[Secure-testing-commits] r12527 - data/CVE

Giuseppe Iuculano derevko-guest at alioth.debian.org
Sun Aug 9 13:04:27 UTC 2009


Author: derevko-guest
Date: 2009-08-09 13:04:27 +0000 (Sun, 09 Aug 2009)
New Revision: 12527

Modified:
   data/CVE/list
Log:
CVE-2009-1725: kde4libs and kdelibs are not affected

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-08-09 11:52:56 UTC (rev 12526)
+++ data/CVE/list	2009-08-09 13:04:27 UTC (rev 12527)
@@ -2714,8 +2714,9 @@
 CVE-2009-1725 (WebKit in Apple Safari before 4.0.2 does not properly handle numeric ...)
 	- webkit <unfixed> (medium; bug #538346)
 	- qt4-x11 <unfixed> (medium; bug #538347)
-	- kdelibs <unfixed> (medium; bug #538350)
-	- kde4libs 4:4.3.0-1 (medium; bug #538349)
+	- kdelibs <not-affected> (medium; bug #538350)
+	- kde4libs <not-affected> (medium; bug #538349)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=513813#c18
 	NOTE: patch http://trac.webkit.org/changeset/44799/
 	NOTE: PoC https://cevans-app.appspot.com/static/webkitentityoffbyone.html
 CVE-2009-1724 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)




More information about the Secure-testing-commits mailing list