fedora-security/audit fc6,1.196,1.197
Marcel Holtmann (holtmann)
fedora-extras-commits at redhat.com
Mon Jan 22 19:00:48 UTC 2007
Author: holtmann
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6094/audit
Modified Files:
fc6
Log Message:
Update with FEDORA-2007-058 (kernel)
Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.196
retrieving revision 1.197
diff -u -r1.196 -r1.197
--- fc6 18 Jan 2007 09:58:30 -0000 1.196
+++ fc6 22 Jan 2007 19:00:45 -0000 1.197
@@ -17,10 +17,10 @@
CVE-2006-6698 VULNERABLE (GConf2) #219280
CVE-2006-6385 ignore (kernel) windows only
CVE-2006-6383 ignore (php) safe mode isn't safe
-CVE-2006-6333 ignore (kernel, 2.6.19 only)
+CVE-2006-6333 version (kernel, fixed 2.6.19.1) [since FEDORA-2007-058]
CVE-2006-6332 ignore (kernel) no support for madwifi
CVE-2006-6305 ignore (net-snmp) already have the backported patch
-CVE-2006-6304 ignore (kernel, 2.6.19 only)
+CVE-2006-6304 version (kernel, fixed 2.6.19.1) [since FEDORA-2007-058]
CVE-2006-6303 version (ruby, fixed 1.8.5.2) [since FEDORA-2006-1441]
CVE-2006-6297 ignore (kdegraphics) just a crash
CVE-2006-6235 backport (gnupg, fixed 1.4.6) [since FEDORA-2006-1406]
@@ -30,7 +30,7 @@
CVE-2006-6142 backport (squirrelmail) #218297 [since FEDORA-2007-089]
CVE-2006-6128 VULNERABLE (kernel, fixed **)
CVE-2006-6107 VULNERABLE (dbus, fixed 1.0.2) #219665
-CVE-2006-6106 version (kernel, fixed 2.6.18.6) [since FEDORA-2006-1471]
+CVE-2006-6106 version (kernel, fixed 2.6.19.2, fixed 2.6.20-rc5) [since FEDORA-2006-1471]
CVE-2006-6105 version (gdm, fixed 2.14.11) [since FEDORA-2006-1468]
CVE-2006-6104 backport (mono, fixed 1.1.13.8.2) #220853 [since FEDORA-2007-067]
CVE-2006-6097 backport (tar) [since FEDORA-2006-1393]
@@ -38,9 +38,9 @@
CVE-2006-6060 ignore (kernel, fixed 2.6.19-rc2) no NTFS support
CVE-2006-6058 VULNERABLE (kernel, fixed **)
CVE-2006-6057 VULNERABLE (kernel, fixed **)
-CVE-2006-6056 backport (kernel, fixed 2.6.19) [since FEDORA-2006-1471]
-CVE-2006-6054 VULNERABLE (kernel, fixed **)
-CVE-2006-6053 backport (kernel) [since FEDORA-2006-1223]
+CVE-2006-6056 version (kernel, fixed 2.6.19) [since FEDORA-2007-058] was backport since FEDORA-2006-1471
+CVE-2006-6054 version (kernel, fixed fixed 2.6.19.2) [since FEDORA-2007-058]
+CVE-2006-6053 version (kernel, fixed 2.6.19.2) [since FEDORA-2007-058] was backport since FEDORA-2006-1223
CVE-2006-5989 ignore (mod_auth_kerb) did not affect fc6
CVE-2006-5974 ignore (fetchmail, fixed 6.3.6) only 6.3.5
CVE-2006-5973 VULNERABLE (dovecot, fixed 1.0.rc15) #216508
@@ -50,12 +50,12 @@
CVE-2006-5868 VULNERABLE (ImageMagick, fixed 6.2.9.1) #217560
CVE-2006-5867 version (fetchmail, fixed 6.3.6) #221984 [since FEDORA-2007-042]
CVE-2006-5864 VULNERABLE (evince) #217672
-CVE-2006-5823 backport (kernel) [since FEDORA-2006-1223]
+CVE-2006-5823 version (kernel, fixed 2.6.19.2) [since FEDORA-2007-058] was backport since FEDORA-2006-1223
CVE-2006-5794 backport (openssh, fixed 4.5) #214641 [since FEDORA-2006-1215]
CVE-2006-5793 ignore (libpng, fixed 1.2.13) just a client crash
CVE-2006-5783 ignore (firefox) disputed
CVE-2006-5779 VULNERABLE (openldap, 2.3.29) #214768
-CVE-2006-5757 backport (kernel, fixed 2.6.19-rc2) [since FEDORA-2006-1223]
+CVE-2006-5757 version (kernel, fixed 2.6.19) [since FEDORA-2007-058] was backport since FEDORA-2006-1223
CVE-2006-5753 VULNERABLE (kernel)
CVE-2006-5751 version (kernel, fixed 2.6.19, fixed 2.6.18.4) [since FEDORA-2006-1471]
CVE-2006-5749 VULNERABLE (kernel, fixed 2.6.20-rc2)
@@ -86,7 +86,7 @@
CVE-2006-5461 VULNERABLE (avahi, fixed 0.6.15)
CVE-2006-5456 backport (ImageMagick) #210921 [since FEDORA-2006-1285]
CVE-2006-5397 VULNERABLE (libX11, 1.0.2 and 1.0.3 only) #213280
-CVE-2006-5331 VULNERABLE (kernel, fixed 2.6.19-rc3)
+CVE-2006-5331 version (kernel, fixed 2.6.19) [since FEDORA-2007-058]
CVE-2006-5298 backport (mutt) [since FEDORA-2006-1063]
CVE-2006-5297 backport (mutt) [since FEDORA-2006-1063]
CVE-2006-5229 ignore (openssh) not reproduced
@@ -111,6 +111,7 @@
CVE-2006-4925 ignore (openssh) client crash only
CVE-2006-4924 backport (openssh, fixed 4.4)
CVE-2006-4842 ignore (nspr) Nothing setuid links with nspr
+CVE-2006-4814 version (kernel, fixed 2.6.19.2) [since FEDORA-2007-058]
CVE-2006-4813 version (kernel, fixed 2.6.13)
CVE-2006-4812 backport (php) php-5.1.6-ecalloc.patch
CVE-2006-4811 version (qt, fixed 3.3.7) [since FEDORA-2006-1055]
@@ -124,7 +125,7 @@
CVE-2006-4600 version (openldap, fixed 2.3.25)
CVE-2006-4574 version (wireshark, fixed 0.99.4) [since FEDORA-2006-1140]
CVE-2006-4573 VULNERABLE (screen) #212057
-CVE-2006-4572 VULNERABLE (kernel, fixed 2.6.19-rc4)
+CVE-2006-4572 version (kernel, fixed 2.6.19) [since FEDORA-2007-058]
CVE-2006-4571 version (thunderbird, fixed 1.5.0.7)
CVE-2006-4571 version (firefox, fixed 1.5.0.7)
CVE-2006-4570 version (thunderbird, fixed 1.5.0.7)
More information about the scm-commits
mailing list