fedora-security/audit fc5,1.100,1.101
Marcel Holtmann (holtmann)
fedora-extras-commits at redhat.com
Mon Jun 19 17:39:02 UTC 2006
Author: holtmann
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv791
Modified Files:
fc5
Log Message:
Update with FEDORA-2006-233 (kernel)
Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.100
retrieving revision 1.101
diff -u -r1.100 -r1.101
--- fc5 4 Apr 2006 19:18:05 -0000 1.100
+++ fc5 6 Apr 2006 14:47:59 -0000 1.101
@@ -1,5 +1,6 @@
Up to date CVE as of CVE email 20060330
Up to date FC5 as of 20060330
+Up to date kernel as of 20060405
** are items that need attention
@@ -7,22 +8,22 @@
CVE-2006-1547 VULNERABLE (struts, fixed 1.2.9) bz#187544
CVE-2006-1546 VULNERABLE (struts, fixed 1.2.9) bz#187544
CVE-2006-1542 VULNERABLE (python) bz#169046
-CVE-2006-1368 ** kernel
+CVE-2006-1368 version (kernel, fixed 2.6.16) [since FEDORA-2006-233]
CVE-2006-1354 VULNERABLE (freeradius) bz#186084
-CVE-2006-1343 ** kernel
-CVE-2006-1342 ** kernel
+CVE-2006-1343 ignore (kernel) not vulnerable
+CVE-2006-1342 VULNERABLE (kernel)
CVE-2006-1335 version (gnome-screensaver, fixed 2.14)
CVE-2006-1296 backport (beagle) bz#185981 [since FEDORA-2006-188]
CVE-2006-1273 ignore (firefox) this issue only affects IE
CVE-2006-1244 ignore (xpdf) duplicate of other cve named issues
-CVE-2006-1242 ** kernel
+CVE-2006-1242 VULNERABLE (kernel)
CVE-2006-1095 ignore (mod_python, 3.2.7 only)
CVE-2006-1079 ignore (httpd) not a vulnerability
CVE-2006-1078 ignore (httpd) not a vulnerability
-CVE-2006-1066 ** kernel
+CVE-2006-1066 version (kernel, fixed 2.6.16) [since FEDORA-2006-233]
CVE-2006-1061 backport (curl, fixed 7.15.3) [since FEDORA-2006-189]
CVE-2006-1059 version (samba, fixed 3.0.22 at least) bz#187170 [since FEDORA-2006-259]
-CVE-2006-1052 backport (kernel) patch-2.6.16-rc6
+CVE-2006-1052 version (kernel, fixed 2.6.16) patch-2.6.16-rc6 [since FEDORA-2006-233]
CVE-2006-1045 VULNERABLE (thunderbird)
CVE-2006-1015 ignore (php) safe mode isn't safe
CVE-2006-1014 ignore (php) safe mode isn't safe
@@ -31,17 +32,17 @@
CVE-2006-0836 VULNERABLE (thunderbird)
CVE-2006-0746 version (kdegraphics, fixed 3.4)
CVE-2006-0745 backport (xorg-x11) [since FEDORA-2006-172]
-CVE-2006-0744 ** kernel
-CVE-2006-0742 backport (kernel) patch-2.6.16-rc6
-CVE-2006-0741 backport (kernel, fixed 2.6.15.5) patch-2.6.16-rc6
+CVE-2006-0744 VULNERABLE (kernel)
+CVE-2006-0742 version (kernel, fixed 2.6.16) patch-2.6.16-rc6 [since FEDORA-2006-233]
+CVE-2006-0741 version (kernel, fixed 2.6.15.5) patch-2.6.16-rc6 [since FEDORA-2006-233]
CVE-2006-0730 version (dovecot, 1.0beta[12] only)
CVE-2006-0678 ignore (postgresql) we don't build --enable-cassert
CVE-2006-0645 version (gnutls, fixed 1.2.10)
CVE-2006-0591 version (postgresql, fixed 8.0.6)
CVE-2006-0576 backport (oprofile) oprofile_opcontrol.patch
-CVE-2006-0557 backport (kernel, fixed 2.6.15.6) patch-2.6.16-rc6
-CVE-2006-0555 backport (kernel) patch-2.6.16-rc6-git3
-CVE-2006-0554 backport (kernel) patch-2.6.16-rc6
+CVE-2006-0557 version (kernel, fixed 2.6.15.6) patch-2.6.16-rc6 [since FEDORA-2006-233]
+CVE-2006-0555 version (kernel, fixed 2.6.16) patch-2.6.16-rc6-git3 [since FEDORA-2006-233]
+CVE-2006-0554 version (kernel, fixed 2.6.16) patch-2.6.16-rc6 [since FEDORA-2006-233]
CVE-2006-0553 version (postgresql, only 8.1, fixed 8.1.3)
CVE-2006-0528 backport (cairo) cairo-1.0.2-chunk-glyphs-CVE-2006-0528.patch
CVE-2006-0496 VULNERABLE (mozilla) not fixed upstream
@@ -49,9 +50,9 @@
CVE-2006-0482 ignore (kernel) sparc only
CVE-2006-0481 version (libpng, 1.2.7 only)
CVE-2006-0459 version (flex) by inspection
-CVE-2006-0457 backport (kernel) patch-2.6.16-rc6
+CVE-2006-0457 version (kernel, fixed 2.6.16) patch-2.6.16-rc6 [since FEDORA-2006-233]
CVE-2006-0455 version (gnupg, fixed 1.4.2.1)
-CVE-2006-0454 backport (kernel, fixed 2.6.15.3) patch-2.6.16-rc6
+CVE-2006-0454 version (kernel, fixed 2.6.15.3) patch-2.6.16-rc6 [since FEDORA-2006-233]
CVE-2006-0405 version (libtiff, 3.8.0 only)
CVE-2006-0377 version (squirrelmail, fixed 1.4.6)
CVE-2006-0369 ignore (mysql) this is not a security issue
@@ -96,15 +97,15 @@
CVE-2006-0144 version (php-pear, not 1.4.4)
CVE-2006-0097 ignore (php) Windows only
CVE-2006-0096 ignore (kernel) minor and requires root
-CVE-2006-0095 backport (kernel) patch-2.6.16-rc6
+CVE-2006-0095 version (kernel, fixed 2.6.16) patch-2.6.16-rc6 [since FEDORA-2006-233]
CVE-2006-0082 version (ImageMagick, not 6.2.5.4)
CVE-2006-0058 version (sendmail, fixed 8.13.6) [since FEDORA-2006-193]
CVE-2006-0052 version (mailman, fixed 2.1.6)
CVE-2006-0049 version (gnupg, fixed 1.4.2.2)
CVE-2006-0040 VULNERABLE (gtkhtml) no upstream fix
-CVE-2006-0037 backport (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6
-CVE-2006-0036 backport (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6
-CVE-2006-0035 backport (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6
+CVE-2006-0037 version (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6 [since FEDORA-2006-233]
+CVE-2006-0036 version (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6 [since FEDORA-2006-233]
+CVE-2006-0035 version (kernel, only 2.6.14 and 2.6.15) patch-2.6.16-rc6 [since FEDORA-2006-233]
CVE-2006-0019 version (kdelibs, fixed 3.5.1)
CVE-2005-4746 version (freeradius) we don't build vulnerable bits
CVE-2005-4745 version (freeradius) we don't build vulnerable bits
@@ -200,7 +201,7 @@
CVE-2005-3359 version (kernel, fixed 2.6.14)
CVE-2005-3358 version (kernel, fixed 2.6.11)
CVE-2005-3357 backport (httpd, affects 2.2.0)
-CVE-2005-3356 backport (kernel) patch-2.6.16-rc6
+CVE-2005-3356 version (kernel, fixed 2.6.16) patch-2.6.16-rc6 [since FEDORA-2006-233]
CVE-2005-3353 version (php, not 5.0)
CVE-2005-3352 backport (httpd, fixed 2.2.1)
CVE-2005-3351 version (spamassassin, fixed 3.1.0)
More information about the fedora-extras-commits
mailing list