[Fedora-security-commits] fedora-security/audit f8, 1.173, 1.174 f9, 1.164, 1.165 fc7, 1.329, 1.330

fedora-security-commits at redhat.com fedora-security-commits at redhat.com
Wed Mar 26 07:31:58 UTC 2008 

Author: lkundrak

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10718

Modified Files:
	f8 f9 fc7 
Log Message:
apc,roundup,centerim,bzip3,viewvc


Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.173
retrieving revision 1.174
diff -u -r1.173 -r1.174
--- f8	25 Mar 2008 08:41:31 -0000	1.173
+++ f8	26 Mar 2008 07:31:28 -0000	1.174
@@ -4,25 +4,26 @@
 # *CVE are items that need verification for Fedora 8
 # (mozilla) = (gecko-libs dependent stuff)
 
-# Up to date CVE as of CVE email 20071215
-# Up to date F8 as of 20080111
-
 GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
 GENERIC-MAP-NOMATCH fixed (wyrd) #433720 [since FEDORA-2008-1963] 
-GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159] 
-GENERIC-MAP-NOMATCH fixed (roundup) #436547 [since FEDORA-2008-2370] 
 GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 
+GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438847 
 CVE-2008-1482 VULNERABLE (xine-lib) #438670 
+CVE-2008-1474 fixed (roundup) #436547 [since FEDORA-2008-2370] 
 CVE-2008-1468 VULNERABLE (namazu) #438667
-CVE-2008-1467 ignore (centerim) drugs
+CVE-2008-1467 VULNERABLE (centerim) #438871
 CVE-2008-1394 ignore (plone) 
 CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438133 
+CVE-2008-1372 ignore (bzip2) Just a crash
 CVE-2008-1360 VULNERABLE (nagios) #437850 
 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
 CVE-2008-1333 ignore (asterisk) not affected
 CVE-2008-1332 VULNERABLE (asterisk, fixed 1.4.18.1) #438133 
 CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
 CVE-2008-1304 ignore (wordpress) bogus CVE id description?
+CVE-2008-1292 fixed (viewvc) #435349 [since FEDORA-2008-2159] 
+CVE-2008-1291 fixed (viewvc) #435349 [since FEDORA-2008-2159] 
+CVE-2008-1290 fixed (viewvc) #435349 [since FEDORA-2008-2159] 
 CVE-2008-1289 VULNERABLE (asterisk, fixed 1.4.18.1) #438133 
 CVE-2008-1284 version (horde, fixed 3.1.7) #436628 [since FEDORA-2008-2362] 
 CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects.


Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.164
retrieving revision 1.165
diff -u -r1.164 -r1.165
--- f9	25 Mar 2008 08:41:31 -0000	1.164
+++ f9	26 Mar 2008 07:31:28 -0000	1.165
@@ -4,19 +4,18 @@
 # *CVE are items that need verification for Fedora 9
 # (mozilla) = (gecko-libs dependent stuff)
 
-# Up to date CVE as of CVE email 20071211
-# Up to date F9 as of 20071029
-
 GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
 GENERIC-MAP-NOMATCH VULNERABLE (wyrd) #433722 
 GENERIC-MAP-NOMATCH fixed (inkscape) #432807  [since inkscape-0.45.1+0.46pre1-4.fc9]
-GENERIC-MAP-NOMATCH version (roundup) #436549 [since roundup-1.4.4-1.fc9]
 GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 
+GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438848 
 CVE-2008-1482 VULNERABLE (xine-lib) #438671 
+CVE-2008-1474 version (roundup) #436549 [since roundup-1.4.4-1.fc9]
 CVE-2008-1468 VULNERABLE (namazu) #438668 
-CVE-2008-1467 ignore (centerim) drugs
+CVE-2008-1467 fixed (centerim) #438871
 CVE-2008-1394 ignore (plone) 
 CVE-2008-1390 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134 
+CVE-2008-1372 ignore (bzip2) Just a crash
 CVE-2008-1360 VULNERABLE (nagios) #437852 
 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
 CVE-2008-1333 VULNERABLE (asterisk, fixed 1.6.0-beta6) #438134 


Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.329
retrieving revision 1.330
diff -u -r1.329 -r1.330
--- fc7	25 Mar 2008 08:41:31 -0000	1.329
+++ fc7	26 Mar 2008 07:31:28 -0000	1.330
@@ -5,25 +5,26 @@
 # (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
 # A couple of first F7 updates were marked as FEDORA-2007-0001
 
-# Up to date CVE as of CVE email 200711215
-# Up to date FC7 as of 20080111
-
 GENERIC-MAP-NOMATCH VULNERABLE (comix) multiple issues tracked via #430635
 GENERIC-MAP-NOMATCH fixed (wyrd) #433721 [since FEDORA-2008-1986] 
-GENERIC-MAP-NOMATCH fixed (viewvc) #435349 [since FEDORA-2008-2159] 
-GENERIC-MAP-NOMATCH fixed (roundup) #436548 [since FEDORA-2008-2471] 
 GENERIC-MAP-NOMATCH VULNERABLE (libsilc) #438382 
+GENERIC-MAP-NOMATCH VULNERABLE (php-pecl-apc) #438846 
 CVE-2008-1482 VULNERABLE (xine-lib) #438669 
+CVE-2008-1474 fixed (roundup) #436548 [since FEDORA-2008-2471] 
 CVE-2008-1468 VULNERABLE (namazu) #438666
-CVE-2008-1467 ignore (centerim) drugs
+CVE-2008-1467 VULNERABLE (centerim) #438871
 CVE-2008-1394 ignore (plone) 
 CVE-2008-1390 VULNERABLE (asterisk, fixed 1.4.19-rc3) #438132 
+CVE-2008-1372 ignore (bzip2) Just a crash
 CVE-2008-1360 VULNERABLE (nagios) #437851 
 CVE-2008-1353 ignore (zabbix) #437848 Needs authorization
 CVE-2008-1333 ignore (asterisk) not affected
 CVE-2008-1332 VULNERABLE (asterisk, fixed 1.4.18.1) #438132 
 CVE-2008-1318 ignore (mediawiki) 1.11.2 security fix applies only for 1.11 we never shipped
 CVE-2008-1304 ignore (wordpress) bogus CVE id description?
+CVE-2008-1292 fixed (viewvc) #435349 [since FEDORA-2008-2159] 
+CVE-2008-1291 fixed (viewvc) #435349 [since FEDORA-2008-2159] 
+CVE-2008-1290 fixed (viewvc) #435349 [since FEDORA-2008-2159] 
 CVE-2008-1289 VULNERABLE (asterisk, fixed 1.4.18.1) #438132 
 CVE-2008-1284 version (horde, fixed 3.1.7) #436628 [since FEDORA-2008-2406] 
 CVE-2008-1270 ignore (lighttpd) Not a bug, requires unlikely and incredibly stupid configuration change with well-documented effects.

More information about the Fedora-security-commits mailing list