fedora-security/audit epel5,1.2,1.3

Kevin Fenzi (kevin) fedora-extras-commits at redhat.com
Fri Sep 14 00:23:21 UTC 2007


Author: kevin

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31447

Modified Files:
	epel5 
Log Message:
Process a bunch more epel5 packages



Index: epel5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/epel5,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- epel5	5 Sep 2007 04:53:03 -0000	1.2
+++ epel5	14 Sep 2007 00:23:19 -0000	1.3
@@ -3,112 +3,115 @@
 # *CVE are items that need verification for EPEL-5
 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
 
-# Up to date CVE as of CVE email 20070829
-# Up to date EPEL5 as of 
+# Up to date CVE as of CVE email 20070910
+# Up to date EPEL5 as of 20070910
 #
-*CVE-2007-4631 VULNERABLE (qgit) #268381
-*CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081
-*CVE-2007-4560 VULNERABLE (clamav) #260583
-*CVE-2007-4543 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853]
-*CVE-2007-4542 VULNERABLE (mapserver, fixed 4.10.3) #256561
-*CVE-2007-4539 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853]
-*CVE-2007-4538 version (bugzilla, fixed 3.0.1) #256021 [since FEDORA-2007-1853]
-*CVE-2007-4510 VULNERABLE (clamav, fixed 0.91.2) #253780
-*CVE-2007-4462 version (po4a) #253541 [since FEDORA-2007-1763]
-*CVE-2007-4400 VULNERABLE (konversation) #253545
-*CVE-2007-4323 backport (denyhosts) #252291 [since FEDORA-2007-0589]
-*CVE-2007-4321 backport (fail2ban) #252290 [since FEDORA-2007-0621] version since FEDORA-2007-1643
-*CVE-2007-3950 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
-*CVE-2007-3949 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
-*CVE-2007-3948 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
-*CVE-2007-3947 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
-*CVE-2007-3946 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
-*CVE-2007-3725 ** (clamav)
-*CVE-2007-3628 version (php-pear-Structures-DataGrid-DataSource-MDB2, fixed 0.1.10)
-*CVE-2007-3555 version (moodle) #247528 [since FEDORA-2007-1445]
-*CVE-2007-3528 version (dar, fixed 2.3.4) #246760 [since FEDORA-2007-0904]
+*CVE-2007-4828 (mediawiki, fixed 1.11.0, 1.10.2, 1.9.4) #287881
+CVE-2007-4727 version (lighttpd, fixed 1.4.18) #284511
+CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081
+CVE-2007-4631 version (qgit, fixed 1.5.7) #268381
+CVE-2007-4629 VULNERABLE (mapserver, fixed 4.10.3) #272081
+CVE-2007-4560 VULNERABLE (clamav) #260583
+CVE-2007-4543 version (bugzilla, fixed 3.0.1) #256021
+CVE-2007-4542 VULNERABLE (mapserver, fixed 4.10.3) #256561
+CVE-2007-4539 version (bugzilla, fixed 3.0.1) #256021
+CVE-2007-4538 version (bugzilla, fixed 3.0.1) #256021
+CVE-2007-4510 VULNERABLE (clamav, fixed 0.91.2) #253780
+*CVE-2007-4462 version (po4a) #253541
+CVE-2007-4400 VULNERABLE (konversation) #253545
+CVE-2007-4323 backport (denyhosts) #252291
+*CVE-2007-4321 backport (fail2ban) #252290
+CVE-2007-3950 version (lighttpd, fixed 1.4.16) #249162
+CVE-2007-3949 version (lighttpd, fixed 1.4.16) #249162
+CVE-2007-3948 version (lighttpd, fixed 1.4.16) #249162
+CVE-2007-3947 version (lighttpd, fixed 1.4.16) #249162
+CVE-2007-3946 version (lighttpd, fixed 1.4.16) #249162
+CVE-2007-3725 ** (clamav)
+CVE-2007-3628 version (php-pear-Structures-DataGrid-DataSource-MDB2, fixed 0.1.10)
+CVE-2007-3555 version (moodle) #247528 
+CVE-2007-3528 version (dar, fixed 2.3.4) #246760
 *CVE-2007-3387 version (xpdf, fixed 3.02pl1) [since FEDORA-2007-1383]
-*CVE-2007-3209 ignore (mail-notification, shipped with SSL enabled)
-*CVE-2007-3153 version (c-ares, fixed 1.4.0) #243591 [since FEDORA-2007-0724]
-*CVE-2007-3152 version (c-ares, fixed 1.4.0) #243591 [since FEDORA-2007-0724]
-*CVE-2007-3123 VULNERABLE (clamav, fixed 0.90.3) #245219
-*CVE-2007-3122 VULNERABLE (clamav, fixed 0.90.3) #245219
-*CVE-2007-3113 VULNERABLE (cacti) #243592
-*CVE-2007-3112 VULNERABLE (cacti) #243592
-*CVE-2007-3025 ignore (clamav, Solaris only)
-*CVE-2007-3024 VULNERABLE (clamav, fixed 0.90.3) #245219
-*CVE-2007-3023 VULNERABLE (clamav, fixed 0.90.3) #245219
-*CVE-2007-2865 version (phpPgAdmin, fixed 4.1.2) #241489 [since FEDORA-2007-0469]
-*CVE-2007-2721 patch (jasper, fixed 1.900.1-2) #240397
-*CVE-2007-2650 version (clamav, fixed 0.90.3) #240395 [since FEDORA-2007-1154]
-*CVE-2007-2637 patch (moin, fixed 1.5.7-2)
-*CVE-2007-2423 patch (moin, fixed 1.5.7-2) #238722
+CVE-2007-3209 ignore (mail-notification, shipped with SSL enabled)
+CVE-2007-3153 version (c-ares, fixed 1.4.0) #243591
+CVE-2007-3152 version (c-ares, fixed 1.4.0) #243591
+CVE-2007-3123 VULNERABLE (clamav, fixed 0.90.3) #245219
+CVE-2007-3122 VULNERABLE (clamav, fixed 0.90.3) #245219
+CVE-2007-3113 VULNERABLE (cacti) #243592
+CVE-2007-3112 VULNERABLE (cacti) #243592
+CVE-2007-3025 ignore (clamav, Solaris only)
+CVE-2007-3024 VULNERABLE (clamav, fixed 0.90.3) #245219
+CVE-2007-3023 VULNERABLE (clamav, fixed 0.90.3) #245219
+CVE-2007-2865 version (phpPgAdmin, fixed 4.1.2) #241489
+CVE-2007-2721 patch (jasper, fixed 1.900.1-2) #240397
+CVE-2007-2650 VULNERABLE (clamav, fixed 0.90.3) #240395
+CVE-2007-2637 patch (moin, fixed 1.5.7-2)
+CVE-2007-2423 patch (moin, fixed 1.5.7-2) #238722
 *CVE-2007-2413 version (perl-Imager, fixed 0.57) #238615
-*CVE-2007-2245 VULNERABLE (phpMyAdmin, fixed 2.10.1) #237882
-*CVE-2007-2165 VULNERABLE (proftpd) #237533
-*CVE-2007-2029 VULNERABLE (clamav, fixed 0.90.3) #245219
-*CVE-2007-2016 ignore (phpMyAdmin, < 2.8.0.2 never shipped)
-*CVE-2007-1997 version (clamav, fixed in 0.90.2)
-*CVE-2007-1870 version (lighttpd, fixed 1.4.14) #236489
-*CVE-2007-1869 version (lighttpd, fixed 1.4.14) #236489
-*CVE-2007-1745 version (clamav, fixed in 0.90.2) #236703
-*CVE-2007-1614 version (zziplib, fixed 0.13.49) #233700
-*CVE-2007-1547 version (nas, fixed 1.8a-2) #233353
-*CVE-2007-1546 version (nas, fixed 1.8a-2) #233353
-*CVE-2007-1545 version (nas, fixed 1.8a-2) #233353
-*CVE-2007-1544 version (nas, fixed 1.8a-2) #233353
-*CVE-2007-1543 version (nas, fixed 1.8a-2) #233353
+CVE-2007-2245 version (phpMyAdmin, fixed 2.10.1) #237882
+CVE-2007-2165 VULNERABLE (proftpd) #237533
+CVE-2007-2029 VULNERABLE (clamav, fixed 0.90.3) #245219
+CVE-2007-2016 ignore (phpMyAdmin, < 2.8.0.2 never shipped)
+CVE-2007-1997 VULNERABLE (clamav, fixed in 0.90.2)
+CVE-2007-1870 version (lighttpd, fixed 1.4.14) #236489
+CVE-2007-1869 version (lighttpd, fixed 1.4.14) #236489
+CVE-2007-1745 VULNERABLE (clamav, fixed in 0.90.2) #236703
+CVE-2007-1614 version (zziplib, fixed 0.13.49) #233700
+CVE-2007-1547 version (nas, fixed 1.8a-2) #233353
+CVE-2007-1546 version (nas, fixed 1.8a-2) #233353
+CVE-2007-1545 version (nas, fixed 1.8a-2) #233353
+CVE-2007-1544 version (nas, fixed 1.8a-2) #233353
+CVE-2007-1543 version (nas, fixed 1.8a-2) #233353
 *CVE-2007-1515 version (imp, fixed 4.1.4)
 *CVE-2007-1474 version (horde, fixed 3.1.4)
 *CVE-2007-1474 ignore (imp, < 4.x only)
 *CVE-2007-1473 version (horde, fixed 3.1.4)
-*CVE-2007-1429 version (moodle, fixed 1.6.5) #232103
-*CVE-2007-1406 version (trac, fixed 0.10.3.1) #231729
-*CVE-2007-1405 version (trac, fixed 0.10.3.1) #231729
-*CVE-2007-1399 version (php-pecl-zip, fixed 1.8.5)
-*CVE-2007-1395 version (phpMyAdmin, fixed 2.10.0.2)
-*CVE-2007-1359 patch (mod_security, fixed 2.1.0-3) #231728
-*CVE-2007-1325 version (phpMyAdmin, fixed 2.10.0.2)
+CVE-2007-1429 version (moodle, fixed 1.6.5) #232103
+CVE-2007-1406 version (trac, fixed 0.10.3.1) #231729
+CVE-2007-1405 version (trac, fixed 0.10.3.1) #231729
+CVE-2007-1399 version (php-pecl-zip, fixed 1.8.5)
+CVE-2007-1395 version (phpMyAdmin, fixed 2.10.0.2)
+CVE-2007-1359 patch (mod_security, fixed 2.1.0-3) #231728
+CVE-2007-1325 version (phpMyAdmin, fixed 2.10.0.2)
 *CVE-2007-1263 version (gpgme, fixed 1.1.4)
 *CVE-2007-1055 version (mediawiki, fixed 1.8.3)
 *CVE-2007-1054 version (mediawiki, fixed 1.9.3) [since FEDORA-2007-1442]
-*CVE-2007-0902 patch (moin, fixed 1.5.7-2) #228764
-*CVE-2007-0901 patch (moin, fixed 1.5.7-2) #228764
-*CVE-2007-0898 version (clamav, fixed 0.90) #229202
-*CVE-2007-0897 version (clamav, fixed 0.90) #229202
+CVE-2007-0902 patch (moin, fixed 1.5.7-2) #228764
+CVE-2007-0901 patch (moin, fixed 1.5.7-2) #228764
+CVE-2007-0898 VULNERABLE (clamav, fixed 0.90) #229202
+CVE-2007-0897 VULNERABLE (clamav, fixed 0.90) #229202
 *CVE-2007-0894 version (mediawiki, fixed 1.8.4) #228763
-*CVE-2007-0857 version (moin, fixed 1.5.7) #228139
-*CVE-2007-0619 version (chmlib, fixed 0.3.9) #225919
+CVE-2007-0857 version (moin, fixed 1.5.7) #228139
+CVE-2007-0619 version (chmlib, fixed 0.3.9) #225919
 *CVE-2007-0469 version (rubygems, fixed 0.9.1)
-*CVE-2007-0341 ignore (phpMyAdmin, 2.8.x only)
-*CVE-2007-0242 patch (qt4, fixed 4.2.3-7)
-*CVE-2007-0240 patch (zope, fixed 2.9.6-2) #233378
+CVE-2007-0341 ignore (phpMyAdmin, 2.8.x only)
+CVE-2007-0242 VULNERABLE (qt4, fixed 4.2.3-7)
+CVE-2007-0240 patch (zope, fixed 2.9.6-2) #233378
 *CVE-2007-0177 version (mediawiki, fixed 1.8.3) #221958
 *CVE-2007-0095 VULNERABLE (phpMyAdmin) #221694
-*CVE-2007-0007 version (gnucash, fixed 2.0.5) since [FEDORA-2007-256] #223233
-*CVE-2006-6944 version (phpMyAdmin, fixed 2.9.1.1)
-*CVE-2006-6943 version (phpMyAdmin, fixed 2.9.1.1)
-*CVE-2006-6942 version (phpMyAdmin, fixed 2.9.1.1)
-*CVE-2006-6799 patch (cacti, fixed 0.8.6i-5) #222410
-*CVE-2006-6693 ignore (zabbix, fixed 1.1.3, < 1.1.4 not shipped)
-*CVE-2006-6692 ignore (zabbix, fixed 1.1.3, < 1.1.4 not shipped)
-*CVE-2006-6626 version (moodle, fixed 1.6.5) #220041
-*CVE-2006-6625 version (moodle, fixed 1.6.5) #220041
-*CVE-2006-6563 backport (proftpd, fixed 1.3.0a-3) #219938
-*CVE-2006-6481 version (clamav, fixed 0.88.7)
-*CVE-2006-6406 version (clamav, fixed 0.88.7) #219095
+CVE-2007-0007 version (gnucash, fixed 2.0.5) since [FEDORA-2007-256] #223233
+CVE-2006-6944 version (phpMyAdmin, fixed 2.9.1.1)
+CVE-2006-6943 version (phpMyAdmin, fixed 2.9.1.1)
+CVE-2006-6942 version (phpMyAdmin, fixed 2.9.1.1)
+CVE-2006-6799 patch (cacti, fixed 0.8.6i-5) #222410
+CVE-2006-6693 ignore (zabbix, fixed 1.1.3, < 1.1.4 not shipped)
+CVE-2006-6692 ignore (zabbix, fixed 1.1.3, < 1.1.4 not shipped)
+CVE-2006-6626 version (moodle, fixed 1.6.5) #220041
+CVE-2006-6625 version (moodle, fixed 1.6.5) #220041
+CVE-2006-6563 backport (proftpd, fixed 1.3.0a-3) #219938
+CVE-2006-6481 VULNERABLE (clamav, fixed 0.88.7)
+CVE-2006-6406 VULNERABLE (clamav, fixed 0.88.7) #219095
 *CVE-2006-6374 ** (phpMyAdmin) #218853
-*CVE-2006-6373 version (phpMyAdmin, fixed 2.9.1.1) #218853
-*CVE-2006-6301 version (denyhosts, fixed 2.6-2) #218824
+CVE-2006-6373 version (phpMyAdmin, fixed 2.9.1.1) #218853
+CVE-2006-6301 version (denyhosts, fixed 2.6-2) #218824
 *CVE-2006-6235 patch (gnupg2, fixed 2.0.1-2) #218821
-*CVE-2006-6171 patch (proftpd, fixed 1.3.0a-1) #214820
-*CVE-2006-6170 patch (proftpd, fixed 1.3.0a-1) #214820
+CVE-2006-6171 patch (proftpd, fixed 1.3.0a-1) #214820
+CVE-2006-6170 patch (proftpd, fixed 1.3.0a-1) #214820
 *CVE-2006-6169 version (gnupg2, fixed 2.0.1) #217950
 *CVE-2006-6085 version (kile, fixed 1.9.3) #217238
-*CVE-2006-5874 version (clamav, fixed 0.88.1)
-*CVE-2006-5864 patch (gv, fixed 3.6.2-2) #215136
-*CVE-2006-5848 version (trac, fixed 0.10.1) #215077
-*CVE-2006-5815 version (proftpd, fixed 1.3.0a) #214820
+CVE-2006-5874 version (clamav, fixed 0.88.1)
+CVE-2006-5864 patch (gv, fixed 3.6.2-2) #215136
+CVE-2006-5848 version (trac, fixed 0.10.1) #215077
+CVE-2006-5815 version (proftpd, fixed 1.3.0a) #214820
 CVE-2006-5602 version (xsupplicant, fixed 1.2.6)
 CVE-2006-5601 version (xsupplicant, fixed 1.2.8) #212700
 CVE-2006-5455 patch (bugzilla, fixed 2.22-7) #212355




More information about the scm-commits mailing list