[Secure-testing-commits] r12921 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Fri Oct 2 22:34:53 UTC 2009
Author: gilbert-guest
Date: 2009-10-02 22:34:53 +0000 (Fri, 02 Oct 2009)
New Revision: 12921
Modified:
data/CVE/list
Log:
- not enough information to rule out webkit issue
- wget null character issue got its own cve id (CVE-2009-3490)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-10-02 21:14:16 UTC (rev 12920)
+++ data/CVE/list 2009-10-02 22:34:53 UTC (rev 12921)
@@ -546,7 +546,8 @@
CVE-2009-3273 (iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not ...)
NOT-FOR-US: Apple iPhone
CVE-2009-3272 (Stack consumption vulnerability in WebKit.dll in WebKit in Apple ...)
- NOT-FOR-US: Apple Safari
+ - webkit <unfixed> (medium)
+ TODO: someone needs to become a member of the webkit security list so we can actually triage these apple webkit issues
CVE-2009-3271 (Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a ...)
NOT-FOR-US: Apple Safari on iPhone OS 3.0.1
CVE-2009-3290 (The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the ...)
@@ -3587,8 +3588,6 @@
CVE-2009-2417 (lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is ...)
{DSA-1869-1}
- curl 7.19.5-1.1 (medium; bug #541991)
- TODO: - wget <unfixed>
- TODO: check whether wget affected [src/openssl.c]; not an embed, but similar functionality
CVE-2009-2416 (Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, ...)
{DSA-1861-1 DSA-1859-1}
- libxml2 2.7.3.dfsg-2.1 (low; bug #540865)
More information about the Secure-testing-commits
mailing list