[Secure-testing-commits] r12527 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Sun Aug 9 13:04:27 UTC 2009
Author: derevko-guest
Date: 2009-08-09 13:04:27 +0000 (Sun, 09 Aug 2009)
New Revision: 12527
Modified:
data/CVE/list
Log:
CVE-2009-1725: kde4libs and kdelibs are not affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-08-09 11:52:56 UTC (rev 12526)
+++ data/CVE/list 2009-08-09 13:04:27 UTC (rev 12527)
@@ -2714,8 +2714,9 @@
CVE-2009-1725 (WebKit in Apple Safari before 4.0.2 does not properly handle numeric ...)
- webkit <unfixed> (medium; bug #538346)
- qt4-x11 <unfixed> (medium; bug #538347)
- - kdelibs <unfixed> (medium; bug #538350)
- - kde4libs 4:4.3.0-1 (medium; bug #538349)
+ - kdelibs <not-affected> (medium; bug #538350)
+ - kde4libs <not-affected> (medium; bug #538349)
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=513813#c18
NOTE: patch http://trac.webkit.org/changeset/44799/
NOTE: PoC https://cevans-app.appspot.com/static/webkitentityoffbyone.html
CVE-2009-1724 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
More information about the Secure-testing-commits
mailing list