fedora-security/audit fc4,1.81,1.82

Mark Cox (mjc) fedora-extras-commits at redhat.com
Thu Nov 10 10:52:05 UTC 2005 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29278

Modified Files:
	fc4 
Log Message:
Investigate some issues and update; just 10 issues need some 
investigation work



Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.81
retrieving revision 1.82
diff -u -r1.81 -r1.82
--- fc4	9 Nov 2005 12:52:48 -0000	1.81
+++ fc4	10 Nov 2005 10:52:03 -0000	1.82
@@ -1,19 +1,20 @@
-Up to date CVE as of CVE email 20051108
-Up to date FC4 as of 200501108
+Up to date CVE as of CVE email 20051109
+Up to date FC4 as of 200501109
 
 ** are items that need attention
 
 CVE-2005-3527 VULNERABLE (kernel)
-CVE-2005-3402 ** thunderbird
+CVE-2005-3402 ignore (thunderbird) mozilla say by design
 CVE-2005-3392 ignore (php) safe mode isn't safe
 CVE-2005-3391 ignore (php) safe mode isn't safe
 CVE-2005-3390 backport (php) [since FEDORA-2005-1062]
 CVE-2005-3389 backport (php) [since FEDORA-2005-1062]
 CVE-2005-3388 backport (php) [since FEDORA-2005-1062]
 CVE-2005-3353 backport (php) [since FEDORA-2005-1062]
+CVE-2005-3351 backport (spamassassin) [since FEDORA-2005-1066]
 CVE-2005-3350 version (libungif, fixed 4.1.3) [since FEDORA-2005-1046]
 CVE-2005-3322 version (squid, not upstream) SUSE only
-CVE-2005-3319 ** mod_php
+CVE-2005-3319 ignore (mod_php) no security consequence
 CVE-2005-3313 VULNERABLE (ethereal)
 CVE-2005-3276 version (kernel, fixed 2.6.12.4) [since FEDORA-2005-949] was backport since FEDORA-2005-820
 CVE-2005-3275 version (kernel, fixed 2.6.13) [since FEDORA-2005-949] was backport since FEDORA-2005-820
@@ -69,7 +70,7 @@
 CVE-2005-2959 ignore (sudo) not a vulnerability
 CVE-2005-2946 VULNERABLE (openssl, fixed 0.9.8) (as it uses md5 md)
 CVE-2005-2933 VULNERABLE (uw-imap) bz#171345
-CVE-2005-2917 ** squid
+CVE-2005-2917 version (squid, fixed 2.5.STABLE11) [since FEDORA-2005-913]
 CVE-2005-2876 backport (util-linux) [since FEDORA-2005-887]
 CVE-2005-2874 version (cups, fixed 1.1.23)
 CVE-2005-2873 VULNERABLE (kernel) not upstream fixed

More information about the fedora-extras-commits mailing list