[Fedora-security-commits] fedora-security/audit f10, 1.20, 1.21 f8, 1.239, 1.240 f9, 1.230, 1.231
fedora-security-commits at redhat.com
fedora-security-commits at redhat.com
Wed Oct 22 17:15:25 UTC 2008
Author: thoger
Update of /cvs/fedora/fedora-security/audit
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv18369/audit
Modified Files:
f10 f8 f9
Log Message:
jhead + updates
Index: f10
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f10,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- f10 14 Oct 2008 16:05:00 -0000 1.20
+++ f10 22 Oct 2008 17:14:54 -0000 1.21
@@ -4,6 +4,10 @@
# *CVE are items that need verification for Fedora 10
# (mozilla) = (gecko-libs dependent stuff)
+CVE-2008-4641 VULNERABLE (jhead)
+CVE-2008-4640 VULNERABLE (jhead)
+CVE-2008-4639 version (jhead, fixed 2.84) [since jhead-2.84-1.fc10]
+CVE-2008-4575 version (jhead, fixed 2.84) [since jhead-2.84-1.fc10]
CVE-2008-4437 VULNERABLE (bugzilla, fixed 3.0.5) #465959
CVE-2008-4434 ignore (bittorrent) 6.x only
CVE-2008-4422 backport (libxml2, fixed 2.7.2) [since libxml2-2.7.1-2.fc10]
Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.239
retrieving revision 1.240
diff -u -r1.239 -r1.240
--- f8 14 Oct 2008 16:05:00 -0000 1.239
+++ f8 22 Oct 2008 17:14:54 -0000 1.240
@@ -6,6 +6,10 @@
rhbz293031 fixed (nx) #293031 [since FEDORA-2008-2258]
rhbz249840 version (tor, fixed 0.1.2.15)
+CVE-2008-4641 VULNERABLE (jhead)
+CVE-2008-4640 VULNERABLE (jhead)
+CVE-2008-4639 fixed (jhead, fixed 2.84) [since FEDORA-2008-8941]
+CVE-2008-4575 fixed (jhead, fixed 2.84) [since FEDORA-2008-8941]
CVE-2008-4437 VULNERABLE (bugzilla, fixed 3.0.5) #465957
CVE-2008-4434 ignore (bittorrent) 6.x only
CVE-2008-4422 fixed (libxml2, fixed 2.7.2) [since FEDORA-2008-8582]
@@ -28,7 +32,7 @@
CVE-2008-4100 VULNERABLE (adns) #462752 upstream design decision
CVE-2008-4099 VULNERABLE (python-pydns, fixed 2.3.2) #462765
CVE-2008-4096 fixed (phpMyAdmin, fixed 2.11.9.1) [since FEDORA-2008-8269]
-CVE-2008-4094 VULNERABLE (rubygem-activerecord, fixed 2.1.1) [since FEDORA-2008-8282]
+CVE-2008-4094 fixed (rubygem-activerecord, fixed 2.1.1) [since FEDORA-2008-8282]
CVE-2008-4070 fixed (seamonkey, fixed 1.1.12) [since FEDORA-2008-8401]
CVE-2008-4069 fixed (firefox, fixed 2.0.0.17) [since FEDORA-2008-8399]
CVE-2008-4069 fixed (seamonkey, fixed 1.1.12) [since FEDORA-2008-8401]
@@ -95,12 +99,12 @@
CVE-2008-3699 fixed (amarok, fixed 1.4.40) [since FEDORA-2008-7719]
CVE-2008-3663 VULNERABLE (squirrelmail, fixed 1.4.16) #464184
CVE-2008-3662 VULNERABLE (gallery2, fixed 2.2.6) #462871
-CVE-2008-3661 VULNERABLE (drupal) #464163 ignored by upstream
+CVE-2008-3661 fixed (drupal) #464163 [since FEDORA-2008-8905] ignored by upstream
CVE-2008-3657 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8736]
CVE-2008-3656 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8736]
CVE-2008-3655 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8736]
-CVE-2008-3652 VULNERABLE (ipsec-tools) #465472
-CVE-2008-3651 VULNERABLE (ipsec-tools, fixed 0.7.1) #465472
+CVE-2008-3652 VULNERABLE (ipsec-tools) #465472 [since FEDORA-2008-9016]
+CVE-2008-3651 VULNERABLE (ipsec-tools, fixed 0.7.1) #465472 [since FEDORA-2008-9016]
CVE-2008-3641 VULNERABLE (cups, fixed 1.3.9) #466418
CVE-2008-3640 VULNERABLE (cups, fixed 1.3.9) #466418
CVE-2008-3639 VULNERABLE (cups, fixed 1.3.9) #466418
@@ -147,7 +151,7 @@
CVE-2008-3139 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6645]
CVE-2008-3138 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6645]
CVE-2008-3137 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6645]
-CVE-2008-3102 VULNERABLE (mantis, fixed 1.1.3) #464135
+CVE-2008-3102 fixed (mantis, fixed 1.1.3) #464135 [since FEDORA-2008-9015]
CVE-2008-3067 VULNERABLE (sudo, fixed 1.6.9p12)
CVE-2008-2960 fixed (phpMyAdmin, fixed 2.11.7) [since FEDORA-2008-5640] PMASA-2008-4
CVE-2008-2954 fixed (linuxdcpp) #453732 [since FEDORA-2008-6038]
@@ -229,7 +233,7 @@
CVE-2008-2377 ignore (gnutls, fixed 2.4.1) 2.3.5+ only
CVE-2008-2376 fixed (ruby, fixed 1.8.6-p257) [since FEDORA-2008-6094]
CVE-2008-2375 ignore (vsftpd) pre-2.0.5 versions only
-CVE-2008-2374 VULNERABLE (bluez-libs, fixed 3.34) #452820 [since FEDORA-2008-6140]
+CVE-2008-2374 fixed (bluez-libs, fixed 3.34) #452820 [since FEDORA-2008-6140]
CVE-2008-2371 fixed (pcre) #453555 [since FEDORA-2008-6111]
CVE-2008-2371 fixed (glib2) #453559 [since FEDORA-2008-6025]
CVE-2008-2370 fixed (tomcat5, fixed 5.5.27) #460125 [since FEDORA-2008-8130]
Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.230
retrieving revision 1.231
diff -u -r1.230 -r1.231
--- f9 14 Oct 2008 16:05:00 -0000 1.230
+++ f9 22 Oct 2008 17:14:54 -0000 1.231
@@ -5,6 +5,10 @@
# (mozilla) = (gecko-libs dependent stuff)
rhbz249840 version (tor, fixed 0.1.2.15)
+CVE-2008-4641 VULNERABLE (jhead)
+CVE-2008-4640 VULNERABLE (jhead)
+CVE-2008-4639 fixed (jhead, fixed 2.84) [since FEDORA-2008-8928]
+CVE-2008-4575 fixed (jhead, fixed 2.84) [since FEDORA-2008-8928]
CVE-2008-4437 VULNERABLE (bugzilla, fixed 3.0.5) #465958
CVE-2008-4434 ignore (bittorrent) 6.x only
CVE-2008-4422 fixed (libxml2, fixed 2.7.2) [since FEDORA-2008-8575]
@@ -88,7 +92,7 @@
CVE-2008-3790 fixed (ruby) [since FEDORA-2008-8738]
CVE-2008-3789 fixed (samba, fixed 3.2.3) [since FEDORA-2008-7243]
CVE-2008-3747 fixed (wordpress, fixed 2.6.1) [since FEDORA-2008-7279]
-CVE-2008-3746 VULNERABLE (neon, fixed 0.28.3) #460415 [since FEDORA-2008-7661]
+CVE-2008-3746 fixed (neon, fixed 0.28.3) #460415 [since FEDORA-2008-7661]
CVE-2008-3745 fixed (drupal, fixed 6.4) [since FEDORA-2008-7626]
CVE-2008-3744 fixed (drupal, fixed 6.4) [since FEDORA-2008-7626]
CVE-2008-3743 fixed (drupal, fixed 6.4) [since FEDORA-2008-7626]
@@ -99,12 +103,12 @@
CVE-2008-3699 fixed (amarok, fixed 1.4.40) [since FEDORA-2008-7739]
CVE-2008-3663 VULNERABLE (squirrelmail, fixed 1.4.16) #464185 [since FEDORA-2008-8559]
CVE-2008-3662 VULNERABLE (gallery2, fixed 2.2.6) #462872
-CVE-2008-3661 VULNERABLE (drupal) #464164 ignored by upstream
+CVE-2008-3661 fixed (drupal) #464164 [since FEDORA-2008-8852] ignored by upstream
CVE-2008-3657 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8738]
CVE-2008-3656 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8738]
CVE-2008-3655 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8738]
-CVE-2008-3652 VULNERABLE (ipsec-tools) #465473
-CVE-2008-3651 VULNERABLE (ipsec-tools, fixed 0.7.1) #465473
+CVE-2008-3652 VULNERABLE (ipsec-tools) #465473 [since FEDORA-2008-9007]
+CVE-2008-3651 VULNERABLE (ipsec-tools, fixed 0.7.1) #465473 [since FEDORA-2008-9007]
CVE-2008-3641 VULNERABLE (cups, fixed 1.3.9) #466419
CVE-2008-3640 VULNERABLE (cups, fixed 1.3.9) #466419
CVE-2008-3639 VULNERABLE (cups, fixed 1.3.9) #466419
@@ -153,7 +157,7 @@
CVE-2008-3139 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6440]
CVE-2008-3138 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6440]
CVE-2008-3137 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6440]
-CVE-2008-3102 VULNERABLE (mantis, fixed 1.1.3) #464136
+CVE-2008-3102 fixed (mantis, fixed 1.1.3) #464136 [since FEDORA-2008-8925]
CVE-2008-3067 version (sudo, fixed 1.6.9p12)
CVE-2008-2960 fixed (phpMyAdmin, fixed 2.11.7) [since FEDORA-2008-5676] PMASA-2008-4
CVE-2008-2954 fixed (linuxdcpp) #453733 [since FEDORA-2008-6018]
More information about the Fedora-security-commits
mailing list