX11, 1.0.2 and 1.0.3 only)
@@ -43,14 +44,14 @@
 CVE-2006-4813 version (kernel, fixed 2.6.13)
 CVE-2006-4812 backport (php) [since FEDORA-2006-1024] **
 CVE-2006-4811 version (qt, fixed 3.3.7) #211342 [since FEDORA-2006-1056]
-CVE-2006-4805 VULNERABLE (wireshark, fixed 0.99.4)
+CVE-2006-4805 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1141]
 CVE-2006-4790 backport (gnutls, fixed 1.4.4) [since FEDORA-2006-974]
 CVE-2006-4663 ignore (kernel) not a vulnerability
 CVE-2006-4625 version (php, fixed 5.1.6) [since FEDORA-2006-1024]
 CVE-2006-4624 version (mailman, fixed 2.1.9rc1) #205652 [since FEDORA-2006-1013]
 CVE-2006-4623 version (kernel, fixed 2.6.18-rc1) [since FEDORA-2006-1022]
 CVE-2006-4600 VULNERABLE (openldap, fixed 2.3.25) #205827
-CVE-2006-4574 VULNERABLE (wireshark, fixed 0.99.4)
+CVE-2006-4574 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1141]
 CVE-2006-4573 VULNERABLE (screen) #212057
 CVE-2006-4572 VULNERABLE (kernel, fixed after 2.6.19-rc3)
 CVE-2006-4571 version (thunderbird, fixed 1.5.0.7) [since FEDORA-2006-977]
@@ -1078,6 +1079,7 @@
 CVE-2005-0488 backport (krb5) krb5-1.4.1-telnet-environ.patch
 CVE-2005-0473 version (gaim, fixed 1.1.3)
 CVE-2005-0472 version (gaim, fixed 1.1.3)
+CVE-2005-0470 version (wpa_supplicant, fixed 0.2.7)
 CVE-2005-0469 version (krb5, fixed 1.4.1)
 CVE-2005-0469 backport (telnet) telnet-0.17-CAN-2005-468_469.patch
 CVE-2005-0468 version (krb5, fixed 1.4.1)


Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.132
retrieving revision 1.133
diff -u -r1.132 -r1.133
--- fc6	1 Nov 2006 19:06:43 -0000	1.132
+++ fc6	2 Nov 2006 09:11:11 -0000	1.133
@@ -1,17 +1,18 @@
-Up to date CVE as of CVE email 20061029
-Up to date FC6 as of 20061029
+Up to date CVE as of CVE email 20061101
+Up to date FC6 as of 20061101
 
 ** are items that need attention
 
+CVE-2006-5633 ignore (firefox) just a client DoS
 CVE-2006-5619 VULNERABLE (kernel, fixed after 2.6.19-rc3)
-CVE-2006-5595 VULNERABLE (wireshark, fixed 0.99.4)
+CVE-2006-5595 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
 CVE-2006-5542 VULNERABLE (postgresql, fixed 8.1.5) #212360
 CVE-2006-5541 VULNERABLE (postgresql, fixed 8.1.5) #212360
 CVE-2006-5540 VULNERABLE (postgresql, fixed 8.1.5) #212360
-CVE-2006-5470 VULNERABLE (wireshark, fixed 0.99.4)
-CVE-2006-5469 VULNERABLE (wireshark, fixed 0.99.4)
-CVE-2006-5468 VULNERABLE (wireshark, fixed 0.99.4)
-CVE-2006-5467 VULNERABLE (ruby) #212396
+CVE-2006-5470 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
+CVE-2006-5469 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
+CVE-2006-5468 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
+CVE-2006-5467 backport (ruby) #212396 [since FEDORA-2006-1109]
 CVE-2006-5466 VULNERABLE (rpm) #212833
 CVE-2006-5456 VULNERABLE (ImageMagick) #210921
 CVE-2006-5397 VULNERABLE (libX11, 1.0.2 and 1.0.3 only) bz#213280
@@ -43,14 +44,14 @@
 CVE-2006-4813 version (kernel, fixed 2.6.13)
 CVE-2006-4812 VULNERABLE (php)
 CVE-2006-4811 version (qt, fixed 3.3.7) [since FEDORA-2006-1055]
-CVE-2006-4805 VULNERABLE (wireshark, fixed 0.99.4)
+CVE-2006-4805 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
 CVE-2006-4790 backport (gnutls, fixed 1.4.4)
 CVE-2006-4663 ignore (kernel) not a vulnerability
 CVE-2006-4625 ignore (php) safe mode isn't safe
 CVE-2006-4624 version (mailman, fixed 2.1.9rc1)
 CVE-2006-4623 version (kernel, fixed 2.6.18-rc1)
 CVE-2006-4600 version (openldap, fixed 2.3.25)
-CVE-2006-4574 VULNERABLE (wireshark, fixed 0.99.4)
+CVE-2006-4574 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
 CVE-2006-4573 VULNERABLE (screen) #212057
 CVE-2006-4572 VULNERABLE (kernel, fixed after 2.6.19-rc3)
 CVE-2006-4571 version (thunderbird, fixed 1.5.0.7)
@@ -945,6 +946,7 @@
 CVE-2005-0488 backport (krb5) krb5-1.4.1-telnet-environ.patch
 CVE-2005-0473 version (gaim, fixed 1.1.3)
 CVE-2005-0472 version (gaim, fixed 1.1.3)
+CVE-2005-0470 version (wpa_supplicant, fixed 0.2.7)
 CVE-2005-0469 version (krb5, fixed 1.4.1)
 CVE-2005-0469 backport (telnet) telnet-0.17-CAN-2005-468_469.patch
 CVE-2005-0468 version (krb5, fixed 1.4.1)


