fedora-security/audit fc7,1.7,1.8
Josh Bressers (bressers)
fedora-extras-commits at redhat.com
Wed Jun 13 18:06:56 UTC 2007
Author: bressers
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26004
Modified Files:
fc7
Log Message:
Deal with the squid CVE ids.
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- fc7 13 Jun 2007 14:00:41 -0000 1.7
+++ fc7 13 Jun 2007 18:06:54 -0000 1.8
@@ -100,7 +100,7 @@
*CVE-2007-1565 ignore (konqueror) client crash
*CVE-2007-1564 vulnerable (konqueror) [#CVE-2007-1564]
*CVE-2007-1562 (firefox, seamonkey, thunderbird)
-*CVE-2007-1560 (squid)
+CVE-2007-1560 version (squid, fixed 2.6.STABLE12)
*CVE-2007-1558 version (claws-mail, fixed 2.9.1) #237293
*CVE-2007-1558 backport (sylpheed, fixed 2.3.1-1)
*CVE-2007-1547 version (nas, fixed 1.8a-2) #233353
@@ -245,8 +245,8 @@
*CVE-2007-0404 version (Django, fixed 0.95.1)
*CVE-2007-0341 ignore (phpMyAdmin, 2.8.x only)
*CVE-2007-0262 version (wordpress, fixed 2.1-0) #223101
-*CVE-2007-0248 version (squid, fixed 2.6.STABLE7) [since FEDORA-2007-073]
-*CVE-2007-0247 version (squid, fixed 2.6.STABLE7) #222883 [since FEDORA-2007-073]
+CVE-2007-0248 version (squid, fixed 2.6.STABLE7) [since FEDORA-2007-073]
+CVE-2007-0247 version (squid, fixed 2.6.STABLE7) #222883 [since FEDORA-2007-073]
CVE-2007-0243 ignore, no-ship (java-ibm)
*CVE-2007-0242 patch (qt4, fixed 4.2.3-7)
*CVE-2007-0240 patch (zope, fixed 2.9.6-2) #233378
@@ -1211,7 +1211,7 @@
*CVE-2005-3352 version (httpd, fixed 2.2.1)
*CVE-2005-3351 version (spamassassin, fixed 3.1.0)
*CVE-2005-3350 (libungif)
-*CVE-2005-3322 version (squid) not upstream, SUSE only
+CVE-2005-3322 version (squid) not upstream, SUSE only
*CVE-2005-3319 ignore (mod_php) no security consequence
*CVE-2005-3313 version (wireshark, fixed after 0.10.13)
*CVE-2005-3276 version (kernel, fixed 2.6.12.4)
@@ -1221,7 +1221,7 @@
*CVE-2005-3272 version (kernel, fixed 2.6.13)
*CVE-2005-3271 version (kernel, fixed 2.6.9)
*CVE-2005-3269 (fedora directory server)
-*CVE-2005-3258 version (squid, fixed 2.5STABLE12)
+CVE-2005-3258 version (squid, fixed 2.5STABLE12)
*CVE-2005-3257 version (kernel, fixed 2.6.15)
*CVE-2005-3249 version (wireshark, fixed 0.10.13)
*CVE-2005-3248 version (wireshark, fixed 0.10.13)
@@ -1286,7 +1286,7 @@
*CVE-2005-2933 version (libc-client, fixed 2004g at least)
*CVE-2005-2929 backport (lynx) changelog
*CVE-2005-2922 (helixplayer)
-*CVE-2005-2917 version (squid, fixed 2.5.STABLE11)
+CVE-2005-2917 version (squid, fixed 2.5.STABLE11)
*CVE-2005-2876 version (util-linux, fixed 2.13-pre3)
*CVE-2005-2874 version (cups, fixed 1.1.23)
*CVE-2005-2873 version (kernel, fixed 2.6.18-rc1)
@@ -1298,8 +1298,8 @@
*CVE-2005-2800 version (kernel, fixed 2.6.12.6)
CVE-2005-2798 version (openssh, fixed 4.2)
CVE-2005-2797 version (openssh, fixed 4.2)
-*CVE-2005-2796 version (squid, fixed 2.5.STABLE11)
-*CVE-2005-2794 version (squid, fixed 2.5.STABLE11)
+CVE-2005-2796 version (squid, fixed 2.5.STABLE11)
+CVE-2005-2794 version (squid, fixed 2.5.STABLE11)
*CVE-2005-2728 version (httpd, not 2.2)
*CVE-2005-2710 (helixplayer)
*CVE-2005-2709 version (kernel, fixed 2.6.14.3)
@@ -1449,7 +1449,7 @@
*CVE-2005-1532 version (thunderbird)
*CVE-2005-1532 version (firefox, fixed 1.0.4)
*CVE-2005-1531 version (firefox, fixed 1.0.4)
-*CVE-2005-1519 version (squid, fixed 2.5.STABLE10)
+CVE-2005-1519 version (squid, fixed 2.5.STABLE10)
*CVE-2005-1476 (firefox,seamonkey,thunderbird)
*CVE-2005-1470 version (wireshark, fixed 0.10.11)
*CVE-2005-1469 version (wireshark, fixed 0.10.11)
@@ -1473,7 +1473,7 @@
*CVE-2005-1409 version (postgresql, fixed 8.0.1)
*CVE-2005-1369 version (kernel, fixed 2.6.12)
*CVE-2005-1368 version (kernel, fixed 2.6.12)
-*CVE-2005-1345 version (squid, fixed 2.5.STABLE10)
+CVE-2005-1345 version (squid, fixed 2.5.STABLE10)
*CVE-2005-1344 ignore (httpd) not a vulnerability
*CVE-2005-1281 version (wireshark, fixed 0.10.11)
*CVE-2005-1280 version (tcpdump, fixed 3.9.2)
@@ -1555,7 +1555,7 @@
*CVE-2005-0749 version (kernel, fixed 2.6.11.6)
*CVE-2005-0739 version (wireshark, fixed after 0.10.9)
*CVE-2005-0736 version (kernel, fixed 2.6.11)
-*CVE-2005-0718 version (squid, fixed 2.5.STABLE8)
+CVE-2005-0718 version (squid, fixed 2.5.STABLE8)
*CVE-2005-0711 version (mysql, fixed 4.1.11)
*CVE-2005-0710 version (mysql, fixed 4.1.11)
*CVE-2005-0709 version (mysql, fixed 4.1.11)
@@ -1566,7 +1566,7 @@
*CVE-2005-0664 version (libexif, fixed 0.6.12)
*CVE-2005-0654 ignore (gimp, not fixed 2.2) upstream considers harmless
*CVE-2005-0627 version (qt, fixed 3.3.4)
-*CVE-2005-0626 version (squid, fixed 2.5.STABLE10)
+CVE-2005-0626 version (squid, fixed 2.5.STABLE10)
*CVE-2005-0611 (helixplayer)
*CVE-2005-0605 version (libXpm, fixed 3.5.4 at least)
*CVE-2005-0602 ignore (unzip, fixed 5.52) this is really expected behaviour
@@ -1610,7 +1610,7 @@
*CVE-2005-0452 (perl)
*CVE-2005-0449 version (kernel, fixed 2.6.11)
*CVE-2005-0448 version (perl, fixed 5.8.6)
-*CVE-2005-0446 version (squid, fixed 2.5.STABLE9)
+CVE-2005-0446 version (squid, fixed 2.5.STABLE9)
*CVE-2005-0404 ignore (kde) won't fix http://bugs.kde.org/show_bug.cgi?id=96020
*CVE-2005-0403 version (kernel) not upstream
*CVE-2005-0402 version (firefox, fixed 1.0.2)
@@ -1631,7 +1631,7 @@
*CVE-2005-0246 version (postgresql, fixed 8.0.1)
*CVE-2005-0245 version (postgresql, fixed 8.0.1)
*CVE-2005-0244 version (postgresql, fixed 8.0.1)
-*CVE-2005-0241 version (squid, fixed 2.5.STABLE8)
+CVE-2005-0241 version (squid, fixed 2.5.STABLE8)
*CVE-2005-0238 version (epiphany, fixed since mozilla 1.7.6)
*CVE-2005-0237 version (kdelibs, fixed 3.4.0)
*CVE-2005-0233 version (firefox, fixed 1.0.1)
@@ -1640,7 +1640,7 @@
*CVE-2005-0230 version (thunderbird, fixed 1.0.2)
*CVE-2005-0230 version (firefox, fixed 1.0.1)
*CVE-2005-0227 version (postgresql, fixed 8.0.1)
-*CVE-2005-0211 version (squid, fixed 2.5.STABLE8)
+CVE-2005-0211 version (squid, fixed 2.5.STABLE8)
*CVE-2005-0210 version (kernel, fixed 2.6.11)
*CVE-2005-0209 version (kernel, fixed 2.6.11)
*CVE-2005-0208 version (gaim, fixed 1.1.4)
@@ -1649,7 +1649,7 @@
*CVE-2005-0204 version (kernel) didn't affect upstream
*CVE-2005-0202 version (mailman, fixed 2.1.6)
*CVE-2005-0201 version (dbus, fixed 0.36.1)
-*CVE-2005-0194 version (squid, fixed 2.5.STABLE8)
+CVE-2005-0194 version (squid, fixed 2.5.STABLE8)
*CVE-2005-0191 (helixplayer)
*CVE-2005-0189 (helixplayer)
*CVE-2005-0180 version (kernel, fixed 2.6.11)
@@ -1657,9 +1657,9 @@
*CVE-2005-0178 version (kernel, fixed 2.6.11)
*CVE-2005-0177 version (kernel, fixed 2.6.11)
*CVE-2005-0176 version (kernel, fixed 2.6.10) only affected 2.6.9
-*CVE-2005-0175 version (squid, fixed 2.5.STABLE8)
-*CVE-2005-0174 version (squid, fixed 2.5.STABLE8)
-*CVE-2005-0173 version (squid, fixed 2.5.STABLE8)
+CVE-2005-0175 version (squid, fixed 2.5.STABLE8)
+CVE-2005-0174 version (squid, fixed 2.5.STABLE8)
+CVE-2005-0173 version (squid, fixed 2.5.STABLE8)
*CVE-2005-0162 version (openswan, fixed 2.3.0)
*CVE-2005-0156 version (perl, fixed 5.8.8)
*CVE-2005-0155 version (perl, fixed 5.8.8)
@@ -1685,10 +1685,10 @@
*CVE-2005-0103 version (squirrelmail, fixed 1.4.4)
*CVE-2005-0102 version (evolution-data-server, fixed 1.2.2 at least)
*CVE-2005-0100 version (emacs, fixed 21.4 at least)
-*CVE-2005-0097 version (squid, fixed 2.5.STABLE8)
-*CVE-2005-0096 version (squid, fixed 2.5.STABLE8)
-*CVE-2005-0095 version (squid, fixed 2.5.STABLE8)
-*CVE-2005-0094 version (squid, fixed 2.5.STABLE8)
+CVE-2005-0097 version (squid, fixed 2.5.STABLE8)
+CVE-2005-0096 version (squid, fixed 2.5.STABLE8)
+CVE-2005-0095 version (squid, fixed 2.5.STABLE8)
+CVE-2005-0094 version (squid, fixed 2.5.STABLE8)
*CVE-2005-0092 version (kernel, not affected)
*CVE-2005-0091 version (kernel, not affected)
*CVE-2005-0090 version (kernel, not affected)
@@ -1726,7 +1726,7 @@
*CVE-2004-2660 version (kernel, fixed 2.6.10)
*CVE-2004-2657 ignore (firefox) windows only
*CVE-2004-2655 (xscreensaver)
-*CVE-2004-2654 version (squid, fixed 2.6STABLE6)
+CVE-2004-2654 version (squid, fixed 2.6STABLE6)
*CVE-2004-2645 (asn1c)
*CVE-2004-2644 (asn1c)
*CVE-2004-2607 version (kernel, fixed 2.6.5)
@@ -1735,8 +1735,8 @@
*CVE-2004-2541 ignore (cscope) blocked by FORTIFY_SOURCE
*CVE-2004-2536 version (kernel, fixed 2.6.7)
*CVE-2004-2531 version (gnutls, fixed 1.0.17)
-*CVE-2004-2480 ignore (squid) , not reproducable
-*CVE-2004-2479 version (squid, fixed 2.5.STABLE8)
+CVE-2004-2480 ignore (squid) , not reproducable
+CVE-2004-2479 version (squid, fixed 2.5.STABLE8)
*CVE-2004-2396 version (passwd, fixed 0.69)
*CVE-2004-2395 version (passwd, fixed 0.69)
*CVE-2004-2394 version (passwd, fixed 0.69)
@@ -1899,7 +1899,7 @@
*CVE-2004-0930 version (samba, fixed 3.0.8)
*CVE-2004-0929 version (libtiff, fixed 3.7.0)
*CVE-2004-0923 version (cups, fixed 1.2.22)
-*CVE-2004-0918 version (squid, fixed 2.4.STABLE7)
+CVE-2004-0918 version (squid, fixed 2.4.STABLE7)
*CVE-2004-0914 version (xorg-x11, fixed after 6.8.1)
*CVE-2004-0909 version (thunderbird)
*CVE-2004-0909 version (firefox)
@@ -1924,7 +1924,7 @@
*CVE-2004-0837 version (mysql, fixed 4.0.21)
*CVE-2004-0836 version (mysql, fixed 4.0.21)
*CVE-2004-0835 version (mysql, fixed 4.1.2)
-*CVE-2004-0832 version (squid, fixed 2.5.STABLE7)
+CVE-2004-0832 version (squid, fixed 2.5.STABLE7)
*CVE-2004-0829 version (samba, fixed 2.2.11)
*CVE-2004-0827 version (ImageMagick, fixed 6.0.6.2)
*CVE-2004-0826 version (nss, fixed 3.9.2)
@@ -2010,7 +2010,7 @@
*CVE-2004-0550 (helixplayer)
*CVE-2004-0548 ignore (aspell, not fixed 0.50.5) not a security issue
*CVE-2004-0547 version (postgresql, fixed 7.2.1)
-*CVE-2004-0541 version (squid)
+CVE-2004-0541 version (squid, fixed 2.5.STABLE6)
*CVE-2004-0535 version (kernel, fixed 2.6.6)
*CVE-2004-0527 version (konqueror, not 3+)
*CVE-2004-0523 version (krb5, fixed 1.3.4)
@@ -2070,7 +2070,7 @@
*CVE-2004-0229 version (kernel, fixed 2.6.6)
*CVE-2004-0228 version (kernel, fixed 2.6.6)
*CVE-2004-0226 version (mc, fixed 4.6.0)
-*CVE-2004-0189 version (squid, fixed 2.5.STABLE5)
+CVE-2004-0189 version (squid, fixed 2.5.STABLE5)
*CVE-2004-0186 version (samba, not 3.0.2a)
CVE-2004-0185 ignore, no-ship (wu-ftpd)
*CVE-2004-0184 version (tcpdump, fixed 3.8.2)
@@ -2502,9 +2502,9 @@
*CVE-2002-0759 version (bzip2, fixed 1.0.2)
*CVE-2002-0728 version (libpng, fixed 1.2.4)
*CVE-2002-0717 version (php, fixed 4.2.2)
-*CVE-2002-0715 version (squid, fixed 2.4.STABLE6)
-*CVE-2002-0714 version (squid, fixed 2.4.STABLE6)
-*CVE-2002-0713 version (squid, fixed 2.4.STABLE6)
+CVE-2002-0715 version (squid, fixed 2.4.STABLE6)
+CVE-2002-0714 version (squid, fixed 2.4.STABLE6)
+CVE-2002-0713 version (squid, fixed 2.4.STABLE6)
*CVE-2002-0704 version (kernel, fixed 2.6.11)
*CVE-2002-0702 version (dhcpd, fixed 3.0.1)
*CVE-2002-0684 version (glibc, fixed afted 2.2.5)
@@ -2566,7 +2566,7 @@
*CVE-2002-0169 ignore (docbook) was RHL only
*CVE-2002-0165 version (logwatch, fixed 2.6)
*CVE-2002-0164 version (XFree86, fixed 4.2.1)
-*CVE-2002-0163 version (squid, fixed 20020312)
+CVE-2002-0163 version (squid, fixed 2.4.STABLE6)
*CVE-2002-0162 version (logwatch, fixed 2.5)
*CVE-2002-0157 version (nautilus)
*CVE-2002-0146 version (fetchmail, fixed 5.9.10)
@@ -2578,9 +2578,9 @@
*CVE-2002-0082 version (mod_ssl, not httpd 2.2)
*CVE-2002-0081 version (php, not 4.2+)
CVE-2002-0080 version (rsync, fixed 2.5.3)
-*CVE-2002-0069 version (squid, fixed 2.4STABLE4)
-*CVE-2002-0068 version (squid, fixed 2.4STABLE4)
-*CVE-2002-0067 version (squid, fixed 2.4STABLE4)
+CVE-2002-0069 version (squid, fixed 2.4STABLE4)
+CVE-2002-0068 version (squid, fixed 2.4STABLE4)
+CVE-2002-0067 version (squid, fixed 2.4STABLE4)
*CVE-2002-0063 version (cups, fixed 1.1.14)
*CVE-2002-0062 version (ncurses, only 5.0)
*CVE-2002-0060 version (kernel, fixed 2.5.5)
@@ -2616,6 +2616,6 @@
*CVE-1999-1572 backport (cpio) cpio-2.6-umask.patch
*CVE-1999-1332 (gzip)
CVE-1999-0997 ignore, no-ship (wu-ftpd)
-*CVE-1999-0710 (squid)
+CVE-1999-0710 version (squid, fixed 2.5.STABLE10)
CVE-1999-0473 version (rsync, fixed 2.3.1)
*CVE-1999-0103 (bind)
More information about the fedora-extras-commits
mailing list