Re: FC6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 23 Sep 2006, Jesse Keating wrote:
For lack of a better process, I'd say each known (public) issue gets a
bugzilla and blocks FC6Blocker .

Here is what I've marked FC6Blocker today. Seems sensible to get these fixed before we release especially as the issues are all old.

CVE-2006-4624 VULNERABLE (mailman, fixed 2.1.9rc1) bz#206607 [FC6Blocker]
CVE-2006-4226 VULNERABLE (mysql, fixed 5.0.25,5.1.12) bz#203428 [FC6Blocker]
CVE-2006-4227 VULNERABLE (mysql, fixed 5.0.25,5.1.12) bz#203434 [FC6Blocker]
CVE-2006-4031 VULNERABLE (mysql, fixed 5.0.24) bz#202675 [FC6Blocker]
CVE-2006-3636 VULNERABLE (mailman, fixed 2.1.9) bz#206607 [FC6Blocker]
CVE-2006-2941 VULNERABLE (mailman, fixed 2.1.9) bz#206607 [FC6Blocker]

The following were vulnerable in Test3 but are fixed in dist-fc6 as of today:

CVE-2006-4790 VULNERABLE (gnutls, fixed 1.4.4) [backported to 1.4.1-2 in rawhide]
CVE-2006-4571 VULNERABLE (thunderbird, fixed 1.5.0.7) [in rawhide]
CVE-2006-4571 VULNERABLE (firefox, fixed 1.5.0.7) [in rawhide]
CVE-2006-4570 VULNERABLE (thunderbird, fixed 1.5.0.7) [in rawhide]
CVE-2006-4569 VULNERABLE (firefox, fixed 1.5.0.7) [in rawhide]
CVE-2006-4568 VULNERABLE (firefox, fixed 1.5.0.7) [in rawhide]
CVE-2006-4567 VULNERABLE (firefox, fixed 1.5.0.7) [in rawhide]
CVE-2006-4567 VULNERABLE (thunderbird, fixed 1.5.0.7) [in rawhide]
CVE-2006-4566 VULNERABLE (firefox, fixed 1.5.0.7) [in rawhide]
CVE-2006-4566 VULNERABLE (thunderbird, fixed 1.5.0.7) [in rawhide]
CVE-2006-4565 VULNERABLE (firefox, fixed 1.5.0.7) [in rawhide]
CVE-2006-4565 VULNERABLE (thunderbird, fixed 1.5.0.7) [in rawhide]
CVE-2006-4538 VULNERABLE (kernel, fixed after 2.6.18-rc6)
CVE-2006-4340 VULNERABLE (nss, fixed 3.11.3) bz#206608 [in rawhide]
CVE-2006-4338 VULNERABLE (gzip) [in rawhide]
CVE-2006-4337 VULNERABLE (gzip) [in rawhide]
CVE-2006-4336 VULNERABLE (gzip) [in rawhide]
CVE-2006-4335 VULNERABLE (gzip) [in rawhide]
CVE-2006-4334 VULNERABLE (gzip) [in rawhide]
CVE-2006-4253 VULNERABLE (firefox, fixed 1.5.0.7) [in rawhide]
CVE-2006-4253 VULNERABLE (thunderbird, fixed 1.5.0.7) [in rawhide]
CVE-2006-3740 VULNERABLE (libXfont, fixed 1.2.2) bz#206609 [in rawhide]
CVE-2006-3739 VULNERABLE (libXfont, fixed 1.2.2) bz#206609 [in rawhide]

Which leaves the following which are the issues that are not fixed upstream for whatever reason:

CVE-2006-4561 VULNERABLE (firefox)
CVE-2006-4261 VULNERABLE (firefox)
CVE-2006-2894 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=56236
CVE-2006-0496 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=324253
CVE-2005-4809 VULNERABLE (firefox)
CVE-2005-3675 VULNERABLE (kernel) optack, no upstream fix
CVE-2003-1265 VULNERABLE (firefox) https://bugzilla.mozilla.org/show_bug.cgi?id=198442
CVE-2003-1265 VULNERABLE (thunderbird) https://bugzilla.mozilla.org/show_bug.cgi?id=198442

--
Fedora-security-list mailing list
Fedora-security-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-security-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Coolkey]

  Powered by Linux