fedora-security/audit fc4,1.160,1.161 fc5,1.68,1.69
Mark Cox (mjc)
fedora-extras-commits at redhat.com
Fri Feb 24 09:32:33 UTC 2006
- Previous message (by thread): rpms/rtorrent/FC-4 rtorrent.spec,1.2,1.3 sources,1.2,1.3
- Next message (by thread): rpms/cpan2rpm/devel .cvsignore, 1.2, 1.3 cpan2rpm.spec, 1.4, 1.5 sources, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mjc
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2852
Modified Files:
fc4 fc5
Log Message:
Add squirrelmail and note to look at tar
Index: fc4
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc4,v
retrieving revision 1.160
retrieving revision 1.161
diff -u -r1.160 -r1.161
--- fc4 22 Feb 2006 03:04:54 -0000 1.160
+++ fc4 24 Feb 2006 09:32:23 -0000 1.161
@@ -1,5 +1,5 @@
-Up to date CVE as of CVE email 20060216
-Up to date FC4 as of 20060216
+Up to date CVE as of CVE email 20060223
+Up to date FC4 as of 20060223
** are items that need attention
@@ -18,11 +18,13 @@
CVE-2006-0455 version (gnupg, fixed 1.4.2.1) [since FEDORA-2006-116]
CVE-2006-0454 backport (kernel, fixed 2.6.15.3) [since FEDORA-2006-102] patch-2.6.15.3
CVE-2006-0405 version (libtiff, 3.8.0 only)
+CVE-2006-0377 VULNERABLE (squirrelmail) bz#182585
CVE-2006-0369 ignore (mysql) this is not a security issue
CVE-2006-0321 version (fetchmail, fixed 6.3.2) 6.3.X only affected
CVE-2006-0301 backport (xpdf) [since FEDORA-2006-104]
CVE-2006-0301 version (poppler, fixed 0.4.5) [since FEDORA-2006-103]
CVE-2006-0301 backport (kdegraphics) [since FEDORA-2006-105]
+CVE-2006-0300 ** tar
CVE-2006-0299 version (firefox, 1.5 only)
CVE-2006-0299 version (mozilla, 1.8 branch only)
CVE-2006-0299 version (thunderbird, 1.5 only)
@@ -54,6 +56,8 @@
CVE-2006-0207 VULNERABLE (php) bz#178044
CVE-2006-0200 version (php, 5.1.0 5.1.1 only)
CVE-2006-0197 ** xorg-x11
+CVE-2006-0195 VULNERABLE (squirrelmail) bz#182582
+CVE-2006-0188 VULNERABLE (squirrelmail) bz#182580
CVE-2006-0097 ignore (php) Windows only
CVE-2006-0096 ignore (kernel) minor and requires root
CVE-2006-0095 backport (kernel) [since FEDORA-2006-102] linux-2.6-dm-crypt-zero-key-before-free.patch
@@ -382,6 +386,7 @@
CVE-2005-1934 version (gaim, fixed 1.3.1) [since FEDORA-2005-411]
CVE-2005-1921 version (php, fixed xml_rpm 1.3.1) [since FEDORA-2005-518]
CVE-2005-1920 version (kdelibs, fixed 3.4.1) [since FEDORA-2005-437]
+CVE-2005-1918 version (tar)
CVE-2005-1913 version (kernel, fixed 2.6.12.2) [since FEDORA-2005-510]
CVE-2005-1852 version (kdenetwork, fixed 3.4.2) [since FEDORA-2005-670] was backport since FEDORA-2005-624
CVE-2005-1849 backport (zlib, fixed 1.2.3) [since FEDORA-2005-626]
Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.68
retrieving revision 1.69
diff -u -r1.68 -r1.69
--- fc5 22 Feb 2006 13:53:20 -0000 1.68
+++ fc5 24 Feb 2006 09:32:23 -0000 1.69
@@ -1,4 +1,4 @@
-Up to date CVE as of CVE email 20060219
+Up to date CVE as of CVE email 20060223
Up to date FC5 as of FC5-Test3
1. Removed packages with security issues that are no longer in FC5
@@ -32,11 +32,13 @@
CVE-2006-0455 version (gnupg, fixed 1.4.2.1)
CVE-2006-0454 backport (kernel, fixed 2.6.15.3) patch-2.6.16-rc3
CVE-2006-0405 version (libtiff, 3.8.0 only)
+CVE-2006-0377 version (squirrelmail, fixed 1.4.6)
CVE-2006-0369 ignore (mysql) this is not a security issue
CVE-2006-0321 version (fetchmail, fixed 6.3.2)
CVE-2006-0301 backport (xpdf) xpdf-3.01pl2.patch
CVE-2006-0301 version (poppler, fixed 0.4.5)
CVE-2006-0301 backport (kdegraphics) post-3.5.1-kdegraphics-CVE-2006-0301.diff
+CVE-2006-0300 ** tar
CVE-2006-0299 version (firefox, fixed 1.5.0.1)
CVE-2006-0299 version (mozilla, 1.8 branch only)
CVE-2006-0299 version (thunderbird, fixed 1.5)
@@ -68,6 +70,8 @@
CVE-2006-0207 version (php, fixed 5.1.2)
CVE-2006-0200 version (php, fixed 5.1.2)
CVE-2006-0197 ignore (xorg-x11) not an issue
+CVE-2006-0195 version (php-pear, not 1.4.4)
+CVE-2006-0188 version (squirrelmail, fixed 1.4.6)
CVE-2006-0144 version (php-pear, not 1.4.4)
CVE-2006-0097 ignore (php) Windows only
CVE-2006-0096 ignore (kernel) minor and requires root
@@ -391,6 +395,7 @@
CVE-2005-1934 version (gaim, fixed 1.3.1)
CVE-2005-1921 version (php, fixed xml_rpc:1.3.1)
CVE-2005-1920 version (kdelibs, fixed 3.4.1)
+CVE-2005-1918 version (tar)
CVE-2005-1913 version (kernel, fixed 2.6.12.2)
CVE-2005-1852 version (kdenetwork, fixed 3.4.2)
CVE-2005-1849 version (zlib, fixed 1.2.3)
- Previous message (by thread): rpms/rtorrent/FC-4 rtorrent.spec,1.2,1.3 sources,1.2,1.3
- Next message (by thread): rpms/cpan2rpm/devel .cvsignore, 1.2, 1.3 cpan2rpm.spec, 1.4, 1.5 sources, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list