fedora-security/audit fc7,1.9,1.10
Kevin Fenzi (kevin)
fedora-extras-commits at redhat.com
Thu Jun 14 03:54:01 UTC 2007
Author: kevin
Update of /cvs/fedora/fedora-security/audit
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16293
Modified Files:
fc7
Log Message:
process some kernel cve's
Index: fc7
===================================================================
RCS file: /cvs/fedora/fedora-security/audit/fc7,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- fc7 13 Jun 2007 21:39:40 -0000 1.9
+++ fc7 14 Jun 2007 03:53:59 -0000 1.10
@@ -58,7 +58,7 @@
CVE-2007-2243 ignore (openssh, fixed 4.6) needs S/KEY support which is not shipped.
*CVE-2007-2241 (bind)
*CVE-2007-2176 ignore (firefox) only affects the java quicktime interaction
-*CVE-2007-2172 (kernel)
+CVE-2007-2172 version (kernel, fixed 2.6.21-rc6)
*CVE-2007-2165 VULNERABLE (proftpd) #237533
*CVE-2007-2138 (postgresql)
*CVE-2007-2057 version (aircrack-ng, fixed 0.8-0.1)
@@ -111,7 +111,7 @@
*CVE-2007-1536 (file)
*CVE-2007-1521 (php)
*CVE-2007-1515 version (imp, fixed 4.1.4)
-*CVE-2007-1496 (kernel)
+CVE-2007-1496 version (kernel, fixed 2.6.20.3)
*CVE-2007-1484 (php)
*CVE-2007-1475 ignore (php) unshipped ibase extension
*CVE-2007-1474 version (horde, fixed 3.1.4)
@@ -175,7 +175,7 @@
*CVE-2007-1003 VULNERABLE (xorg-x11-server, fixed > X11R7.2) #235263
*CVE-2007-1002 VULNERABLE (evolution) #233587
*CVE-2007-1001 (php)
-*CVE-2007-1000 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
+CVE-2007-1000 version (kernel, fixed 2.6.20.2) [since FEDORA-2007-335]
*CVE-2007-0999 (ekiga)
*CVE-2007-0998 version (qemu, fixed 0.8.2)
*CVE-2007-0998 backport (xen) #230295 [since FEDORA-2007-343]
@@ -208,8 +208,8 @@
*CVE-2007-0777 version (seamonkey, fixed 1.0.8)
*CVE-2007-0775 version (seamonkey, fixed 1.0.8)
*CVE-2007-0774 (mod_jk)
-*CVE-2007-0772 version (kernel) [since FEDORA-2007-291]
-*CVE-2007-0771 (kernel)
+CVE-2007-0772 version (kernel, fixed 2.6.20.1) [since FEDORA-2007-291]
+CVE-2007-0771 patch (kernel, fixed 2.6.20-1.2933) #227952
*CVE-2007-0770 patch (GraphicsMagick, fixed 1.1.7-7) #228758
*CVE-2007-0770 ignore (ImageMagick) only if incomplete CVE-2006-5456
*CVE-2007-0720 ignore (cups, fixed 1.2.7) cups is already updated
@@ -275,11 +275,10 @@
*CVE-2007-0008 version (nss, fixed 3.11.5) (nspr, fixed 4.6.5) [since FEDORA-2007-279]
*CVE-2007-0008 ignore (seamonkey, uses system NSS)
*CVE-2007-0007 version (gnucash, fixed 2.0.5) since [FEDORA-2007-256] #223233
-*CVE-2007-0006 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
-*CVE-2007-0006 backport (kernel, fixed in -mm) [since FEDORA-2007-226]
-*CVE-2007-0005 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
+CVE-2007-0006 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
+CVE-2007-0005 version (kernel, fixed 2.6.20) [since FEDORA-2007-335]
*CVE-2007-0002 version (libwpd, fixed 0.8.9) #222808 [since FEDORA-2007-351]
-*CVE-2007-0001 (kernel)
+CVE-2007-0001 ignore (kernel) rhel4 2.6.9 only known affected
*CVE-2006-7205 (php)
*CVE-2006-7204 (php)
*CVE-2006-7197 (tomcat)
@@ -334,14 +333,14 @@
*CVE-2006-6493 (openldap)
*CVE-2006-6481 version (clamav, fixed 0.88.7)
*CVE-2006-6406 version (clamav, fixed 0.88.7) #219095
-*CVE-2006-6385 ignore (kernel) windows only
+CVE-2006-6385 ignore (kernel) windows only
*CVE-2006-6383 ignore (php) safe mode isn't safe
*CVE-2006-6374 ** (phpMyAdmin) #218853
*CVE-2006-6373 version (phpMyAdmin, fixed 2.9.1.1) #218853
-*CVE-2006-6333 version (kernel, fixed 2.6.19.1) [since FEDORA-2007-058]
-*CVE-2006-6332 ignore (kernel) no support for madwifi
+CVE-2006-6333 version (kernel, fixed 2.6.19.1) [since FEDORA-2007-058]
+CVE-2006-6332 ignore (kernel) no support for madwifi
*CVE-2006-6305 ignore (net-snmp) already have the backported patch
-*CVE-2006-6304 version (kernel, fixed 2.6.19.1) [since FEDORA-2007-058]
+CVE-2006-6304 version (kernel, fixed 2.6.19.1) [since FEDORA-2007-058]
*CVE-2006-6303 version (ruby, fixed 1.8.5.2) [since FEDORA-2006-1441]
*CVE-2006-6301 version (denyhosts, fixed 2.6-2) #218824
*CVE-2006-6297 ignore (kdegraphics) just a crash
@@ -356,11 +355,11 @@
CVE-2006-6144 patch (krb5, fixed 1.5-14) #218456
CVE-2006-6143 patch (krb5, fixed 1.5-14) #218456
*CVE-2006-6142 backport (squirrelmail) #218297 [since FEDORA-2007-089]
-*CVE-2006-6128 VULNERABLE (kernel, fixed **)
+CVE-2006-6128 VULNERABLE (kernel, fixed **)
*CVE-2006-6122 ignore (tin, <= 1.8.1 not shipped)
*CVE-2006-6120 version (koffice, fixed 1.6.1) #218030
*CVE-2006-6107 VULNERABLE (dbus, fixed 1.0.2) #219665
-*CVE-2006-6106 version (kernel, fixed 2.6.19.2, fixed 2.6.20-rc5) [since FEDORA-2006-1471]
+CVE-2006-6106 version (kernel, fixed 2.6.19.2, fixed 2.6.20-rc5) [since FEDORA-2006-1471]
*CVE-2006-6105 version (gdm, fixed 2.14.11) [since FEDORA-2006-1468]
*CVE-2006-6104 backport (mono, fixed 1.1.13.8.2) #220853 [since FEDORA-2007-067]
*CVE-2006-6103 (xorg-x11)
@@ -369,10 +368,10 @@
*CVE-2006-6097 backport (tar) [since FEDORA-2006-1393]
*CVE-2006-6085 version (kile, fixed 1.9.3) #217238
*CVE-2006-6077 VULNERABLE (firefox)
-*CVE-2006-6060 ignore (kernel, fixed 2.6.19-rc2) no NTFS support
-*CVE-2006-6058 VULNERABLE (kernel, fixed **)
-*CVE-2006-6057 VULNERABLE (kernel, fixed **)
-*CVE-2006-6056 version (kernel, fixed 2.6.19) [since FEDORA-2007-058] was backport since FEDORA-2006-1471
+CVE-2006-6060 ignore (kernel, fixed 2.6.19-rc2) no NTFS support
+CVE-2006-6058 VULNERABLE (kernel, fixed **)
+CVE-2006-6057 VULNERABLE (kernel, fixed **)
+CVE-2006-6056 version (kernel, fixed 2.6.19) [since FEDORA-2007-058] was backport since FEDORA-2006-1471
*CVE-2006-6054 version (kernel, fixed fixed 2.6.19.2) [since FEDORA-2007-058]
*CVE-2006-6053 version (kernel, fixed 2.6.19.2) [since FEDORA-2007-058] was backport since FEDORA-2006-1223
CVE-2006-6027 ignore, no-ship (acroread)
--
fedora-extras-commits mailing list
fedora-extras-commits at redhat.com
https://www.redhat.com/mailman/listinfo/fedora-extras-commits
More information about the Fedora-security-list
mailing list