fedora-security/audit fc4,1.103,1.104 fc5,1.14,1.15

Mon Dec 12 14:10:03 UTC 2005

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv30887

Modified Files:
	fc4 fc5 
Log Message:
Deal with kernel FC4 update



Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.103
retrieving revision 1.104
diff -u -r1.103 -r1.104

--- fc4	11 Dec 2005 20:14:26 -0000	1.103
+++ fc4	12 Dec 2005 14:10:01 -0000	1.104
@@ -1,5 +1,5 @@
-Up to date CVE as of CVE email 20051207
-Up to date FC4 as of 200501127
+Up to date CVE as of CVE email 20051211
+Up to date FC4 as of 20051211
 
 ** are items that need attention
 
@@ -17,7 +17,7 @@
 CVE-2005-3191 VULNERABLE (kdegraphics)
 CVE-2005-3191 backport (tetex) [since FEDORA-2005-1126]
 CVE-2005-3191 backport (poppler) [since FEDORA-2005-1132]
-CVE-2005-3964 VULNERABLE (openmotif)
+CVE-2005-3964 VULNERABLE (openmotif) bz#174815
 CVE-2005-3962 backport (perl) [since FEDORA-2005-1113]
 CVE-2005-3912 backport (perl) [since FEDORA-2005-1113]
 CVE-2005-3883 VULNERABLE (php)
@@ -25,14 +25,14 @@
 CVE-2005-3857 VULNERABLE (kernel, fixed 2.6.15)
 CVE-2005-3848 version (kernel, fixed 2.6.13) [since FEDORA-2005-949]
 CVE-2005-3847 version (kernel, fixed 2.6.12.6) [since FEDORA-2005-949] was backport since [FEDORA-2005-906]
-CVE-2005-3810 VULNERABLE (kernel, fixed 2.6.15) affects 2.6.14 only [vulnerable since FEDORA-2005-1067]
-CVE-2005-3809 VULNERABLE (kernel, fixed 2.6.15) affects 2.6.14 only [vulnerable since FEDORA-2005-1067]
-CVE-2005-3808 VULNERABLE (kernel)
-CVE-2005-3807 VULNERABLE (kernel) bz#172691
+CVE-2005-3810 backport (kernel, fixed 2.6.15) [since FEDORA-2005-1104] affects 2.6.14 only [vulnerable since FEDORA-2005-1067]
+CVE-2005-3809 backport (kernel, fixed 2.6.15) [since FEDORA-2005-1104] affects 2.6.14 only [vulnerable since FEDORA-2005-1067]
+CVE-2005-3808 backport (kernel) [since FEDORA-2005-1104]
+CVE-2005-3807 backport (kernel) [since FEDORA-2005-1104]
 CVE-2005-3806 version (kernel, fixed 2.6.14) [since FEDORA-2005-1067]
 CVE-2005-3805 version (kernel, fixed 2.6.14) [since FEDORA-2005-1067]
-CVE-2005-3784 VULNERABLE (kernel, fixed 2.6.15)
-CVE-2005-3783 VULNERABLE (kernel, fixed 2.6.14.2)
+CVE-2005-3784 backport (kernel, fixed 2.6.15) [since FEDORA-2005-3784]
+CVE-2005-3783 backport (kernel, fixed 2.6.14.2) [since FEDORA-2005-1104]
 CVE-2005-3753 version (kernel, fixed 2.6.14) also not a vuln
 CVE-2005-3745 ignore (struts, fixed 1.2.8) but not through tomcat
 CVE-2005-3732 VULNERABLE (ipsec-tools, fixed 0.6.3) bz#173842
@@ -136,6 +136,7 @@
 CVE-2005-2794 version (squid, fixed 2.5.STABLE11) [since FEDORA-2005-913] was backport since FEDORA-2005-851
 CVE-2005-2728 backport (httpd, fixed 2.0.55-dev) [since FEDORA-2005-849]
 CVE-2005-2710 version (helixplayer, fixed 1.0.6) [since FEDORA-2005-940]
+CVE-2005-2709 backport (kernel, fixed 2.6.14.3) [since FEDORA-2005-1104]
 CVE-2005-2708 ignore (kernel) not reproducable on x86_64
 CVE-2005-2707 version (thunderbird) [since FEDORA-2005-963]
 CVE-2005-2707 version (firefox, fixed 1.0.7) [since FEDORA-2005-926]
@@ -567,6 +568,7 @@
 CVE-2005-0004 version (mysql, fixed 4.1.10)
 CVE-2005-0003 version (kernel, fixed 2.6.10)
 CVE-2005-0001 version (kernel, fixed 2.6.10)
+CVE-2004-2607 version (kernel, fixed 2.6.5)
 CVE-2004-2589 version (gaim, fixed 0.82)
 CVE-2004-2546 version (samba, fixed 3.0.6)
 CVE-2004-2541 blocked (cscope) by FORTIFY_SOURCE


Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- fc5	9 Dec 2005 22:13:29 -0000	1.14
+++ fc5	12 Dec 2005 14:10:01 -0000	1.15
@@ -1,4 +1,4 @@
-Up to date CVE as of CVE email 20051207
+Up to date CVE as of CVE email 20051211
 Up to date FC5 as of FC5-Test1-RC
 
 1. Removed packages with security issues that are no longer in FC5 
@@ -141,6 +141,7 @@
 CVE-2005-2794 version (squid, fixed 2.5.STABLE11)
 CVE-2005-2728 backport (httpd, fixed 2.0.55) 
 CVE-2005-2710 version (HelixPlayer, fixed 1.0.6)
+CVE-2005-2709 VULNERABLE (kernel, fixed 2.6.14.3)
 CVE-2005-2708 ignore (kernel) not reproducable on x86_64
 CVE-2005-2707 version (thunderbird)
 CVE-2005-2707 version (firefox, fixed 1.0.7)
@@ -598,6 +599,7 @@
 CVE-2005-0004 version (mysql, fixed 4.1.10)
 CVE-2005-0003 version (kernel, fixed 2.6.10)
 CVE-2005-0001 version (kernel, fixed 2.6.10)
+CVE-2004-2607 version (kernel, fixed 2.6.5)
 CVE-2004-2589 version (gaim, fixed 0.82)
 CVE-2004-2546 version (samba, fixed 3.0.6)
 CVE-2004-2541 blocked (cscope) by FORTIFY_SOURCE


