fedora-security/audit fc5,1.390,1.391
Mark Cox (mjc)
fedora-extras-commits at redhat.com
Wed Nov 15 10:25:43 UTC 2006
Author: mjc
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5212
Modified Files:
fc5
Log Message:
CVE updates, fix consistency
Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.390
retrieving revision 1.391
diff -u -r1.390 -r1.391
--- fc5 14 Nov 2006 18:09:26 -0000 1.390
+++ fc5 15 Nov 2006 10:25:39 -0000 1.391
@@ -1,10 +1,10 @@
Up to date CVE as of CVE email 20061112
-Up to date FC5 as of 20061112
+Up to date FC5 as of 20061114
** are items that need attention
CVE-2006-5823 version (kernel) [since FEDORA-2006-1221]
-CVE-2006-5794 VULNERABLE (openssh, fixed 4.5) [#214641]
+CVE-2006-5794 VULNERABLE (openssh, fixed 4.5) #214641
CVE-2006-5783 ignore (firefox) disputed
CVE-2006-5757 version (kernel) [since FEDORA-2006-1221]
CVE-2006-5748 version (thunderbird) [since FEDORA-2006-1194]
@@ -23,26 +23,27 @@
CVE-2006-5469 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1141]
CVE-2006-5468 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1141]
CVE-2006-5467 backport (ruby) #212396 [since FEDORA-2006-1110]
+CVE-2006-5466 VULNERABLE (rpm) #212833
+CVE-2006-5465 backport (php, fixed 5.2.0) #213732 [since FEDORA-2006-1168]
CVE-2006-5464 version (thunderbird) [since FEDORA-2006-1194]
CVE-2006-5464 version (firefox) [since FEDORA-2006-1199]
CVE-2006-5463 version (thunderbird) [since FEDORA-2006-1194]
CVE-2006-5463 version (firefox) [since FEDORA-2006-1199]
CVE-2006-5462 version (thunderbird) [since FEDORA-2006-1194]
CVE-2006-5462 version (firefox) [since FEDORA-2006-1199]
-CVE-2006-5466 VULNERABLE (rpm) #212833
-CVE-2006-5465 backport (php, fixed 5.2.0) #213732 [since FEDORA-2006-1168]
+CVE-2006-5461 VULNERABLE (avahi, fixed 0.6.15)
CVE-2006-5456 VULNERABLE (ImageMagick) #210921
CVE-2006-5397 version (libX11, 1.0.2 and 1.0.3 only)
CVE-2006-5331 VULNERABLE (kernel, fixed 2.6.19-rc3)
CVE-2006-5298 backport (mutt) [since FEDORA-2006-1061]
CVE-2006-5297 backport (mutt) [since FEDORA-2006-1061]
CVE-2006-5229 ignore (openssh) reported not an issue
-CVE-2006-5215 VULNERABLE (xorg-x11-xdm) bz#212167
-CVE-2006-5215 VULNERABLE (xorg-x11-xinit) bz#212167
-CVE-2006-5215 VULNERABLE (kdebase) bz#212166
-CVE-2006-5214 VULNERABLE (xorg-x11-xdm) bz#212167
-CVE-2006-5214 VULNERABLE (xorg-x11-xinit) bz#212167
-CVE-2006-5214 VULNERABLE (kdebase) bz#212166
+CVE-2006-5215 VULNERABLE (xorg-x11-xdm) #212167
+CVE-2006-5215 VULNERABLE (xorg-x11-xinit) #212167
+CVE-2006-5215 VULNERABLE (kdebase) #212166
+CVE-2006-5214 VULNERABLE (xorg-x11-xdm) #212167
+CVE-2006-5214 VULNERABLE (xorg-x11-xinit) #212167
+CVE-2006-5214 VULNERABLE (kdebase) #212166
CVE-2006-5178 VULNERABLE (php) can't be fixed
CVE-2006-5174 ignore (kernel, fixed 2.6.19-rc1) s390 only
CVE-2006-5173 version (kernel, fixed 2.6.18) [since FEDORA-2006-1022] protected by exec-shield
@@ -422,10 +423,10 @@
CVE-2006-1624 ignore (sysklogd) Silly configuration is not a security issue
CVE-2006-1608 ignore (php) safe mode isn't safe
CVE-2006-1549 ignore (php) this is not a security issue
-CVE-2006-1548 VULNERABLE (struts, fixed 1.2.9) bz#187544
-CVE-2006-1547 VULNERABLE (struts, fixed 1.2.9) bz#187544
-CVE-2006-1546 VULNERABLE (struts, fixed 1.2.9) bz#187544
-CVE-2006-1542 backport (python) bz#169046 [since FEDORA-2006-689]
+CVE-2006-1548 VULNERABLE (struts, fixed 1.2.9) #187544
+CVE-2006-1547 VULNERABLE (struts, fixed 1.2.9) #187544
+CVE-2006-1546 VULNERABLE (struts, fixed 1.2.9) #187544
+CVE-2006-1542 backport (python) #169046 [since FEDORA-2006-689]
CVE-2006-1531 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
CVE-2006-1531 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
CVE-2006-1530 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
@@ -434,7 +435,7 @@
CVE-2006-1529 version (firefox, fixed 1.5.0.2) [since FEDORA-2006-411]
CVE-2006-1528 version (kernel, fixed 2.6.13)
CVE-2006-1527 version (kernel, fixed 2.6.16.13, fixed 2.6.17-rc4) [since FEDORA-2006-499]
-CVE-2006-1526 backport (xorg-x11-server, fixed 1.1.1 at least) bz#189802 [since FEDORA-2006-483] xorg-x11-server-1.0.1-render-tris-CVE-2006-1526.patch
+CVE-2006-1526 backport (xorg-x11-server, fixed 1.1.1 at least) #189802 [since FEDORA-2006-483] xorg-x11-server-1.0.1-render-tris-CVE-2006-1526.patch
CVE-2006-1525 version (kernel, fixed 2.6.16.8) [since FEDORA-2006-421]
CVE-2006-1524 version (kernel, fixed 2.6.16.7) [since FEDORA-2006-421]
CVE-2006-1523 version (kernel, fixed 2.6.16.4) [since FEDORA-2006-421]
@@ -446,11 +447,11 @@
CVE-2006-1490 version (php, fixed 5.1.4) [since FEDORA-2006-289]
CVE-2006-1470 version (openldap, not 2.3.24 at least) #197278
CVE-2006-1368 version (kernel, fixed 2.6.16) [since FEDORA-2006-233]
-CVE-2006-1354 VULNERABLE (freeradius, fixed 1.1.2 at least) bz#186084
+CVE-2006-1354 VULNERABLE (freeradius, fixed 1.1.2 at least) #186084
CVE-2006-1343 version (kernel, fixed 2.6.16.19) [since FEDORA-2006-698]
CVE-2006-1342 version (kernel, not 2.6) not vulnerable
CVE-2006-1335 version (gnome-screensaver, fixed 2.14)
-CVE-2006-1296 version (beagle, fixed 0.2.4) bz#185981 [since FEDORA-2006-305] was backport since FEDORA-2006-188
+CVE-2006-1296 version (beagle, fixed 0.2.4) #185981 [since FEDORA-2006-305] was backport since FEDORA-2006-188
CVE-2006-1273 ignore (firefox) this issue only affects IE
CVE-2006-1244 ignore (xpdf) duplicate of other cve named issues
CVE-2006-1242 version (kernel, fixed 2.6.16.1) [since FEDORA-2006-233]
@@ -462,16 +463,16 @@
CVE-2006-1078 ignore (httpd) not a vulnerability
CVE-2006-1066 version (kernel, fixed 2.6.16) [since FEDORA-2006-233]
CVE-2006-1061 version (curl, fixed 7.15.3) [since FEDORA-2006-933] was backport since FEDORA-2006-189
-CVE-2006-1059 version (samba, fixed 3.0.22 at least) bz#187170 [since FEDORA-2006-259]
-CVE-2006-1058 backport (busybox) bz#187386 [since FEDORA-2006-510]
-CVE-2006-1057 version (gdm, fixed 2.14.1) bz#188303 [since FEDORA-2006-338]
+CVE-2006-1059 version (samba, fixed 3.0.22 at least) #187170 [since FEDORA-2006-259]
+CVE-2006-1058 backport (busybox) #187386 [since FEDORA-2006-510]
+CVE-2006-1057 version (gdm, fixed 2.14.1) #188303 [since FEDORA-2006-338]
CVE-2006-1056 version (kernel, fixed 2.6.16.9) [since FEDORA-2006-421]
CVE-2006-1055 version (kernel, fixed 2.6.17-rc1) [since FEDORA-2006-421]
CVE-2006-1052 version (kernel, fixed 2.6.16) [since FEDORA-2006-421] was patch-2.6.16-rc6 since FEDORA-2006-233
CVE-2006-1045 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
CVE-2006-1015 ignore (php) safe mode isn't safe
CVE-2006-1014 ignore (php) safe mode isn't safe
-CVE-2006-0996 version (php, fixed 5.1.4) bz#187511 [since FEDORA-2006-289]
+CVE-2006-0996 version (php, fixed 5.1.4) #187511 [since FEDORA-2006-289]
CVE-2006-0903 version (mysql, 4.1.19) #183261 [since FEDORA-2006-553]
CVE-2006-0884 version (thunderbird, fixed 1.5.0.2) [since FEDORA-2006-490]
CVE-2006-0836 ignore (thunderbird) only crash on manual import
@@ -724,7 +725,7 @@
CVE-2005-3089 version (firefox, fixed 1.0.7)
CVE-2005-3088 ignore (fetchmail) fetchmailconf not shipped
CVE-2005-3055 version (kernel, fixed 2.6.14 at least)
-CVE-2005-3054 ignore (php) see bz#169857
+CVE-2005-3054 ignore (php) see #169857
CVE-2005-3053 version (kernel)
CVE-2005-3044 version (kernel, fixed 2.6.13.2)
CVE-2005-3011 backport (texinfo) texinfo-CAN-2005-3011.patch
@@ -1104,7 +1105,7 @@
CVE-2005-0468 backport (telnet) telnet-0.17-CAN-2005-468_469.patch
CVE-2005-0455 version (HelixPlayer, fixed 1.0.3)
CVE-2005-0449 version (kernel, fixed 2.6.11)
-CVE-2005-0448 version (perl, fixed 5.8.6) bz#173793
+CVE-2005-0448 version (perl, fixed 5.8.6) #173793
CVE-2005-0446 version (squid, fixed 2.5.STABLE9)
CVE-2005-0404 ignore (kde) won't fix http://bugs.kde.org/show_bug.cgi?id=96020
CVE-2005-0403 version (kernel) not upstream
@@ -1241,7 +1242,7 @@
CVE-2004-2541 ignore (cscope) blocked by FORTIFY_SOURCE
CVE-2004-2536 version (kernel, fixed 2.6.7)
CVE-2004-2531 version (gnutls, fixed 1.0.17)
-CVE-2004-2480 ignore (squid) bz#166523, not reproducable
+CVE-2004-2480 ignore (squid) #166523, not reproducable
CVE-2004-2479 version (squid, fixed 2.5.STABLE8)
CVE-2004-2396 version (passwd, fixed 0.69)
CVE-2004-2395 version (passwd, fixed 0.69)
More information about the scm-commits
mailing list