fedora-security/audit fc5,1.364,1.365

Mark Cox (mjc) fedora-extras-commits at redhat.com
Mon Oct 23 08:15:33 UTC 2006 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11867

Modified Files:
	fc5 
Log Message:
Add mutt, fixup after php release



Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.364
retrieving revision 1.365
diff -u -r1.364 -r1.365
--- fc5	20 Oct 2006 12:37:20 -0000	1.364
+++ fc5	23 Oct 2006 08:15:29 -0000	1.365
@@ -1,11 +1,11 @@
-Up to date CVE as of CVE email 20061016
+Up to date CVE as of CVE email 20061022
 Up to date FC5 as of 20061016
 
 ** are items that need attention
 
 CVE-2006-5331 VULNERABLE (kernel, fixed after 2.6.19-rc2)
-CVE-2006-5298 ** mutt
-CVE-2006-5297 ** mutt
+CVE-2006-5298 VULNERABLE (mutt)
+CVE-2006-5297 VULNERABLE (mutt)
 CVE-2006-5229 ignore (openssh) reported not an issue
 CVE-2006-5215 VULNERABLE (xorg-x11-xdm)
 CVE-2006-5215 VULNERABLE (xorg-x11-xinit)
@@ -27,15 +27,15 @@
 CVE-2006-5051 backport (openssh, fixed 4.4) [since FEDORA-2006-1011]
 CVE-2006-4997 version (kernel, fixed 2.6.18) [since FEDORA-2006-1022]
 CVE-2006-4980 VULNERABLE (python) #208166
-CVE-2006-4925 ** openssh
+CVE-2006-4925 ignore (openssh) client crash only
 CVE-2006-4924 backport (openssh) #207957 [since FEDORA-2006-1011]
 CVE-2006-4842 ignore (nspr) Nothing setuid links with nspr
 CVE-2006-4813 version (kernel, fixed 2.6.13)
-CVE-2006-4812 VULNERABLE (php) [since FEDORA-2006-1024]
+CVE-2006-4812 backport (php) [since FEDORA-2006-1024] **
 CVE-2006-4811 VULNERABLE (kdelibs) #211342
 CVE-2006-4790 backport (gnutls, fixed 1.4.4) [since FEDORA-2006-974]
 CVE-2006-4663 ignore (kernel) not a vulnerability
-CVE-2006-4625 VULNERABLE (php)
+CVE-2006-4625 version (php, fixed 5.1.6) [since FEDORA-2006-1024]
 CVE-2006-4624 VULNERABLE (mailman, fixed 2.1.9rc1) #205652
 CVE-2006-4623 version (kernel, fixed 2.6.18-rc1) [since FEDORA-2006-1022]
 CVE-2006-4600 VULNERABLE (openldap, fixed 2.3.25) #205827
@@ -60,12 +60,12 @@
 CVE-2006-4538 version (kernel, fixed 2.6.18) [since FEDORA-2006-1022] ia64 and sparc only
 CVE-2006-4535 version (kernel, fixed 2.6.17.12, fixed 2.6.18-rc6) [since FEDORA-2006-967]
 CVE-2006-4507 ignore (libtiff) can't reproduce
-CVE-2006-4486 VULNERABLE (php, fixed 5.1.6) [since FEDORA-2006-1024]
-CVE-2006-4485 VULNERABLE (php, fixed 5.1.5) [since FEDORA-2006-1024]
-CVE-2006-4484 ignore (php, fixed 5.1.5) [since FEDORA-2006-1024]
+CVE-2006-4486 version (php, fixed 5.1.6) [since FEDORA-2006-1024]
+CVE-2006-4485 version (php, fixed 5.1.5) [since FEDORA-2006-1024]
+CVE-2006-4484 version (php, fixed 5.1.5) [since FEDORA-2006-1024] also ignore
 CVE-2006-4484 ignore (gd)
 CVE-2006-4483 ignore (php) not linux
-CVE-2006-4482 VULNERABLE (php, fixed 5.1.5) [#204995] [since FEDORA-2006-1024]
+CVE-2006-4482 version (php, fixed 5.1.5) #204995 [since FEDORA-2006-1024]
 CVE-2006-4481 ignore (php) safe mode isn't safe
 CVE-2006-4455 ignore (xchat) client DoS
 CVE-2006-4447 ignore (xorg) not a security issue
@@ -81,7 +81,7 @@
 CVE-2006-4336 version (gzip) #207643 [since FEDORA-2006-993]
 CVE-2006-4335 version (gzip) #207643 [since FEDORA-2006-993]
 CVE-2006-4334 version (gzip) #207643 [since FEDORA-2006-993]
-CVE-2006-4433 VULNERABLE (php, fixed 5.1.4)
+CVE-2006-4433 version (php, fixed 5.1.4) [since FEDORA-2006-1024]
 CVE-2006-4333 version (wireshark, fixed 0.99.3) [since FEDORA-2006-936]
 CVE-2006-4332 version (wireshark, fixed 0.99.3) [since FEDORA-2006-936]
 CVE-2006-4331 version (wireshark, fixed 0.99.3) [since FEDORA-2006-936]
@@ -99,7 +99,7 @@
 CVE-2006-4095 version (bind) [since FEDORA-2006-418] was backport since FEDORA-2006-966
 CVE-2006-4093 version (kernel, fixed 2.6.17.9) [since FEDORA-2006-967]
 CVE-2006-4031 VULNERABLE (mysql, fixed 5.0.24) #202247
-CVE-2006-4020 VULNERABLE (php) #201767 [since FEDORA-2006-1024]
+CVE-2006-4020 version (php) #201767 [since FEDORA-2006-1024]
 CVE-2006-4019 version (squirrelmail, fixed 1.4.8) #202196 [since FEDORA-2006-913]
 CVE-2006-3918 version httpd, fixed 2.2.2 [since FEDORA-2006-364]
 CVE-2006-3879 version (mikmod, not 3.1.6)
@@ -203,9 +203,9 @@
 CVE-2006-3081 version (mysql, fixed 5.1.18) [since FEDORA-2006-702]
 CVE-2006-3057 version (dhcdbd, fixed 1.14) [since FEDORA-2006-609]
 CVE-2006-3018 ignore (php, fixed 5.1.3) no verification of flaw
-CVE-2006-3017 VULNERABLE (php, fixed 5.1.3) #197379
-CVE-2006-3016 VULNERABLE (php, fixed 5.1.3)
-CVE-2006-3011 VULNERABLE (php) (safe mode isn't)
+CVE-2006-3017 version (php, fixed 5.1.3) #197379 [since FEDORA-2006-1024]
+CVE-2006-3016 version (php, fixed 5.1.3) [since FEDORA-2006-1024]
+CVE-2006-3011 version (php, fixed 5.1.5) [since FEDORA-2006-1024]
 CVE-2006-3005 ignore (libjpeg) not a vuln
 CVE-2006-2941 VULNERABLE (mailman, fixed 2.1.9)
 CVE-2006-2940 backport (openssl, fixed 0.9.8d) [since FEDORA-2006-1004]
@@ -533,8 +533,8 @@
 CVE-2006-0035 version (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6 [since FEDORA-2006-233]
 CVE-2006-0019 version (kdelibs, fixed 3.5.1)
 CVE-2005-4811 version (kernel, fixed 2.6.13)
-CVE-2005-4809 ** firefox
-CVE-2005-4809 ** seamonkey
+CVE-2005-4809 VULNERABLE (firefox)
+CVE-2005-4809 VULNERABLE (seamonkey)
 CVE-2005-4808 ignore (binutils, gas fixed 20050714) this is a bug
 CVE-2005-4807 ignore (binutils, gas fixed 20050721) this is a bug
 CVE-2005-4798 version (kernel, not 2.6)

More information about the scm-commits mailing list