[Secure-testing-commits] r12143 - data/CVE
Kees Cook
kees at alioth.debian.org
Wed Jun 17 22:05:57 UTC 2009
Author: kees
Date: 2009-06-17 22:05:56 +0000 (Wed, 17 Jun 2009)
New Revision: 12143
Modified:
data/CVE/list
Log:
NFUs: 3, one more chrome itp
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-06-17 13:57:00 UTC (rev 12142)
+++ data/CVE/list 2009-06-17 22:05:56 UTC (rev 12143)
@@ -29,13 +29,13 @@
CVE-2009-2061 (Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response ...)
TODO: check
CVE-2009-2060 (src/net/http/http_transaction_winhttp.cc in Google Chrome before ...)
- TODO: check
+ - chromium-browser <itp> (bug #520324)
CVE-2009-2059 (Opera, possibly before 9.25, uses the HTTP Host header to determine ...)
TODO: check
CVE-2009-2058 (Apple Safari before 3.2.2 uses the HTTP Host header to determine the ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2009-2057 (Microsoft Internet Explorer before 8 uses the HTTP Host header to ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2009-2056
RESERVED
CVE-2009-2055
@@ -81,7 +81,7 @@
CVE-2009-2036 (SQL injection vulnerability in index.php in Open Biller 0.1 allows ...)
NOT-FOR-US: Open Biller
CVE-2009-2035 (Unspecified vulnerability in Services 6.x before 6.x-0.14, a module ...)
- TODO: check
+ NOT-FOR-US: Service module for Drupal
CVE-2009-2034 (SQL injection vulnerability in writemessage.php in Yogurt 0.3, when ...)
NOT-FOR-US: Yogurt
CVE-2009-2033 (Cross-site scripting (XSS) vulnerability in index.php in Yogurt 0.3 ...)
More information about the Secure-testing-commits
mailing list