fedora-security/audit fc7,1.38,1.39

Josh Bressers (bressers) fedora-extras-commits at redhat.com
Thu Jul 12 00:52:22 UTC 2007 

Author: bressers

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5528

Modified Files:
	fc7 
Log Message:
Deal with gd and gdm



Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -r1.38 -r1.39
--- fc7	11 Jul 2007 00:07:58 -0000	1.38
+++ fc7	12 Jul 2007 00:52:20 -0000	1.39
@@ -62,11 +62,11 @@
 CVE-2007-2867 version (seamonkey, fixed 1.0.9)
 CVE-2007-2865 VULNERABLE (phpPgAdmin) #241489
 CVE-2007-2844 ignore (php) #241641
-*CVE-2007-2843 ignore (konqueror) safari specific
+CVE-2007-2843 ignore (konqueror) safari specific
 *CVE-2007-2821 VULNERABLE (wordpress, fixed 2.2) #240970
 *CVE-2007-2799 (file)
 CVE-2007-2768 ignore (openssh) needs pam OPIE which is not shipped.
-*CVE-2007-2756 ignore (gd) DoS only
+CVE-2007-2756 ignore (gd) DoS only
 *CVE-2007-2754 (freetype)
 CVE-2007-2721 patch (jasper, fixed 1.900.1-2) #240397
 *CVE-2007-2683 (mutt)
@@ -147,7 +147,7 @@
 *CVE-2007-1599 version (wordpress, fixed 2.1.3-0.rc2) #233703
 CVE-2007-1583 version (php, fixed 5.2.2)
 CVE-2007-1565 ignore (konqueror) client crash
-*CVE-2007-1564 vulnerable (konqueror) [#CVE-2007-1564]
+CVE-2007-1564 vulnerable (konqueror) [#CVE-2007-1564]
 CVE-2007-1562 (firefox, seamonkey, thunderbird)
 CVE-2007-1560 version (squid, fixed 2.6.STABLE12)
 *CVE-2007-1558 version (claws-mail, fixed 2.9.1) #237293
@@ -285,7 +285,7 @@
 CVE-2007-0458 version (wireshark, fixed 0.99.5) #227140
 CVE-2007-0457 version (wireshark, fixed 0.99.5) #227140
 CVE-2007-0456 version (wireshark, fixed 0.99.5) #227140
-*CVE-2007-0455 VULNERABLE (gd) #224610
+CVE-2007-0455 version (gd, fixed 2.0.34) #224610
 *CVE-2007-0454 (samba)
 *CVE-2007-0452 (samba)
 *CVE-2007-0451 version (spamassassin, fixed 3.1.8) [since FEDORA-2007-241]
@@ -394,7 +394,7 @@
 *CVE-2006-6303 version (ruby, fixed 1.8.5.2) [since FEDORA-2006-1441]
 *CVE-2006-6301 version (denyhosts, fixed 2.6-2) #218824
 *CVE-2006-6297 ignore (kdegraphics) just a crash
-*CVE-2006-6238 (konqueror) probably safari only
+CVE-2006-6238 (konqueror) probably safari only
 CVE-2006-6236 ignore, no-ship (acroread)
 *CVE-2006-6235 patch (gnupg2, fixed 2.0.1-2) #218821
 *CVE-2006-6235 backport (gnupg, fixed 1.4.6) [since FEDORA-2006-1406]
@@ -410,7 +410,7 @@
 *CVE-2006-6120 version (koffice, fixed 1.6.1) #218030
 *CVE-2006-6107 VULNERABLE (dbus, fixed 1.0.2) #219665
 CVE-2006-6106 version (kernel, fixed 2.6.19.2, fixed 2.6.20-rc5) [since FEDORA-2006-1471]
-*CVE-2006-6105 version (gdm, fixed 2.14.11) [since FEDORA-2006-1468]
+CVE-2006-6105 version (gdm, fixed 2.14.11) [since FEDORA-2006-1468]
 *CVE-2006-6104 backport (mono, fixed 1.1.13.8.2) #220853 [since FEDORA-2007-067]
 *CVE-2006-6103 (xorg-x11)
 *CVE-2006-6102 (xorg-x11)
@@ -586,7 +586,7 @@
 CVE-2006-4486 version (php, fixed 5.1.6)
 CVE-2006-4485 version (php, fixed 5.1.5)
 CVE-2006-4484 version (php, fixed 5.1.5)
-*CVE-2006-4484 ignore (gd)
+CVE-2006-4484 ignore (gd)
 CVE-2006-4483 ignore (php) not linux
 CVE-2006-4482 version (php, fixed 5.1.5)
 CVE-2006-4481 ignore (php) safe mode isn't safe
@@ -625,7 +625,7 @@
 *CVE-2006-4192 patch (libmodplug, fixed 0.8-3)
 CVE-2006-4182 version (clamav, fixed 0.88.5) #210973
 *CVE-2006-4181 (gnuradius)
-*CVE-2006-4146 backport (gdb)
+CVE-2006-4146 backport (gdb)
 *CVE-2006-4145 version (kernel, fixed 2.6.17.10, fixed 2.6.18-rc5) needs a better upstream fix
 *CVE-2006-4144 backport (ImageMagick, fixed 6.2.9)
 *CVE-2006-4124 (lesstif)
@@ -770,7 +770,7 @@
 *CVE-2006-2932 ignore (kernel) no 4G/4G split support
 *CVE-2006-2920 version (sylpheed-claws, fixed 2.2.2)
 *CVE-2006-2916 ignore (arts) not shipped setuid
-*CVE-2006-2906 backport (gd) from changelog
+CVE-2006-2906 backport (gd) from changelog
 CVE-2006-2894 VULNERABLE (seamonkey) #194511
 CVE-2006-2894 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=56236
 CVE-2006-2842 version (squirrelmail, fixed 1.4.6)
@@ -817,7 +817,7 @@
 *CVE-2006-2489 version (nagios, fixed 2.3.1)
 *CVE-2006-2480 patch (dia, fixed 0.95-2) bz#192535
 *CVE-2006-2453 patch (dia, fixed 0.95-3) #192830
-*CVE-2006-2452 version (gdm)
+CVE-2006-2452 version (gdm)
 *CVE-2006-2451 version (kernel, fixed 2.6.17.4)
 *CVE-2006-2450 (vnc)
 *CVE-2006-2449 version (kdebase, fixed 3.5.4)
@@ -1021,7 +1021,7 @@
 *CVE-2006-1061 version (curl, fixed 7.15.3)
 *CVE-2006-1059 version (samba, fixed 3.0.22 at least)
 *CVE-2006-1058 version (busybox, fixed 1.2.x)
-*CVE-2006-1057 version (gdm, fixed 2.14.1)
+CVE-2006-1057 version (gdm, fixed 2.14.1)
 *CVE-2006-1056 version (kernel, fixed 2.6.16.9)
 *CVE-2006-1055 version (kernel, fixed 2.6.17)
 *CVE-2006-1053 (fedora directory server)
@@ -1918,7 +1918,7 @@
 *CVE-2004-1002 ignore (ppp) not a security issue
 *CVE-2004-0997 version (kernel, not 2.6)
 *CVE-2004-0996 backport (cscope) not fixed in 15.5
-*CVE-2004-0990 version (gd, fixed 2.0.33 at least)
+CVE-2004-0990 version (gd, fixed 2.0.33 at least)
 *CVE-2004-0989 version (libxml2, fixed 2.6.15)
 *CVE-2004-0986 version (iptables, fixed 1.2.12)
 *CVE-2004-0983 version (ruby, fixed 1.8.2)
@@ -1943,7 +1943,7 @@
 *CVE-2004-0956 version (mysql, fixed 4.0.20)
 *CVE-2004-0946 version (nfs-utils, fixed 1.0.6-r6)
 *CVE-2004-0942 version (httpd, not 2.2)
-*CVE-2004-0941 backport (gd)
+CVE-2004-0941 backport (gd)
 *CVE-2004-0940 version (httpd, not 2.2)
 *CVE-2004-0938 version (freeradius, fixed 1.0.1)
 *CVE-2004-0930 version (samba, fixed 3.0.8)
@@ -2062,7 +2062,7 @@
 *CVE-2004-0547 version (postgresql, fixed 7.2.1)
 CVE-2004-0541 version (squid, fixed 2.5.STABLE6)
 *CVE-2004-0535 version (kernel, fixed 2.6.6)
-*CVE-2004-0527 version (konqueror, not 3+)
+CVE-2004-0527 version (konqueror, not 3+)
 CVE-2004-0523 version (krb5, fixed 1.3.4)
 *CVE-2004-0521 version (squirrelmail, fixed 1.4.3a)
 *CVE-2004-0520 version (squirrelmail, fixed 1.4.3a)
@@ -2239,8 +2239,8 @@
 *CVE-2003-0851 version (openssl, not 0.9.8)
 *CVE-2003-0851 version (openssl097a, not 0.9.7)
 *CVE-2003-0795 version (quagga, fixed 0.96.4)
-*CVE-2003-0794 version (gdm, fixed 2.4.1.7)
-*CVE-2003-0793 version (gdm, fixed 2.4.1.7)
+CVE-2003-0794 version (gdm, fixed 2.4.1.7)
+CVE-2003-0793 version (gdm, fixed 2.4.1.7)
 *CVE-2003-0792 version (fetchmail, 6.2.4 only)
 *CVE-2003-0789 version (httpd, not 2.2)
 CVE-2003-0788 version (cups, fixed 1.1.19)
@@ -2277,9 +2277,9 @@
 *CVE-2003-0552 version (kernel, not 2.6)
 *CVE-2003-0551 version (kernel, not 2.6)
 *CVE-2003-0550 version (kernel, not 2.6)
-*CVE-2003-0549 version (gdm, fixed 2.4.1.6)
-*CVE-2003-0548 version (gdm, fixed 2.4.1.6)
-*CVE-2003-0547 version (gdm, fixed 2.4.1.6)
+CVE-2003-0549 version (gdm, fixed 2.4.1.6)
+CVE-2003-0548 version (gdm, fixed 2.4.1.6)
+CVE-2003-0547 version (gdm, fixed 2.4.1.6)
 *CVE-2003-0545 version (openssl, not 0.9.8)
 *CVE-2003-0545 backport (openssl097a, fixed 0.9.7c)
 *CVE-2003-0544 version (openssl, not 0.9.8)

-- 
fedora-extras-commits mailing list
fedora-extras-commits at redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits

More information about the security mailing list