fedora-security/audit fc4,1.26,1.27
Mark Cox (mjc)
fedora-extras-commits at redhat.com
Wed Jul 20 09:45:56 UTC 2005
- Previous message (by thread): rpms/koffice/devel kde-libtool.patch, NONE, 1.1 koffice-1.2.94-fPIC.patch, NONE, 1.1 koffice-1.3-menu.patch, NONE, 1.1 koffice-1.3.1-rpath.patch, NONE, 1.1 koffice-1.3.5-immodule.patch, NONE, 1.1 koffice.spec, NONE, 1.1 koshell.png, NONE, 1.1 post-1.3.5-koffice.diff, NONE, 1.1 subdirs-koffice, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): devel/x3270 x3270.spec,1.5,1.6
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mjc
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1924
Modified Files:
fc4
Log Message:
Get around to dealing with some issues that needed attention. The only
significant issue left is a Mozilla issue where I can't yet find out what
release fixed the flaw. Josh opened a bug in bugzilla.mozilla.org for this
but it was dupe'd to a private bug I can't access, so we'll need to wait
to finish this one off.
Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- fc4 20 Jul 2005 08:28:11 -0000 1.26
+++ fc4 20 Jul 2005 09:45:53 -0000 1.27
@@ -24,7 +24,7 @@
2005-2260 VULNERABLE (firefox, fixed 1.0.5)
2005-2260 VULNERABLE (mozilla, fixed 1.7.9)
2005-2177 version (net-snmp, fixed 5.2.1.2) [since FEDORA-2005-561]
-2005-2114 ** mozilla
+2005-2114 ** mozilla, can't find out when this was fixed upstream
2005-2096 backport (zlib) [since FEDORA-2005-523]
2005-2096 backport (rpm) [since FEDORA-2005-565]
2005-2095 VULNERABLE (squirrelmail)
@@ -40,8 +40,7 @@
2005-1763 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
2005-1762 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
2005-1761 version (kernel, fixed 2.6.12.2) [since FEDORA-2005-510]
-2005-2069 ** openldap
-2005-2069 ** pam_ldap
+2005-2069 VULNERABLE (nss_ldap) http://bugzilla.padl.com/attachment.cgi?id=10&action=view
2005-2023 version (gnupg, fixed 1.9.15)
2005-1993 backport (sudo, fixed 1.6.8p9) [since FEDORA-2005-472]
2005-1992 backport (ruby) [since FEDORA-2005-475]
@@ -50,20 +49,21 @@
2005-1934 version (gaim, fixed 1.3.1) [since FEDORA-2005-411]
2005-1831 ignore (sudo) unsubstantiated report
2005-1763 version (kernel) [since FEDORA-2005-510]
-2005-1769 ** squirrelmail
+2005-1769 VULNERABLE (squirrelmail, fixed 1.4.5)
2005-1766 version (HelixPlayer, fixed 1.0.5) [since FEDORA-2005-483]
-2005-1760 ** probably vulnerable sysreport
+2005-1760 VULNERABLE (sysreport)
2005-1759 VULNERABLE (nmap)
2005-1759 VULNERABLE (openldap)
2005-1759 VULNERABLE (php)
-2005-1751 ** nmap
-2005-1751 ** openldap
+2005-1751 VULNERABLE (nmap, fixed shtool 2.0.2) #158996
+2005-1751 VULNERABLE (openldap, fixed shtool 2.0.2)
+2005-1751 ignore (ncpfs) part of shtool in ncpfs is not vulnerable
2005-1571 version (php, fixed shtool 2.0.2) [since FEDORA-2005-518]
2005-1740 backport (net-snmp, not fixed)
2005-1739 backport (ImageMagick, fixed 6.2.2.3) [since re0526.1]
2005-1705 version (gdb, fixed 6.3)
2005-1704 version (gdb, fixed 6.3)
-2005-1704 ** (binutils) [since FEDORA-2005-498]
+2005-1704 backport (binutils) ...eadelf-overflows.patch [since FEDORA-2005-498]
2005-1689 backport (krb5) [since FEDORA-2005-553]
2005-1686 ignore (gedit, not a vulnerability)
2005-1636 VULNERABLE (mysql, fixed 4.1.12) minor issue
@@ -975,13 +975,12 @@
older, happened to deal with at same time:
-2002-1963 ** kernel
-2002-1976 ** kernel
+2002-1963 version (kernel, not 2.6)
+2002-1976 ignore (ifconfig) "use ip"
2002-1914 version (dump, fixed 0.4b29)
-2002-1890 ** rhmask
-2002-1850 ** mod_cgi
-2002-1827 ** sendmail
-2002-1814 ** bonobo
+2002-1850 version (mod_cgi, fixed 2.0.41)
+2002-1827 version (sendmail, fixed after 8.12.3)
+2002-1814 ignore (bonobo) not shipped setuid
2002-1793 version (mod_ssl), also only hp
2002-1783 version (php, fixed after 4.2.3)
2002-1765 version (evolution, fixed 1.0.5)
- Previous message (by thread): rpms/koffice/devel kde-libtool.patch, NONE, 1.1 koffice-1.2.94-fPIC.patch, NONE, 1.1 koffice-1.3-menu.patch, NONE, 1.1 koffice-1.3.1-rpath.patch, NONE, 1.1 koffice-1.3.5-immodule.patch, NONE, 1.1 koffice.spec, NONE, 1.1 koshell.png, NONE, 1.1 post-1.3.5-koffice.diff, NONE, 1.1 subdirs-koffice, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): devel/x3270 x3270.spec,1.5,1.6
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list