[Fedora-security-commits] fedora-security/audit f10, 1.20, 1.21 f8, 1.239, 1.240 f9, 1.230, 1.231

fedora-security-commits at redhat.com fedora-security-commits at redhat.com
Wed Oct 22 17:15:25 UTC 2008 

Author: thoger

Update of /cvs/fedora/fedora-security/audit
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv18369/audit

Modified Files:
	f10 f8 f9 
Log Message:
jhead + updates



Index: f10
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f10,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- f10	14 Oct 2008 16:05:00 -0000	1.20
+++ f10	22 Oct 2008 17:14:54 -0000	1.21
@@ -4,6 +4,10 @@
 # *CVE are items that need verification for Fedora 10
 # (mozilla) = (gecko-libs dependent stuff)
 
+CVE-2008-4641 VULNERABLE (jhead) 
+CVE-2008-4640 VULNERABLE (jhead) 
+CVE-2008-4639 version (jhead, fixed 2.84) [since jhead-2.84-1.fc10] 
+CVE-2008-4575 version (jhead, fixed 2.84) [since jhead-2.84-1.fc10] 
 CVE-2008-4437 VULNERABLE (bugzilla, fixed 3.0.5) #465959 
 CVE-2008-4434 ignore (bittorrent) 6.x only
 CVE-2008-4422 backport (libxml2, fixed 2.7.2) [since libxml2-2.7.1-2.fc10] 


Index: f8
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f8,v
retrieving revision 1.239
retrieving revision 1.240
diff -u -r1.239 -r1.240
--- f8	14 Oct 2008 16:05:00 -0000	1.239
+++ f8	22 Oct 2008 17:14:54 -0000	1.240
@@ -6,6 +6,10 @@
 
 rhbz293031 fixed (nx) #293031 [since FEDORA-2008-2258] 
 rhbz249840 version (tor, fixed 0.1.2.15) 
+CVE-2008-4641 VULNERABLE (jhead) 
+CVE-2008-4640 VULNERABLE (jhead) 
+CVE-2008-4639 fixed (jhead, fixed 2.84) [since FEDORA-2008-8941] 
+CVE-2008-4575 fixed (jhead, fixed 2.84) [since FEDORA-2008-8941] 
 CVE-2008-4437 VULNERABLE (bugzilla, fixed 3.0.5) #465957
 CVE-2008-4434 ignore (bittorrent) 6.x only
 CVE-2008-4422 fixed (libxml2, fixed 2.7.2) [since FEDORA-2008-8582] 
@@ -28,7 +32,7 @@
 CVE-2008-4100 VULNERABLE (adns) #462752 upstream design decision
 CVE-2008-4099 VULNERABLE (python-pydns, fixed 2.3.2) #462765 
 CVE-2008-4096 fixed (phpMyAdmin, fixed 2.11.9.1) [since FEDORA-2008-8269] 
-CVE-2008-4094 VULNERABLE (rubygem-activerecord, fixed 2.1.1) [since FEDORA-2008-8282] 
+CVE-2008-4094 fixed (rubygem-activerecord, fixed 2.1.1) [since FEDORA-2008-8282] 
 CVE-2008-4070 fixed (seamonkey, fixed 1.1.12) [since FEDORA-2008-8401] 
 CVE-2008-4069 fixed (firefox, fixed 2.0.0.17) [since FEDORA-2008-8399] 
 CVE-2008-4069 fixed (seamonkey, fixed 1.1.12) [since FEDORA-2008-8401] 
@@ -95,12 +99,12 @@
 CVE-2008-3699 fixed (amarok, fixed 1.4.40) [since FEDORA-2008-7719] 
 CVE-2008-3663 VULNERABLE (squirrelmail, fixed 1.4.16) #464184 
 CVE-2008-3662 VULNERABLE (gallery2, fixed 2.2.6) #462871 
-CVE-2008-3661 VULNERABLE (drupal) #464163 ignored by upstream
+CVE-2008-3661 fixed (drupal) #464163 [since FEDORA-2008-8905] ignored by upstream
 CVE-2008-3657 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8736] 
 CVE-2008-3656 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8736] 
 CVE-2008-3655 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8736] 
-CVE-2008-3652 VULNERABLE (ipsec-tools) #465472 
-CVE-2008-3651 VULNERABLE (ipsec-tools, fixed 0.7.1) #465472 
+CVE-2008-3652 VULNERABLE (ipsec-tools) #465472 [since FEDORA-2008-9016] 
+CVE-2008-3651 VULNERABLE (ipsec-tools, fixed 0.7.1) #465472 [since FEDORA-2008-9016] 
 CVE-2008-3641 VULNERABLE (cups, fixed 1.3.9) #466418 
 CVE-2008-3640 VULNERABLE (cups, fixed 1.3.9) #466418 
 CVE-2008-3639 VULNERABLE (cups, fixed 1.3.9) #466418 
@@ -147,7 +151,7 @@
 CVE-2008-3139 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6645] 
 CVE-2008-3138 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6645] 
 CVE-2008-3137 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6645] 
-CVE-2008-3102 VULNERABLE (mantis, fixed 1.1.3) #464135 
+CVE-2008-3102 fixed (mantis, fixed 1.1.3) #464135 [since FEDORA-2008-9015] 
 CVE-2008-3067 VULNERABLE (sudo, fixed 1.6.9p12) 
 CVE-2008-2960 fixed (phpMyAdmin, fixed 2.11.7) [since FEDORA-2008-5640] PMASA-2008-4
 CVE-2008-2954 fixed (linuxdcpp) #453732 [since FEDORA-2008-6038] 
@@ -229,7 +233,7 @@
 CVE-2008-2377 ignore (gnutls, fixed 2.4.1) 2.3.5+ only
 CVE-2008-2376 fixed (ruby, fixed 1.8.6-p257) [since FEDORA-2008-6094] 
 CVE-2008-2375 ignore (vsftpd) pre-2.0.5 versions only
-CVE-2008-2374 VULNERABLE (bluez-libs, fixed 3.34) #452820 [since FEDORA-2008-6140] 
+CVE-2008-2374 fixed (bluez-libs, fixed 3.34) #452820 [since FEDORA-2008-6140] 
 CVE-2008-2371 fixed (pcre) #453555 [since FEDORA-2008-6111] 
 CVE-2008-2371 fixed (glib2) #453559 [since FEDORA-2008-6025] 
 CVE-2008-2370 fixed (tomcat5, fixed 5.5.27) #460125 [since FEDORA-2008-8130] 


Index: f9
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/f9,v
retrieving revision 1.230
retrieving revision 1.231
diff -u -r1.230 -r1.231
--- f9	14 Oct 2008 16:05:00 -0000	1.230
+++ f9	22 Oct 2008 17:14:54 -0000	1.231
@@ -5,6 +5,10 @@
 # (mozilla) = (gecko-libs dependent stuff)
 
 rhbz249840 version (tor, fixed 0.1.2.15)
+CVE-2008-4641 VULNERABLE (jhead) 
+CVE-2008-4640 VULNERABLE (jhead) 
+CVE-2008-4639 fixed (jhead, fixed 2.84) [since FEDORA-2008-8928] 
+CVE-2008-4575 fixed (jhead, fixed 2.84) [since FEDORA-2008-8928] 
 CVE-2008-4437 VULNERABLE (bugzilla, fixed 3.0.5) #465958
 CVE-2008-4434 ignore (bittorrent) 6.x only
 CVE-2008-4422 fixed (libxml2, fixed 2.7.2) [since FEDORA-2008-8575] 
@@ -88,7 +92,7 @@
 CVE-2008-3790 fixed (ruby) [since FEDORA-2008-8738] 
 CVE-2008-3789 fixed (samba, fixed 3.2.3) [since FEDORA-2008-7243] 
 CVE-2008-3747 fixed (wordpress, fixed 2.6.1) [since FEDORA-2008-7279] 
-CVE-2008-3746 VULNERABLE (neon, fixed 0.28.3) #460415 [since FEDORA-2008-7661] 
+CVE-2008-3746 fixed (neon, fixed 0.28.3) #460415 [since FEDORA-2008-7661] 
 CVE-2008-3745 fixed (drupal, fixed 6.4) [since FEDORA-2008-7626] 
 CVE-2008-3744 fixed (drupal, fixed 6.4) [since FEDORA-2008-7626] 
 CVE-2008-3743 fixed (drupal, fixed 6.4) [since FEDORA-2008-7626] 
@@ -99,12 +103,12 @@
 CVE-2008-3699 fixed (amarok, fixed 1.4.40) [since FEDORA-2008-7739] 
 CVE-2008-3663 VULNERABLE (squirrelmail, fixed 1.4.16) #464185 [since FEDORA-2008-8559] 
 CVE-2008-3662 VULNERABLE (gallery2, fixed 2.2.6) #462872 
-CVE-2008-3661 VULNERABLE (drupal) #464164 ignored by upstream
+CVE-2008-3661 fixed (drupal) #464164 [since FEDORA-2008-8852] ignored by upstream
 CVE-2008-3657 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8738] 
 CVE-2008-3656 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8738] 
 CVE-2008-3655 fixed (ruby, fixed 1.8.6-p287, 1.8.7-p72) [since FEDORA-2008-8738] 
-CVE-2008-3652 VULNERABLE (ipsec-tools) #465473 
-CVE-2008-3651 VULNERABLE (ipsec-tools, fixed 0.7.1) #465473 
+CVE-2008-3652 VULNERABLE (ipsec-tools) #465473 [since FEDORA-2008-9007] 
+CVE-2008-3651 VULNERABLE (ipsec-tools, fixed 0.7.1) #465473 [since FEDORA-2008-9007] 
 CVE-2008-3641 VULNERABLE (cups, fixed 1.3.9) #466419 
 CVE-2008-3640 VULNERABLE (cups, fixed 1.3.9) #466419 
 CVE-2008-3639 VULNERABLE (cups, fixed 1.3.9) #466419 
@@ -153,7 +157,7 @@
 CVE-2008-3139 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6440] 
 CVE-2008-3138 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6440] 
 CVE-2008-3137 fixed (wireshark, fixed 1.0.1) [since FEDORA-2008-6440] 
-CVE-2008-3102 VULNERABLE (mantis, fixed 1.1.3) #464136 
+CVE-2008-3102 fixed (mantis, fixed 1.1.3) #464136 [since FEDORA-2008-8925] 
 CVE-2008-3067 version (sudo, fixed 1.6.9p12) 
 CVE-2008-2960 fixed (phpMyAdmin, fixed 2.11.7) [since FEDORA-2008-5676] PMASA-2008-4
 CVE-2008-2954 fixed (linuxdcpp) #453733 [since FEDORA-2008-6018]

More information about the Fedora-security-commits mailing list