fedora-security/audit fc6,1.229,1.230 fc7,1.55,1.56

Lubomir Kundrak (lkundrak) fedora-extras-commits at redhat.com
Fri Aug 3 07:20:33 UTC 2007 

Author: lkundrak

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15790

Modified Files:
	fc6 fc7 
Log Message:
Updates



Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.229
retrieving revision 1.230
diff -u -r1.229 -r1.230
--- fc6	2 Aug 2007 15:19:32 -0000	1.229
+++ fc6	3 Aug 2007 07:20:30 -0000	1.230
@@ -5,7 +5,7 @@
 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
 
 # Up to date CVE as of CVE email 20070801
-# Up to date FC6 as of 20070802
+# Up to date FC6 as of 20070803
 
 CVE-2007-4029 VULNERABLE (libvorbis) #250600
 CVE-2007-4168 backport (libexif) #243892 [since FEDORA-2007-614]
@@ -32,7 +32,6 @@
 CVE-2007-3126 ignore (gimp) just a crash
 CVE-2007-3106 VULNERABLE (libvorbis) #250600
 CVE-2007-2926 backport (bind, fixed 9.4.1) [since FEDORA-2007-647]
-CVE-2007-2894 VULNERABLE (bochs) #241799
 CVE-2007-2876 version (kernel, fixed 2.6.21.5) [since FEDORA-2007-600]
 CVE-2007-2875 version (kernel) [since FEDORA-2007-600]
 *CVE-2007-2874 (wpa_supplicant) #242455
@@ -72,8 +71,8 @@
 CVE-2007-1396 ignore (php) feature, not a flaw
 CVE-2007-1362 version (mozilla) #241840 [since FEDORA-2007-549]
 CVE-2007-1357 version (kernel) [since FEDORA-2007-432]
-CVE-2007-1352 VULNERABLE (libXfont) #235265
-CVE-2007-1351 VULNERABLE (libXfont) #235265
+CVE-2007-1352 fixed (libXfont) #235265 [since FEDORA-2007-423]
+CVE-2007-1351 fixed (libXfont) #235265 [since FEDORA-2007-423]
 CVE-2007-1349 backport (mod_perl) [since FEDORA-2007-577]
 CVE-2007-1263 version (gnupg, fixed 1.4.7) [since FEDORA-2007-315]
 CVE-2007-1262 version (squirrelmail, fixed 1.4.10a) #239704 [since FEDORA-2007-505]


Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -r1.55 -r1.56
--- fc7	1 Aug 2007 15:19:31 -0000	1.55
+++ fc7	3 Aug 2007 07:20:30 -0000	1.56
@@ -5,7 +5,8 @@
 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
 # A couple of first F7 updates were marked as FEDORA-2007-0001
 
-# Version: FEDORA-2007-1070
+# Up to date CVE as of CVE email 20070801
+# Up to date FC7 as of 20070802
 
 CVE-NOID      VULNERABLE (tor, fixed 0.1.2.15) #249840
 CVE-2007-4168 backport (libexif) #243892 [since FEDORA-2007-0414]
@@ -56,6 +57,7 @@
 CVE-2007-3381 version (gdm, fixed 2.18.4) #250277 [since FEDORA-2007-1362]
 CVE-2007-3378 ignore (php) safe mode escape
 CVE-2007-3377 version (perl-Net-DNS, fixed 0.60) #245612 [since EDORA-2007-0668]
+CVE-2007-3304 backport (httpd) #244665 [since FEDORA-2007-0704]
 CVE-2007-3257 backport (evolution) #244283 [since FEDORA-2007-0464]
 CVE-2007-3241 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894]
 CVE-2007-3240 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894]
@@ -161,7 +163,8 @@
 CVE-2007-1870 version (lighttpd, fixed 1.4.14) #236489
 CVE-2007-1869 version (lighttpd, fixed 1.4.14) #236489
 CVE-2007-1864 version (php, fixed 5.2.2)
-*CVE-2007-1862 (httpd)
+CVE-2007-1863 backport (httpd) #244665 [since FEDORA-2007-0704]
+CVE-2007-1862 backport (httpd) #242606 [since FEDORA-2007-0704]
 *CVE-2007-1859 (xscreensaver)
 *CVE-2007-1858 (tomcat)
 CVE-2007-1856 backport (vixie-cron) #235882 vixie-cron-4.1-hardlink.patch
@@ -190,10 +193,11 @@
 CVE-2007-1583 version (php, fixed 5.2.2)
 CVE-2007-1565 ignore (konqueror) client crash
 CVE-2007-1564 vulnerable (konqueror) [#CVE-2007-1564]
-CVE-2007-1562 version (firefox, seamonkey, thunderbird) #241840
+CVE-2007-1562 version (mozilla) #241840
 CVE-2007-1560 version (squid, fixed 2.6.STABLE12)
 CVE-2007-1558 version (claws-mail, fixed 2.9.1) #237293
 *CVE-2007-1558 backport (sylpheed, fixed 2.3.1-1)
+*CVE-2007-1558 VULNERABLE (evolution)
 CVE-2007-1547 version (nas, fixed 1.8a-2) #233353
 CVE-2007-1546 version (nas, fixed 1.8a-2) #233353
 CVE-2007-1545 version (nas, fixed 1.8a-2) #233353
@@ -497,6 +501,7 @@
 CVE-2006-5757 version (kernel, fixed 2.6.19) [since FEDORA-2007-058] was backport since FEDORA-2006-1223
 *CVE-2006-5754 (kernel)
 *CVE-2006-5753 backport (kernel, fixed 2.6.20.1) [since FEDORA-2007-291]
+CVE-2006-5752 backport (httpd) #244665 [since FEDORA-2007-0704]
 CVE-2006-5751 version (kernel, fixed 2.6.19, fixed 2.6.18.4) [since FEDORA-2006-1471]
 *CVE-2006-5750 (jboss)
 *CVE-2006-5749 VULNERABLE (kernel, fixed 2.6.20-rc2)
@@ -545,7 +550,7 @@
 VE-2006-5295 version (clamav, fixed 0.88.5) #210973
 *CVE-2006-5276 VULNERABLE (snort) #229265
 CVE-2006-5229 ignore (openssh) not reproduced
-*CVE-2006-5215 VULNERABLE (xorg-x11-xinit) #212167
+CVE-2006-5215 backport (xorg-x11-xinit) #212167 [since FEDORA-2007-1409]
 *CVE-2006-5215 version (xorg-x11-xdm)
 CVE-2006-5215 ignore (kdebase) #212166 links to xinit Xsession
 *CVE-2006-5214 VULNERABLE (xorg-x11-xinit) #212167
@@ -2210,7 +2215,7 @@
 *CVE-2003-1295 (xscreensaver)
 *CVE-2003-1294 (xscreensaver)
 CVE-2003-1265 VULNERABLE (thunderbird) https://bugzilla.mozilla.org/show_bug.cgi?id=198442
-CVE-2003-1265 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=198442
+CVE-2003-1265 VULNERABLE (seamonkey) https://bugzilla.mozilla.org/show_bug.cgi?id=198442
 CVE-2003-1232 version (emacs, fixed 21.3)
 CVE-2003-1201 version (openldap, not 2.2)
 CVE-2003-1161 version (kernel, not released version)

More information about the fedora-extras-commits mailing list