fedora-security/audit fc5,1.367,1.368 fc6,1.121,1.122

Mark Cox (mjc) fedora-extras-commits at redhat.com
Wed Oct 25 09:45:33 UTC 2006 

Author: mjc

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv30288

Modified Files:
	fc5 fc6 
Log Message:
Updates from cve mails and pushes



Index: fc5
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc5,v
retrieving revision 1.367
retrieving revision 1.368
diff -u -r1.367 -r1.368
--- fc5	24 Oct 2006 19:48:55 -0000	1.367
+++ fc5	25 Oct 2006 09:45:31 -0000	1.368
@@ -1,11 +1,11 @@
-Up to date CVE as of CVE email 20061022
-Up to date FC5 as of 20061016
+Up to date CVE as of CVE email 20061024
+Up to date FC5 as of 20061024
 
 ** are items that need attention
 
 CVE-2006-5331 VULNERABLE (kernel, fixed after 2.6.19-rc2)
-CVE-2006-5298 VULNERABLE (mutt)
-CVE-2006-5297 VULNERABLE (mutt)
+CVE-2006-5298 backport (mutt) [since FEDORA-2006-1061]
+CVE-2006-5297 backport (mutt) [since FEDORA-2006-1061]
 CVE-2006-5229 ignore (openssh) reported not an issue
 CVE-2006-5215 VULNERABLE (xorg-x11-xdm)
 CVE-2006-5215 VULNERABLE (xorg-x11-xinit)
@@ -32,11 +32,11 @@
 CVE-2006-4842 ignore (nspr) Nothing setuid links with nspr
 CVE-2006-4813 version (kernel, fixed 2.6.13)
 CVE-2006-4812 backport (php) [since FEDORA-2006-1024] **
-CVE-2006-4811 VULNERABLE (qt) #211342
+CVE-2006-4811 version (qt, fixed 3.3.7) #211342 [since FEDORA-2006-1056]
 CVE-2006-4790 backport (gnutls, fixed 1.4.4) [since FEDORA-2006-974]
 CVE-2006-4663 ignore (kernel) not a vulnerability
 CVE-2006-4625 version (php, fixed 5.1.6) [since FEDORA-2006-1024]
-CVE-2006-4624 VULNERABLE (mailman, fixed 2.1.9rc1) #205652
+CVE-2006-4624 version (mailman, fixed 2.1.9rc1) #205652 [since FEDORA-2006-1013]
 CVE-2006-4623 version (kernel, fixed 2.6.18-rc1) [since FEDORA-2006-1022]
 CVE-2006-4600 VULNERABLE (openldap, fixed 2.3.25) #205827
 CVE-2006-4573 VULNERABLE (screen) #212057
@@ -159,7 +159,7 @@
 CVE-2006-3677 VULNERABLE (mozilla)
 CVE-2006-3672 ignore (konqueror) just a crash
 CVE-2006-3665 ignore (squirrelmail) don't enable register_globals!
-CVE-2006-3636 VULNERABLE (mailman, fixed 2.1.9)
+CVE-2006-3636 version (mailman, fixed 2.1.9) [since FEDORA-2006-1013]
 CVE-2006-3634 version (kernel, fixed 2.6.17.8) [since FEDORA-2006-906] s390 only
 CVE-2006-3632 version (ethereal, fixed wireshark-0.99.2) [since FEDORA-2006-860]
 CVE-2006-3631 version (ethereal, fixed wireshark-0.99.2) [since FEDORA-2006-860]
@@ -208,7 +208,7 @@
 CVE-2006-3016 version (php, fixed 5.1.3) [since FEDORA-2006-1024]
 CVE-2006-3011 version (php, fixed 5.1.5) [since FEDORA-2006-1024]
 CVE-2006-3005 ignore (libjpeg) not a vuln
-CVE-2006-2941 VULNERABLE (mailman, fixed 2.1.9)
+CVE-2006-2941 version (mailman, fixed 2.1.9) [since FEDORA-2006-1013]
 CVE-2006-2940 backport (openssl, fixed 0.9.8d) [since FEDORA-2006-1004]
 CVE-2006-2937 backport (openssl, fixed 0.9.8d) [since FEDORA-2006-1004]
 CVE-2006-2936 version (kernel, fixed 2.6.16.27, fixed 2.6.17.7) [since FEDORA-2006-906]
@@ -1653,6 +1653,7 @@
 CVE-2004-0005 version (gaim, fixed 0.76)
 CVE-2004-0003 version (kernel, not 2.6)
 CVE-2004-0001 version (kernel, not 2.6)
+CVE-2003-1307 ** mod_php
 CVE-2003-1303 version (php, fixed 4.3.3)
 CVE-2003-1302 version (php, fixed 4.3.1)
 CVE-2003-1295 version (xscreensaver)


Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.121
retrieving revision 1.122
diff -u -r1.121 -r1.122
--- fc6	24 Oct 2006 19:48:55 -0000	1.121
+++ fc6	25 Oct 2006 09:45:31 -0000	1.122
@@ -1,11 +1,11 @@
-Up to date CVE as of CVE email 20061022
-Up to date FC6 as of GOLD
+Up to date CVE as of CVE email 20061024
+Up to date FC6 as of 20061024
 
 ** are items that need attention
 
 CVE-2006-5331 VULNERABLE (kernel, fixed after 2.6.19-rc2)
-CVE-2006-5298 VULNERABLE (mutt)
-CVE-2006-5297 VULNERABLE (mutt)
+CVE-2006-5298 backport (mutt) [since FEDORA-2006-1063]
+CVE-2006-5297 backport (mutt) [since FEDORA-2006-1063]
 CVE-2006-5229 ignore (openssh) not reproduced
 CVE-2006-5215 version (xorg-x11-xdm)
 CVE-2006-5215 VULNERABLE (xorg-x11-xinit)
@@ -30,7 +30,7 @@
 CVE-2006-4842 ignore (nspr) Nothing setuid links with nspr
 CVE-2006-4813 version (kernel, fixed 2.6.13)
 CVE-2006-4812 VULNERABLE (php)
-CVE-2006-4811 VULNERABLE (qt) #211347
+CVE-2006-4811 version (qt, fixed 3.3.7) [since FEDORA-2006-1055]
 CVE-2006-4790 backport (gnutls, fixed 1.4.4)
 CVE-2006-4663 ignore (kernel) not a vulnerability
 CVE-2006-4625 ignore (php) safe mode isn't safe

More information about the fedora-extras-commits mailing list