[Fedora-security-commits] fedora-security/audit f8, 1.202, 1.203 f9, 1.192, 1.193 fc7, 1.358, 1.359

fedora-security-commits at redhat.com fedora-security-commits at redhat.com
Wed Apr 23 10:06:41 UTC 2008


Author: thoger

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8939/audit

Modified Files:
	f8 f9 fc7 
Log Message:
note WebKit, asterisk



Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.202
retrieving revision 1.203
diff -u -r1.202 -r1.203
--- f8	18 Apr 2008 15:32:46 -0000	1.202
+++ f8	23 Apr 2008 10:06:11 -0000	1.203
@@ -6,6 +6,7 @@
 
 rhbz293031 fixed (nx) #293031 [since FEDORA-2008-2258] 
 rhbz249840 VULNERABLE (tor) 
+CVE-2008-1897 VULNERABLE (asterisk, fixed 1.4.19.1) 
 CVE-2008-1878 VULNERABLE (xine-lib, fixed 1.1.12.1) #443055 nsf demuxer overflow
 CVE-2008-1837 ignore (clamav, fixed 0.93) unrar code not shipped
 CVE-2008-1836 VULNERABLE (clamav, fixed 0.93) #442363 
@@ -110,7 +111,10 @@
 CVE-2008-1066 version (php-Smarty) #435811 [since FEDORA-2008-1911]
 CVE-2008-1066 fixed (gallery2) #438058 [since FEDORA-2008-2587] 
 CVE-2008-1066 VULNERABLE (php-pear-PhpDocumentor) #438062 
-CVE-2008-1010 ignore (WebKit) Nothing uses WebKit
+CVE-2008-1026 version (WebKit, fixed r31388) [since FEDORA-2008-3229]
+**CVE-2008-1025 VULNERABLE (WebKit) may be fixed in SVN and hence in our packages
+CVE-2008-1011 version (WebKit) [since FEDORA-2008-3229]
+CVE-2008-1010 version (WebKit) [since FEDORA-2008-3229]
 CVE-2008-0983 fixed (lighttpd) #435807 [since FEDORA-2008-2262] 
 CVE-2008-0947 fixed (krb5, fixed 1.6.4) #438023 [since FEDORA-2008-2647] 
 CVE-2008-0932 fixed (sword) #433724 [since FEDORA-2008-1922] why? diatheke.pl is not shipped...


Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.192
retrieving revision 1.193
diff -u -r1.192 -r1.193
--- f9	18 Apr 2008 15:32:46 -0000	1.192
+++ f9	23 Apr 2008 10:06:11 -0000	1.193
@@ -5,6 +5,7 @@
 # (mozilla) = (gecko-libs dependent stuff)
 
 rhbz249840 VULNERABLE (tor) 
+CVE-2008-1897 VULNERABLE (asterisk, fixed 1.6.0.beta3) [since asterisk-1.6.0-0.13.beta8.fc9]
 CVE-2008-1878 VULNERABLE (xine-lib, fixed 1.1.12.1) #443056 nsf demuxer overflow
 CVE-2008-1837 ignore (clamav, fixed 0.93) unrar code not shipped
 CVE-2008-1836 VULNERABLE (clamav, fixed 0.93) #442364 
@@ -109,7 +110,10 @@
 CVE-2008-1066 version (php-Smarty) #435813 [since php-Smarty-2.6.19-1.fc9]
 CVE-2008-1066 VULNERABLE (gallery2) #438060 
 CVE-2008-1066 VULNERABLE (php-pear-PhpDocumentor) #438064 
-CVE-2008-1010 ignore (WebKit) #438537 Nothing uses WebKit
+CVE-2008-1026 version (WebKit, fixed r31388) [since WebKit-1.0.0-0.8.svn31787.fc9]
+**CVE-2008-1025 VULNERABLE (WebKit) may be fixed in SVN and hence in our packages
+CVE-2008-1011 version (WebKit) [since WebKit-1.0.0-0.8.svn31787.fc9]
+CVE-2008-1010 version (WebKit) [since WebKit-1.0.0-0.8.svn31787.fc9]
 CVE-2008-0983 backport (lighttpd) #435809 [since lighttpd-1.4.18-6.fc9]
 CVE-2008-0947 backport (krb5, fixed 1.6.4) [since krb5-1.6.3-10.fc9] 
 CVE-2008-0932 backport (sword) #433726 [since sword-1.5.10-3.fc9] why? diatheke.pl is not shipped...


Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.358
retrieving revision 1.359
diff -u -r1.358 -r1.359
--- fc7	18 Apr 2008 15:32:46 -0000	1.358
+++ fc7	23 Apr 2008 10:06:11 -0000	1.359
@@ -7,6 +7,7 @@
 
 rhbz293031 fixed (nx) #293031 [since FEDORA-2008-2258] 
 rhbz249840 version (tor, fixed 0.1.2.15) #249840 [since FEDORA-2007-1674] 
+CVE-2008-1897 VULNERABLE (asterisk, fixed 1.4.19.1) 
 CVE-2008-1878 VULNERABLE (xine-lib, fixed 1.1.12.1) #443054 nsf demuxer overflow
 CVE-2008-1837 ignore (clamav, fixed 0.93) unrar code not shipped
 CVE-2008-1836 VULNERABLE (clamav, fixed 0.93) #442362 
@@ -111,7 +112,10 @@
 CVE-2008-1066 version (php-Smarty, fixed 2.6.19) #435812 [since FEDORA-2008-1928]
 CVE-2008-1066 fixed (gallery2) #438059 [since FEDORA-2008-2650] 
 CVE-2008-1066 fixed (php-pear-PhpDocumentor) #438063 [since FEDORA-2008-2656] 
-CVE-2008-1010 ignore (WebKit) Nothing uses WebKit
+CVE-2008-1026 VULNERABLE (WebKit, fixed r31388) [since WebKit-1.0.0-0.8.svn31787.fc7]
+**CVE-2008-1025 VULNERABLE (WebKit) may be fixed in SVN and hence in our packages
+CVE-2008-1011 VULNERABLE (WebKit) [since WebKit-1.0.0-0.8.svn31787.fc7]
+CVE-2008-1010 VULNERABLE (WebKit) [since WebKit-1.0.0-0.8.svn31787.fc7]
 CVE-2008-0983 fixed (lighttpd) #435808 [since FEDORA-2008-2278] 
 CVE-2008-0947 fixed (krb5, fixed 1.6.4) #438022 [since FEDORA-2008-2637] 
 CVE-2008-0932 fixed (sword) #433725 [since FEDORA-2008-1951] why? diatheke.pl is not shipped...




More information about the Fedora-security-commits mailing list