fedora-security/audit fc5,1.320,1.321 fc6,1.77,1.78
Mark Cox (mjc)
fedora-extras-commits at redhat.com
Wed Sep 13 09:42:49 UTC 2006
Author: mjc
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv18300
Modified Files:
fc5 fc6
Log Message:
More daily updates
Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.320
retrieving revision 1.321
diff -u -r1.320 -r1.321
--- fc5 12 Sep 2006 13:46:56 -0000 1.320
+++ fc5 13 Sep 2006 09:42:46 -0000 1.321
@@ -1,9 +1,10 @@
-Up to date CVE as of CVE email 20060910
-Up to date FC5 as of 20060910
+Up to date CVE as of CVE email 20060912
+Up to date FC5 as of 20060912
** are items that need attention
CVE-2006-4663 ignore (kernel) not a vulnerability
+CVE-2006-4625 VULNERABLE (php)
CVE-2006-4624 VULNERABLE (mailman, fixed 2.1.9rc1) #205652
CVE-2006-4623 VULNERABLE (kernel)
CVE-2006-4600 VULNERABLE (openldap, fixed 2.3.25) #205827
@@ -40,8 +41,8 @@
CVE-2006-4146 VULNERABLE (gdb) #204845
CVE-2006-4145 VULNERABLE (kernel, fixed 2.6.17.10)
CVE-2006-4144 backport (ImageMagick, fixed 6.2.9) #202773 [since FEDORA-2006-929]
-CVE-2006-4096 ** bind
-CVE-2006-4095 ** bind [since FEDORA-2006-966]
+CVE-2006-4096 backport (bind) [since FEDORA-2006-966] bind-9.3.2-rrsig.patch
+CVE-2006-4095 backport (bind) [since XXXX] bind-9.3.2-bz173961.patch
CVE-2006-4093 VULNERABLE (kernel, fixed 2.6.17.9)
CVE-2006-4031 VULNERABLE (mysql, fixed 5.0.24) #202247
CVE-2006-4020 VULNERABLE (php) #201767
@@ -92,6 +93,8 @@
CVE-2006-3744 backport (ImageMagick) #202193 [since FEDORA-2006-929]
CVE-2006-3743 backport (ImageMagick) #202193 [since FEDORA-2006-929]
CVE-2006-3742 backport (kdebase) #201507 [since FEDORA-2006-942]
+CVE-2006-3740 VULNERABLE (xorg-x11)
+CVE-2006-3739 VULNERABLE (xorg-x11)
CVE-2006-3731 ignore (firefox) just a user complicit crash
CVE-2006-3694 backport (ruby, fixed 1.8.5) #199538 #199543 [since FEDORA-2006-849]
CVE-2006-3677 version (firefox, fixed 1.5.0.5) [since FEDORA-2006-902]
@@ -349,7 +352,7 @@
CVE-2006-1516 version (mysql, fixed 5.0.21) #190870 [since FEDORA-2006-553]
CVE-2006-1494 version (php) #189592 [since FEDORA-2006-289]
CVE-2006-1490 version (php, fixed 5.1.4) [since FEDORA-2006-289]
-CVE-2006-1470 VULNERABLE (openldap) #197278
+CVE-2006-1470 version (openldap, not 2.3.24 at least) #197278
CVE-2006-1368 version (kernel, fixed 2.6.16) [since FEDORA-2006-233]
CVE-2006-1354 VULNERABLE (freeradius, fixed 1.1.2 at least) bz#186084
CVE-2006-1343 version (kernel, fixed 2.6.16.19) [since FEDORA-2006-698]
@@ -1822,7 +1825,7 @@
CVE-2002-2215 version (php, fixed 4.3.0)
CVE-2002-2214 version (php, fixed 4.2.2)
-CVE-2002-2211 ** bind
+CVE-2002-2211 ignore (bind) see http://www.kb.cert.org/vuls/id/457875
CVE-2002-2210 ignore (openoffice) binary install only (not rpm install)
CVE-2002-2204 ignore (rpm) by design
CVE-2002-2196 version (samba, fixed 2.2.5)
Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.77
retrieving revision 1.78
diff -u -r1.77 -r1.78
--- fc6 12 Sep 2006 13:46:56 -0000 1.77
+++ fc6 13 Sep 2006 09:42:47 -0000 1.78
@@ -1,9 +1,10 @@
-Up to date CVE as of CVE email 20060910
+Up to date CVE as of CVE email 20060912
Up to date FC6 as of Test3-re20060906.0
** are items that need attention
CVE-2006-4663 ignore (kernel) not a vulnerability
+CVE-2006-4625 VULNERABLE (php)
CVE-2006-4624 VULNERABLE (mailman, fixed 2.1.9rc1)
CVE-2006-4623 VULNERABLE (kernel)
CVE-2006-4600 version (openldap, fixed 2.3.25)
@@ -80,6 +81,8 @@
CVE-2006-3744 backport (ImageMagick)
CVE-2006-3743 backport (ImageMagick)
CVE-2006-3742 backport (kdebase) inside kdebase-3.5.4-2-redhat.patch
+CVE-2006-3740 VULNERABLE (xorg-x11)
+CVE-2006-3739 VULNERABLE (xorg-x11)
CVE-2006-3731 ignore (firefox) just a user complicit crash
CVE-2006-3694 version (ruby, fixed 1.8.5)
CVE-2006-3677 version (firefox, fixed 1.5.0.5)
@@ -305,7 +308,7 @@
CVE-2006-1516 version (mysql, fixed 5.0.21)
CVE-2006-1494 version (php)
CVE-2006-1490 version (php, fixed 5.1.4)
-CVE-2006-1470 VULNERABLE (openldap) bz#202691
+CVE-2006-1470 version (openldap, not 2.3.24 at least)
CVE-2006-1368 version (kernel, fixed 2.6.16)
CVE-2006-1354 version (freeradius, fixed 1.1.2 at least)
CVE-2006-1343 version (kernel, fixed 2.6.16.19)
More information about the scm-commits
mailing list