fedora-security/audit fc4,1.66,1.67

Mark Cox (mjc) fedora-extras-commits at redhat.com
Tue Oct 4 10:35:55 UTC 2005 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15295

Modified Files:
	fc4 
Log Message:
Catch up with some kernel issues



Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.66
retrieving revision 1.67
diff -u -r1.66 -r1.67
--- fc4	3 Oct 2005 11:27:10 -0000	1.66
+++ fc4	4 Oct 2005 10:35:52 -0000	1.67
@@ -1,19 +1,26 @@
-Up to date CVE as of CVE email 20050928
-Up to date FC4 as of 20050928
+Up to date CVE as of CVE email 20051003
+Up to date FC4 as of 200501003
 
 ** are items that need attention
 
+2005-3110 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
+2005-3109 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
+2005-3108 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
+2005-3107 version (kernel, fixed 2.6.11)
+2005-3106 version (kernel, fixed 2.6.11)
+2005-3105 version (kernel, fixed 2.6.12) [since FEDORA-2005-510]
 2005-3089 ** firefox
 2005-3055 VULNERABLE (kernel)
 2005-3054 ** php
-2005-3053 backport (kernel) [since FEDORA-2005-820] patch-2.6.12.5
-2005-3044 VULNERABLE (kernel, fixed 2.6.13.2)
+2005-3053 version (kernel) [since FEDORA-2005-949] was backport since FEDORA-2005-820
+2005-3044 backport (kernel, fixed 2.6.13.2) [since FEODRA-2005-949] patch-2.6.13.2
 2005-3011 ** texinfo
 2005-2991 ignore (ncompress) don't ship zdiff or zcmp scripts
 2005-2968 version (mozilla, not 1.7.10) +we include a different mozilla sh
 2005-2968 version (firefox) [since FEDORA-2005-926]
 2005-2968 version (thunderbird) [since FEDORA-2005-963]
 2005-2946 VULNERABLE (openssl, fixed 0.9.8) (as it uses md5 md)
+2005-2917 ** squid
 2005-2876 backport (util-linux) [since FEDORA-2005-887]
 2005-2874 version (cups, fixed 1.1.23)
 2005-2873 VULNERABLE (kernel) not upstream fixed
@@ -23,7 +30,7 @@
 2005-2871 version (thunderbird) (moderate only) [since FEDORA-2005-963]
 2005-2811 version (net-snmp, not upstream) gentoo only
 2005-2801 version (kernel, fixed 2.6.11)
-2005-2800 backport (kernel, fixed 2.6.12.6) [since FEDORA-2005-906]
+2005-2800 version (kernel, fixed 2.6.12.6) [since FEDORA-2005-949] was backport since FEDORA-2005-906
 2005-2798 version (openssh, fixed 4.2) [since FEDORA-2005-860]
 2005-2797 version (openssh, fixed 4.2) [since FEDORA-2005-860]
 2005-2796 version (squid, fixed 2.5.STABLE11) [since FEDORA-2005-913] was backport since FEDORA-2005-851
@@ -61,14 +68,14 @@
 2005-2602 ** VULNERABLE (thunderbird) probably
 2005-2558 ignore (mysql) not an issue
 2005-2558 VULNERABLE (mysql, fixed 4.1.13) probably
-2005-2555 backport (kernel, fixed 2.6.12.6pre) [since FEDORA-2005-820] patch-2.6.12.6pre.patch
+2005-2555 version (kernel, fixed 2.6.12.6pre) [since FEDORA-2005-949] was backport since FEDORA-2005-820
 2005-2553 version (kernel, not 2.6)
 2005-2550 backport (evolution) [since FEDORA-2005-743]
 2005-2549 backport (evolution) [since FEDORA-2005-743]
 2005-2548 version (kernel, fixed 2.6.9) only affected 2.6.8
 2005-2547 version (bluez-pin, fixed 2.19) not before 2.16
 2005-2541 ignore (tar) is documented behaviour
-2005-2500 version (kernel, flaw introduced after 2.6.12)
+2005-2500 VULNERABLE (kernel, flaw introducted after 2.6.12) vulnerable since FEDORA-2005-949
 2005-2499 backport (slocate) [since FEDORA-2005-770]
 2005-2498 version (php xml_rpc, fixed 1.4.0) [since FEDORA-2005-810]
 2005-2496 backport (ntp, fixed 4.2.0b) ...0a-20040617-ntpd_guid.patch
@@ -78,8 +85,8 @@
 2005-2491 backport (pcre, fixed 6.2) [since FEDORA-2005-803]
 2005-2491 ignore (httpd, pcre uses system pcre)
 2005-2491 ignore (php, pcre uses system pcre)
-2005-2492 backport (kernel, fixed 2.6.13.1) [since FEDORA-2005-906]
-2005-2490 backport (kernel, fixed 2.6.13.1) [since FEDORA-2005-906]
+2005-2492 version (kernel, fixed 2.6.13.1) [since FEDORA-2005-949] was backport since FEDORA-2005-906
+2005-2490 version (kernel, fixed 2.6.13.1) [since FEDORA-2005-949] was backport since FEDORA-2005-906
 2005-2475 VULNERABLE (unzip) bz#164928
 2005-2471 backport (netpbm) [since FEDORA-2005-728]
 2005-2459 ignore (kernel, fixed 2.6.12.5) dropped as code path not possible

More information about the fedora-extras-commits mailing list