fedora-security/audit fc6,1.231,1.232

Wed Aug 8 14:59:59 UTC 2007

Author: lkundrak

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14500

Modified Files:
	fc6 
Log Message:
Good developers, good.



Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.231
retrieving revision 1.232
diff -u -r1.231 -r1.232

--- fc6	6 Aug 2007 15:08:43 -0000	1.231
+++ fc6	8 Aug 2007 14:59:57 -0000	1.232
@@ -31,6 +31,7 @@
 CVE-2007-3304 backport (httpd) #244660 [since FEDORA-2007-615]
 CVE-2007-3257 backport (evolution) #244287 [since FEDORA-2007-594]
 CVE-2007-3126 ignore (gimp) just a crash
+CVE-2007-3108 VULNERABLE (openssl) #250574
 CVE-2007-3106 VULNERABLE (libvorbis) #250600
 CVE-2007-2926 backport (bind, fixed 9.4.1) [since FEDORA-2007-647]
 CVE-2007-2876 version (kernel, fixed 2.6.21.5) [since FEDORA-2007-600]
@@ -54,8 +55,8 @@
 CVE-2007-1863 backport (httpd) #244660 [since FEDORA-2007-615]
 CVE-2007-1862 backport (httpd) #244660 [since FEDORA-2007-615]
 CVE-2007-1861 version (kernel) [since FEDORA-2007-482]
-CVE-2007-1856 VULNERABLE (vixie-cron) #235882
-CVE-2007-1841 VULNERABLE (ipsec-tools) #238052
+CVE-2007-1856 backport (vixie-cron) #235882 [since ???]
+CVE-2007-1841 VULNERABLE (ipsec-tools) #238052 [sconklin] Developer busy -- next week.
 CVE-2007-1797 backport (ImageMagick) #235075 [since FEDORA-2007-413]
 CVE-2007-1667 backport (libX11) [since FEDORA-2007-426]
 CVE-2007-1565 ignore (kdebase) client crash
@@ -102,7 +103,7 @@
 CVE-2007-0451 version (spamassassin, fixed 3.1.8) [since FEDORA-2007-241]
 CVE-2007-0248 version (squid, fixed 2.6.STABLE7) [since FEDORA-2007-073]
 CVE-2007-0247 version (squid, fixed 2.6.STABLE7) #222883 [since FEDORA-2007-073]
-CVE-2007-0235 VULNERABLE (libgtop2) #222637
+CVE-2007-0235 version (libgtop2, fixed 2.14.9) #222637 [since ???]
 CVE-2007-0104 ignore (poppler) only client DoS
 CVE-2007-0104 ignore (kdegraphics) only client DoS
 CVE-2007-0086 ignore (apache) not a security issue
@@ -134,7 +135,7 @@
 CVE-2006-6143 ** krb5
 CVE-2006-6142 backport (squirrelmail) #218297 [since FEDORA-2007-089]
 CVE-2006-6128 VULNERABLE (kernel) #250625
-CVE-2006-6107 VULNERABLE (dbus, fixed 1.0.2) #219665
+CVE-2006-6107 backport (dbus, fixed 1.0.2) #219665 [since FEDORA-2006-1475]
 CVE-2006-6106 version (kernel, fixed 2.6.19.2, fixed 2.6.20-rc5) [since FEDORA-2006-1471]
 CVE-2006-6105 version (gdm, fixed 2.14.11) [since FEDORA-2006-1468]
 CVE-2006-6104 backport (mono, fixed 1.1.13.8.2) #220853 [since FEDORA-2007-067]


