fedora-security/audit fc7,1.54,1.55

Lubomir Kundrak (lkundrak) fedora-extras-commits at redhat.com
Wed Aug 1 15:19:34 UTC 2007 

Author: lkundrak

Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1903

Modified Files:
	fc7 
Log Message:
Updated to match FEDORA-2007-1070



Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.54
retrieving revision 1.55
diff -u -r1.54 -r1.55
--- fc7	27 Jul 2007 15:56:53 -0000	1.54
+++ fc7	1 Aug 2007 15:19:31 -0000	1.55
@@ -1,35 +1,44 @@
 # $Id$
 
-** are items that need attention
+# ** are items that need attention
+# *CVE are items that need verification for Fedora 7
+# (mozilla) = (firefox, seamonkey, thunderbird, yelp, devhelp, galeon, liferea. epiphany)
+# A couple of first F7 updates were marked as FEDORA-2007-0001
 
-*CVE are items that need verification for Fedora 7
+# Version: FEDORA-2007-1070
 
 CVE-NOID      VULNERABLE (tor, fixed 0.1.2.15) #249840
-CVE-2007-4168 VULNERABLE (libexif) #243890
+CVE-2007-4168 backport (libexif) #243892 [since FEDORA-2007-0414]
 CVE-2007-4029 VULNERABLE (libvorbis) #245991
-CVE-2007-3950 version (lighttpd, fixed 1.4.16) #249162
-CVE-2007-3949 version (lighttpd, fixed 1.4.16) #249162
-CVE-2007-3948 version (lighttpd, fixed 1.4.16) #249162
-CVE-2007-3947 version (lighttpd, fixed 1.4.16) #249162
-CVE-2007-3946 version (lighttpd, fixed 1.4.16) #249162
+CVE-2007-3950 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
+CVE-2007-3949 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
+CVE-2007-3948 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
+CVE-2007-3947 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
+CVE-2007-3946 version (lighttpd, fixed 1.4.16) #249162 [since FEDORA-2007-1299]
 CVE-2007-3841 WTF (pidgin)
 CVE-2007-3820 ** (kdebase) #248537
 CVE-2007-3799 ** (php)
 CVE-2007-3781 ** (mysql)
 CVE-2007-3782 ** (mysql)
 CVE-2007-3770 ** (xfce-utils)
+CVE-2007-3738 version (mozilla) #248518 [since FEDORA-2007-1138]
+CVE-2007-3737 version (mozilla) #248518 [since FEDORA-2007-1138]
+CVE-2007-3736 version (mozilla) #248518 [since FEDORA-2007-1138]
+CVE-2007-3735 version (mozilla) #248518 [since FEDORA-2007-1138]
 CVE-2007-3728 ignore (libsilc, 1.1.1 only)
 CVE-2007-3725 ** (clamav)
-CVE-2007-3713 VULNERABLE (centericq) #247979
+CVE-2007-3713 backport (centericq) #247979 [since FEDORA-2007-1160]
+CVE-2007-3656 version (mozilla) #248518 [since FEDORA-2007-1138]
+CVE-2007-3642 version (kernel, fixed 2.6.22.1) [since FEDORA-2007-1130]
 CVE-2007-3628 version (php-pear-Structures-DataGrid-DataSource-MDB2, fixed 0.1.10)
 CVE-2007-3555 VULNERABLE (moodle) #247528
 CVE-2007-3546 ignore (nessus-core) Windows only
-CVE-2007-3528 VULNERABLE (dar, fixed 2.3.4) #246760
-CVE-2007-3544 ** (wordpress) #245211
-CVE-2007-3543 ** (wordpress) #245211
+CVE-2007-3528 version (dar, fixed 2.3.4) #246760 [since FEDORA-2007-0904]
+CVE-2007-3544 VULNERABLE (wordpress, NOT fixed 2.2.1) #245211 Incomplete fix for CVE-2007-3543
+CVE-2007-3543 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894]
 CVE-2007-3508 ignore (glibc) not an issue
 CVE-2007-3506 version (freetype, fixed 2.3.4) #235479 [since FEDORA-2007-0033]
-CVE-2007-3507 version (flac123, fixed 0.0.10) #246322
+CVE-2007-3507 version (flac123, fixed 0.0.10) #246322 [since FEDORA-2007-1045]
 CVE-2007-3478 ** (gd)
 CVE-2007-3477 ** (gd)
 CVE-2007-3476 ** (gd)
@@ -37,65 +46,74 @@
 CVE-2007-3474 ** (gd)
 CVE-2007-3473 ** (gd)
 CVE-2007-3472 ** (gd)
-CVE-2007-3410 VULNERABLE (HelixPlayer) #245838
+CVE-2007-3410 backport (HelixPlayer) #245838 [since CVE-2007-3410]
 CVE-2007-3409 version (perl-Net-DNS, fixed 0.60) #245807
-CVE-2007-3393 VULNERABLE (wireshark)
-CVE-2007-3392 VULNERABLE (wireshark)
-CVE-2007-3391 VULNERABLE (wireshark)
-CVE-2007-3390 VULNERABLE (wireshark)
-CVE-2007-3389 VULNERABLE (wireshark)
+CVE-2007-3393 version (wireshark, fixed 0.99.6) [since FEDORA-2007-0982]
+CVE-2007-3392 version (wireshark, fixed 0.99.6) [since FEDORA-2007-0982]
+CVE-2007-3391 version (wireshark, fixed 0.99.6) [since FEDORA-2007-0982]
+CVE-2007-3390 version (wireshark, fixed 0.99.6) [since FEDORA-2007-0982]
+CVE-2007-3389 version (wireshark, fixed 0.99.6) [since FEDORA-2007-0982]
+CVE-2007-3381 version (gdm, fixed 2.18.4) #250277 [since FEDORA-2007-1362]
 CVE-2007-3378 ignore (php) safe mode escape
-CVE-2007-3377 version (perl-Net-DNS, fixed 0.60) #245612
-CVE-2007-3241 ** (wordpress) #245211
-CVE-2007-3240 ** (wordpress) #245211
-CVE-2007-3239 ** (wordpress) #245211
-CVE-2007-3238 ** (wordpress) #245211
+CVE-2007-3377 version (perl-Net-DNS, fixed 0.60) #245612 [since EDORA-2007-0668]
+CVE-2007-3257 backport (evolution) #244283 [since FEDORA-2007-0464]
+CVE-2007-3241 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894]
+CVE-2007-3240 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894]
+CVE-2007-3239 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894]
+CVE-2007-3238 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894]
+CVE-2007-3140 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894]
+CVE-2007-3231 version (mecab, fixed 0.96) [since FEDORA-2007-0366]
 CVE-2007-3209 ignore (mail-notification, shipped with SSL enabled)
 CVE-2007-3106 VULNERABLE (libvorbis) #245991
-CVE-2007-3100 version (iscsi-initiator-utils, fixed 6.2.0.865)
-CVE-2007-3099 version (iscsi-initiator-utils, fixed 6.2.0.865)
+CVE-2007-3100 version (iscsi-initiator-utils, fixed 6.2.0.865) [since FEDORA-2007-0543]
+CVE-2007-3099 version (iscsi-initiator-utils, fixed 6.2.0.865) [since FEDORA-2007-0543]
 CVE-2007-3165 VULNERABLE (tor, fixed 0.1.2.14) #244502
-CVE-2007-3153 version (c-ares, fixed 1.4.0) #243591
-CVE-2007-3152 version (c-ares, fixed 1.4.0) #243591
+CVE-2007-3153 version (c-ares, fixed 1.4.0) #243591 [since FEDORA-2007-0724]
+CVE-2007-3152 version (c-ares, fixed 1.4.0) #243591 [since FEDORA-2007-0724]
 CVE-2007-3145 VULNERABLE (galeon) **
-CVE-2007-3140 ** (wordpress) #245211
+CVE-2007-3140 version (wordpress, fixed 2.2.1) #245211 [since FEDORA-2007-0894]
 CVE-2007-3126 ignore (gimp) just a crash
 CVE-2007-3123 VULNERABLE (clamav, fixed 0.90.3) #245219
 CVE-2007-3122 VULNERABLE (clamav, fixed 0.90.3) #245219
-CVE-2007-3121 version (zvbi, fixed 0.2.25)
+CVE-2007-3121 version (zvbi, fixed 0.2.25) [since FEDORA-2007-0175]
 *CVE-2007-3113 VULNERABLE (cacti) #243592
 *CVE-2007-3112 VULNERABLE (cacti) #243592
+CVE-2007-3089 version (mozilla) #248518 [since FEDORA-2007-1138]
 CVE-2007-3025 ignore (clamav, Solaris only)
 CVE-2007-3024 VULNERABLE (clamav, fixed 0.90.3) #245219
 CVE-2007-3023 VULNERABLE (clamav, fixed 0.90.3) #245219
 CVE-2007-3007 ignore (php) safe mode isn't safe
 *CVE-2007-2975 (openfire)
+CVE-2007-2949 version (gimp, fixed, 2.2.16) [since FEDORA-2007-0725]
+CVE-2007-2926 version (bind, fixed 9.4.1) [since FEDORA-2007-1247]
+CVE-2007-2925 version (bind, fixed 9.4.1) [since FEDORA-2007-1247]
 *CVE-2007-2894 VULNERABLE (bochs) #241799
 CVE-2007-2894 ignore (bochs, unreproducible) #241799
-CVE-2007-2893 patch (bochs, fixed 2.3-5) #241799
+CVE-2007-2893 patch (bochs, fixed 2.3-5) #241799 [since FEDORA-2007-1153]
 CVE-2007-2876 version (kernel, fixed 2.6.21.5) [ since FEDORA-2007-0409 ]
-*CVE-2007-2874 (wpa_supplicant) #242455
-CVE-2007-2873 version (spamassassin, fixed 3.2.1)
-CVE-2007-2871 version (seamonkey, fixed 1.0.9)
-CVE-2007-2870 version (seamonkey, fixed 1.0.9)
-CVE-2007-2869 (firefox)
-CVE-2007-2868 version (seamonkey, fixed 1.0.9)
-CVE-2007-2867 version (seamonkey, fixed 1.0.9)
-CVE-2007-2865 version (phpPgAdmin, fixed 4.1.2) #241489
+CVE-2007-2874 remove-patch (wpa_supplicant) #242455 [since FEDORA-2007-0185]
+CVE-2007-2873 version (spamassassin, fixed 3.2.1) [since FEDORA-2007-0390]
+CVE-2007-2871 version (mozilla) #241840
+CVE-2007-2870 version (mozilla) #241840
+CVE-2007-2869 version (mozilla) #241840
+CVE-2007-2868 version (mozilla) #241840
+CVE-2007-2867 version (mozilla) #241840
+CVE-2007-2865 version (phpPgAdmin, fixed 4.1.2) #241489 [since FEDORA-2007-0469]
 CVE-2007-2844 ignore (php) #241641
 CVE-2007-2843 ignore (konqueror) safari specific
-*CVE-2007-2821 VULNERABLE (wordpress, fixed 2.2) #240970
-*CVE-2007-2799 (file)
+CVE-2007-2821 version (wordpress, fixed 2.2) #245211 [since FEDORA-2007-0894]
+CVE-2007-2799 version (file, fixed 4.21) #241034 [since FEDORA-2007-0836]
+CVE-2007-2798 version (krb5, 1.6.1) [since FEDORA-2007-0740]
 CVE-2007-2768 ignore (openssh) needs pam OPIE which is not shipped.
 CVE-2007-2756 ignore (gd) DoS only
-*CVE-2007-2754 (freetype)
+CVE-2007-2754 backport (freetype) [since FEDORA-2007-0033]
 CVE-2007-2721 patch (jasper, fixed 1.900.1-2) #240397
-*CVE-2007-2683 (mutt)
+CVE-2007-2683 backport (mutt)
 *CVE-2007-2654 VULNERABLE (xfsdump) #240396
-CVE-2007-2650 version (clamav, fixed 0.90.3) #240395
-CVE-2007-2645 ignore (libexif) #240055 DoS only
+CVE-2007-2650 version (clamav, fixed 0.90.3) #240395 [since FEDORA-2007-1154]
+CVE-2007-2645 backport (libexif) #240055 [since FEDORA-2007-0414]
 *CVE-2007-2637 patch (moin, fixed 1.5.7-2)
-*CVE-2007-2627 ** (wordpress) #239904
+CVE-2007-2627 version (wordpress, fixed 2.2.1) #239904 [since FEDORA-2007-0894]
 *CVE-2007-2589 (squirrelmail)
 *CVE-2007-2583 (mysql)
 CVE-2007-2519 ignore (php-pear) no trust boundary is crossed
@@ -113,6 +131,8 @@
 *CVE-2007-2446 (samba)
 CVE-2007-2445 version (libpng10, fixed 1.0.25) #240398
 *CVE-2007-2444 (samba)
+CVE-2007-2443 version (krb5, 1.6.1) [since FEDORA-2007-0740]
+CVE-2007-2442 version (krb5, 1.6.1) [since FEDORA-2007-0740]
 *CVE-2007-2438 VULNERABLE (vim) #238734
 CVE-2007-2437 ignore (xorg-x11) DoS only
 *CVE-2007-2435 (java)
@@ -123,18 +143,18 @@
 *CVE-2007-2353 (axis)
 *CVE-2007-2245 VULNERABLE (phpMyAdmin, fixed 2.10.1) #237882
 CVE-2007-2243 ignore (openssh, fixed 4.6) needs S/KEY support which is not shipped.
-*CVE-2007-2241 (bind)
+CVE-2007-2241 backport (bind) [since FEDORA-2007-0300]
 CVE-2007-2176 ignore (firefox) only affects the java quicktime interaction
 CVE-2007-2172 version (kernel, fixed 2.6.21-rc6)
 *CVE-2007-2165 VULNERABLE (proftpd) #237533
-*CVE-2007-2138 (postgresql)
+CVE-2007-2138 version (postgresql, fixed 8.2.4) #237682 [since FEDORA-2007-0174]
 CVE-2007-2057 version (aircrack-ng, fixed 0.8-0.1)
 CVE-2007-2029 VULNERABLE (clamav, fixed 0.90.3) #245219
 *CVE-2007-2028 (freeradius)
 *CVE-2007-2026 (file)
 CVE-2007-2016 ignore (phpMyAdmin, < 2.8.0.2 never shipped)
 CVE-2007-1997 version (clamav, fixed in 0.90.2)
-*CVE-2007-1995 (quagga) #240488
+CVE-2007-1995 version (quagga, fixed CVE-2007-1995) #240488
 CVE-2007-1897 version (wordpress, fixed 2.1.3) #235912
 CVE-2007-1894 version (wordpress, fixed 2.1.3-0.rc2)
 CVE-2007-1893 version (wordpress, fixed 2.1.3) #235912
@@ -148,6 +168,7 @@
 *CVE-2007-1841 VULNERABLE (ipsec-tools) #238052
 *CVE-2007-1804 VULNERABLE (pulseaudio) #235013
 CVE-2007-1799 version (ktorrent, fixed 2.1.3) #235014
+CVE-2007-1797 version (GraphicsMagick, fixed 1.1.8) [since FEDORA-2007-1340]
 CVE-2007-1745 version (clamav, fixed in 0.90.2) #236703
 *CVE-2007-1743 (httpd)
 *CVE-2007-1742 (httpd)
@@ -159,9 +180,9 @@
 CVE-2007-1710 version (php, fixed 5.2.2)
 CVE-2007-1709 ignore (php) no security impact
 *CVE-2007-1667 (xorg-x11)
-CVE-2007-1665 VULNERABLE (ekg) #246034
-CVE-2007-1664 VULNERABLE (ekg) #246034
-CVE-2007-1663 VULNERABLE (ekg) #246034
+CVE-2007-1665 version (ekg) #246034 [since FEDORA-2007-0791]
+CVE-2007-1664 version (ekg) #246034 [since FEDORA-2007-0791]
+CVE-2007-1663 version (ekg) #246034 [since FEDORA-2007-0791]
 CVE-2007-1649 version (php, fixed 5.2.2)
 CVE-2007-1622 version (wordpress, fixed 2.1.3-0.rc2) #233703
 CVE-2007-1614 version (zziplib, fixed 0.13.49) #233700
@@ -169,7 +190,7 @@
 CVE-2007-1583 version (php, fixed 5.2.2)
 CVE-2007-1565 ignore (konqueror) client crash
 CVE-2007-1564 vulnerable (konqueror) [#CVE-2007-1564]
-CVE-2007-1562 (firefox, seamonkey, thunderbird)
+CVE-2007-1562 version (firefox, seamonkey, thunderbird) #241840
 CVE-2007-1560 version (squid, fixed 2.6.STABLE12)
 CVE-2007-1558 version (claws-mail, fixed 2.9.1) #237293
 *CVE-2007-1558 backport (sylpheed, fixed 2.3.1-1)
@@ -208,12 +229,13 @@
 *CVE-2007-1384 version (ktorrent, fixed 2.1.2)
 CVE-2007-1375 version (php, fixed 5.2.2)
 *CVE-2007-1366 ** (qemu) #238723
-*CVE-2007-1362 version (seamonkey, fixed 1.0.9)
+CVE-2007-1362 version (seamonkey, fixed 1.0.9) #241840
 *CVE-2007-1359 patch (mod_security, fixed 2.1.0-3) #231728
 CVE-2007-1358 ** (tomcat5) #244810
 *CVE-2007-1354 (jboss)
 *CVE-2007-1352 VULNERABLE (libXfont) #235265
 *CVE-2007-1351 VULNERABLE (libXfont) #235265
+CVE-2007-1349 backport (mod_perl) [since FEDORA-2007-0316]
 CVE-2007-1325 version (phpMyAdmin, fixed 2.10.0.2)
 *CVE-2007-1322 ** (qemu) #238723
 *CVE-2007-1321 ** (qemu) #238723
@@ -281,7 +303,7 @@
 *CVE-2007-0774 (mod_jk)
 VE-2007-0772 version (kernel, fixed 2.6.20.1) [since FEDORA-2007-291]
 CVE-2007-0771 patch (kernel, fixed 2.6.20-1.2933) #227952
-*CVE-2007-0770 patch (GraphicsMagick, fixed 1.1.7-7) #228758
+CVE-2007-0770 patch (GraphicsMagick, fixed 1.1.7-7) #228758
 CVE-2007-0770 ignore (ImageMagick) only if incomplete CVE-2006-5456
 CVE-2007-0720 ignore (cups, fixed 1.2.7) cups is already updated
 CVE-2007-0657 ignore (nexuiz, 2.2.2 only (not shipped), fixed 2.2.3)
@@ -318,6 +340,7 @@
 *CVE-2007-0262 version (wordpress, fixed 2.1-0) #223101
 CVE-2007-0248 version (squid, fixed 2.6.STABLE7) [since FEDORA-2007-073]
 CVE-2007-0247 version (squid, fixed 2.6.STABLE7) #222883 [since FEDORA-2007-073]
+CVE-2007-0245 backport (openoffice.org) [since FEDORA-2007-0410]
 CVE-2007-0243 ignore, no-ship (java-ibm)
 *CVE-2007-0242 patch (qt4, fixed 4.2.3-7)
 *CVE-2007-0240 patch (zope, fixed 2.9.6-2) #233378
@@ -510,6 +533,7 @@
 CVE-2006-5462 version (firefox, fixed 1.5.0.8) [since FEDORA-2006-1191]
 *CVE-2006-5461 VULNERABLE (avahi, fixed 0.6.15)
 *CVE-2006-5456 backport (ImageMagick) #210921 [since FEDORA-2006-1285]
+CVE-2006-5456 version (GraphicsMagick, fixed 1.1.7) [since FEDORA-2007-1340]
 *CVE-2006-5455 patch (bugzilla, fixed 2.22-7) #212355
 *CVE-2006-5454 patch (bugzilla, fixed 2.22-7) #212355
 *CVE-2006-5453 patch (bugzilla, fixed 2.22-7) #212355
@@ -599,7 +623,7 @@
 CVE-2006-4561 VULNERABLE (firefox)
 CVE-2006-4538 version (kernel, fixed after 2.6.18-rc6)
 CVE-2006-4535 version (kernel, fixed 2.6.18-rc6)
-CVE-2006-4519 VULNERABLE (gimp) #247566
+CVE-2006-4519 version (gimp, fixed 2.2.16) #247566 [since FEDORA-2007-1044]
 *CVE-2006-4514 backport (libgsf) [since FEDORA-2006-1417]
 CVE-2006-4513 version (wv, fixed 1.2.4) #212696
 *CVE-2006-4513 ** (abiword) #212698
@@ -649,6 +673,7 @@
 CVE-2006-4146 backport (gdb)
 CVE-2006-4145 version (kernel, fixed 2.6.17.10, fixed 2.6.18-rc5) needs a better upstream fix
 *CVE-2006-4144 backport (ImageMagick, fixed 6.2.9)
+CVE-2006-4144 version (GraphicsMagick, fixed 1.1.8) [since FEDORA-2007-1340]
 *CVE-2006-4124 (lesstif)
 CVE-2006-4096 version (bind, fixed 9.3.2-P1)
 CVE-2006-4095 version (bind, fixed 9.3.2-P1)
@@ -665,42 +690,19 @@
 CVE-2006-3816 version (krusader, fixed 1.70.1) #200323
 CVE-2006-3815 version (heartbeat, fixed 2.0.6)
 CVE-2006-3813 version (perl) only Red Hat Enterprise Linux affected
-CVE-2006-3812 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3812 version (seamonkey, fixed 1.0.4) #200455
-CVE-2006-3812 version (firefox, fixed 1.5.0.5)
-CVE-2006-3811 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3811 version (seamonkey, fixed 1.0.4) #200455
-CVE-2006-3811 version (firefox, fixed 1.5.0.5)
-CVE-2006-3810 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3810 version (seamonkey, fixed 1.0.4) #200455
-CVE-2006-3810 version (firefox, fixed 1.5.0.5)
-CVE-2006-3809 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3809 version (seamonkey, fixed 1.0.4) #200455
-CVE-2006-3809 version (firefox, fixed 1.5.0.5)
-CVE-2006-3808 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3808 version (seamonkey, fixed 1.0.4) #200455
-CVE-2006-3808 version (firefox, fixed 1.5.0.5)
-CVE-2006-3807 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3807 version (seamonkey, fixed 1.0.4) #200455
-CVE-2006-3807 version (firefox, fixed 1.5.0.5)
-CVE-2006-3806 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3806 version (seamonkey, fixed 1.0.4) #200455
-CVE-2006-3806 version (firefox, fixed 1.5.0.5)
-CVE-2006-3805 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3805 version (seamonkey, fixed 1.0.4) #200455
-CVE-2006-3805 version (firefox, fixed 1.5.0.5)
-CVE-2006-3804 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3804 version (seamonkey, fixed 1.0.4) #200455
-CVE-2006-3804 version (firefox, fixed 1.5.0.5)
-CVE-2006-3803 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3803 version (seamonkey, fixed 1.0.4) #200455
-CVE-2006-3803 version (firefox, fixed 1.5.0.5)
-CVE-2006-3802 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3802 version (seamonkey, fixed 1.0.4) #200455
-CVE-2006-3802 version (firefox, fixed 1.5.0.5)
-CVE-2006-3801 version (thunderbird, fixed 1.5.0.5)
-CVE-2006-3801 version (seamonkey, fixed 1.0.4) #200455
-CVE-2006-3801 version (firefox, fixed 1.5.0.5)
+CVE-2006-3812 version (mozilla) #200455
+CVE-2006-3811 version (mozilla) #200455
+CVE-2006-3810 version (mozilla) #200455
+CVE-2006-3809 version (mozilla) #200455
+CVE-2006-3808 version (mozilla) #200455
+CVE-2006-3807 version (mozilla) #200455
+CVE-2006-3806 version (mozilla) #200455
+CVE-2006-3805 version (mozilla) #200455
+CVE-2006-3804 version (mozilla) #200455
+CVE-2006-3803 version (mozilla) #200455
+CVE-2006-3802 version (mozilla) #200455
+CVE-2006-3801 version (mozilla) #200455
+CVE-2007-3798 version (tcpdump, fixed 3.9.7) #244860 [since FEDORA-2007-1361]
 CVE-2006-3747 version (httpd, fixed 2.2.3)
 CVE-2006-3746 version (gnupg, fixed 1.4.5)
 CVE-2006-3745 version (kernel, fixed 2.6.17.10, fixed 2.6.18-rc5)
@@ -711,6 +713,7 @@
 CVE-2006-3740 version (libXfont, fixed 1.2.2)
 CVE-2006-3739 version (libXfont, fixed 1.2.2)
 *CVE-2006-3738 backport (openssl, fixed 0.9.8d)
+CVE-2007-3734 version (mozilla) #248518 [since FEDORA-2007-1138]
 *CVE-2006-3733 ignore (jboss) cisco only
 CVE-2006-3731 ignore (firefox) just a user complicit crash
 CVE-2006-3694 version (ruby, fixed 1.8.5)
@@ -855,8 +858,8 @@
 *CVE-2006-2366 ignore (openobex) we don't ship ircp
 CVE-2006-2362 ignore (binutils) minor crash (not exploitable)
 CVE-2006-2332 ignore (firefox) disputed
-CVE-2006-2314 version (postgresql, fixed 8.1.4)
-CVE-2006-2313 version (postgresql, fixed 8.1.4)
+CVE-2006-2314 version (postgresql, fixed 8.1.4) [since FEDORA-2007-0249]
+CVE-2006-2313 version (postgresql, fixed 8.1.4) [since FEDORA-2007-0249]
 CVE-2006-2276 version (quagga, fixed 0.98.6)
 CVE-2006-2275 version (kernel, fixed 2.6.16.15)
 CVE-2006-2274 version (kernel, fixed 2.6.16.15)
@@ -1156,6 +1159,7 @@
 CVE-2006-0096 ignore (kernel) minor and requires root
 CVE-2006-0095 version (kernel, fixed 2.6.16)
 CVE-2006-0082 version (ImageMagick, not 6.2.5.4)
+CVE-2006-0082 version (GraphicsMagick, fixed 1.1.8) [since FEDORA-2007-1340]
 CVE-2006-0071 ignore (pinentry, Gentoo-specific problem)
 CVE-2006-0058 version (sendmail, fixed 8.13.6)
 CVE-2006-0052 version (mailman, fixed 2.1.6)
@@ -1196,6 +1200,7 @@
 CVE-2005-4618 version (kernel, fixed 2.6.15)
 CVE-2005-4605 version (kernel, fixed 2.6.15)
 *CVE-2005-4601 (ImageMagick)
+CVE-2005-4601 version (GraphicsMagick, fixed 1.1.8) [since FEDORA-2007-1340]
 CVE-2005-4585 version (wireshark, fixed 0.10.14)
 CVE-2005-4442 version (openldap) gentoo only
 CVE-2005-4352 version (kernel, fixed 2.6.18.3) [since FEDORA-2006-1471]

-- 
fedora-extras-commits mailing list
fedora-extras-commits at redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits

More information about the Fedora-security-list mailing list