[Fedora-security-commits] fedora-security/audit fc6, 1.273, 1.274 fc7, 1.136, 1.137

fedora-security-commits at redhat.com fedora-security-commits at redhat.com
Wed Oct 10 19:45:17 UTC 2007 

Author: lkundrak

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23913

Modified Files:
	fc6 fc7 
Log Message:
Up to date as of today



Index: fc6
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc6,v
retrieving revision 1.273
retrieving revision 1.274
diff -u -r1.273 -r1.274
--- fc6	9 Oct 2007 06:58:08 -0000	1.273
+++ fc6	10 Oct 2007 19:45:15 -0000	1.274
@@ -4,13 +4,14 @@
 # *CVE are items that need verification for Fedora Core 6
 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
 
-# Up to date CVE as of CVE email 20071004
-# Up to date FC6 as of 20071003
+# Up to date CVE as of CVE email 20071010
+# Up to date FC6 as of 20071010
 
 CVE-2007-5191 VULNERABLE (util-linux) #320141
-CVE-2007-5162 VULNERABLE (ruby) #313801
+CVE-2007-5162 version (ruby) #313801 [since FEDORA-2007-718]
 CVE-2007-5137 VULNERABLE (tk, fixed 8.4.16)
-CVE-2007-5034 version (elinks) #297611 [since ???]
+CVE-2007-5034 version (elinks) #297611 [since FEDORA-2007-710]
+CVE-2007-4993 backport (xen) [since FEDORA-2007-713]
 CVE-2007-4965 VULNERABLE (python) imageop module heap overflow
 CVE-2007-4924 VULNERABLE (opal, fixed 2.2.10) #297561
 CVE-2007-4897 VULNERABLE (opal, fixed 2.2.8) #297561
@@ -29,7 +30,8 @@
 CVE-2007-4659 ignore (php, fixed 5.2.4) #276531 (FC7/php-5.2 only)
 CVE-2007-4658 backport (php, fixed 5.2.4) #278011 [since FEDORA-2007-709]
 CVE-2007-4657 ingore (php, fixed 5.2.4) arbitrary read not remotly triggerable
-CVE-2007-4569 VULNERABLE (kdebase) #299741
+CVE-2007-4571 version (kernel) [since FEDORA-2007-714]
+CVE-2007-4569 backport (kdebase) #299741 [since FEDORA-2007-716]
 CVE-2007-4565 backport (fetchmail) #260881 [since FEDORA-2007-689]
 CVE-2007-4559 VULNERABLE (python) tarfile module - directory traversal #315291
 CVE-2007-4558 ignore (star, fixed 1.5a84) duplicate of CVE-2007-4134
@@ -39,7 +41,7 @@
 CVE-2007-4251 ignore (openoffice.org) just a crash
 CVE-2007-4229 ignore (kdebase) just an ASSERT fail
 CVE-2007-4225 ignore (kdebase) caused by fix to CVE-2007-3820 which we never shipped
-CVE-2007-4224 ignore (kdebase) too obvious -- mouse pointer indicates script activity
+CVE-2007-4224 backport (kdebase) too obvious -- mouse pointer indicates script activity [since FEDORA-2007-716]
 CVE-2007-4211 version (dovecot, fixed 1.0.3) #251009 [since FEDORA-2007-664]
 CVE-2007-4137 backport (qt) #292951 [since FEDORA-2007-703]
 CVE-2007-4134 VULNERABLE (star, fixed 1.5a84) #254129
@@ -61,7 +63,7 @@
 CVE-2007-3844 VULNERABLE (firefox) #250648 "fixed on next update"
 CVE-2007-3843 VULNERABLE (kernel) #246595
 CVE-2007-3841 ignore (pidgin) ethically disclosed
-CVE-2007-3820 ** (kdebase) #248537
+CVE-2007-3820 backport (kdebase) #248537 [since FEDORA-2007-716]
 CVE-2007-3799 backport (php) [since FEDORA-2007-709]
 CVE-2007-3798 version (tcpdump, fixed 3.9.7) #250290 [since FEDORA-2007-654]
 CVE-2007-3782 VULNERABLE (mysql, fixed 5.0.44)
@@ -145,6 +147,8 @@
 CVE-2007-1352 fixed (libXfont) #235265 [since FEDORA-2007-423]
 CVE-2007-1351 fixed (libXfont) #235265 [since FEDORA-2007-423]
 CVE-2007-1349 backport (mod_perl) [since FEDORA-2007-577]
+CVE-2007-1321 backport (xen) #238723 [since FEDORA-2007-713]
+CVE-2007-1320 backport (xen) #238723 [since FEDORA-2007-713]
 CVE-2007-1308 version (kdelibs)
 CVE-2007-1263 version (gnupg, fixed 1.4.7) [since FEDORA-2007-315]
 CVE-2007-1262 version (squirrelmail, fixed 1.4.10a) #239704 [since FEDORA-2007-505]


Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.136
retrieving revision 1.137
diff -u -r1.136 -r1.137
--- fc7	9 Oct 2007 22:49:05 -0000	1.136
+++ fc7	10 Oct 2007 19:45:15 -0000	1.137
@@ -11,8 +11,8 @@
 CVE-2007-5226 VULNERABLE (dircproxy) #319301
 CVE-2007-5201 VULNERABLE (duplicity) #293081
 CVE-2007-5198 VULNERABLE (nagios-plugins, fixed 1.4.10) #315101
-CVE-2007-5191 VULNERABLE (util-linux) #320131
-CVE-2007-5162 VULNERABLE (ruby) #313791
+CVE-2007-5191 backport (util-linux) #320141 [since FEDORA-2007-2462]
+CVE-2007-5162 version (ruby) #313801 [since FEDORA-2007-2406]
 CVE-2007-5159 backport (ntfs-3g) #298651 [since FEDORA-2007-2295]
 CVE-2007-5137 VULNERABLE (tk, fixed 8.4.16)
 CVE-2007-5106 ignore (wordpress) affects old 2.0.x versions

More information about the Fedora-security-commits mailing list