[Secure-testing-commits] r12840 - in data: . CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Thu Sep 17 20:04:36 UTC 2009
Author: gilbert-guest
Date: 2009-09-17 20:04:36 +0000 (Thu, 17 Sep 2009)
New Revision: 12840
Modified:
data/CVE/list
data/embedded-code-copies
Log:
webkit stuff
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-09-17 18:56:46 UTC (rev 12839)
+++ data/CVE/list 2009-09-17 20:04:36 UTC (rev 12840)
@@ -1,3 +1,6 @@
+CVE-2009-XXXX [webkit: potential ssl certificate null character stripping vulnerability]
+ - webkit <unfixed> (medium; bug #547217)
+ TODO: asked maintainer to check; follow-up
CVE-2009-3234 [Buffer overflow in performance counters]
- linux-2.6 <not-affected> (Introduced in 2.6.31)
- linux-2.6.24 <removed>
@@ -1493,7 +1496,8 @@
CVE-2009-2798 (Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows ...)
NOT-FOR-US: Apple QuickTime
CVE-2009-2797 (The WebKit component in Safari in Apple iPhone OS before 3.1, and ...)
- NOT-FOR-US: Safari in Apple iPhone OS
+ - webkit <unfixed> (medium)
+ TODO: someone needs to gain membership to the webkit security list so we can actually check these issues
CVE-2009-2796 (The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for ...)
NOT-FOR-US: Apple iPhone OS
CVE-2009-2795 (Heap-based buffer overflow in the Recovery Mode component in Apple ...)
@@ -3494,7 +3498,8 @@
NOTE: http://trac.webkit.org/changeset/44905
NOTE: http://trac.webkit.org/changeset/44909
CVE-2009-2199 (Incomplete blacklist vulnerability in WebKit in Apple Safari before ...)
- NOT-FOR-US: Apple Safari
+ - webkit <unfixed> (medium)
+ TODO: someone needs to gain membership to the webkit security list so we can actually check these issues
CVE-2009-2198 (Apple GarageBand before 5.1 reconfigures Safari to accept all cookies ...)
NOT-FOR-US: Apple GarageBand
CVE-2009-2197
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2009-09-17 18:56:46 UTC (rev 12839)
+++ data/embedded-code-copies 2009-09-17 20:04:36 UTC (rev 12840)
@@ -932,3 +932,6 @@
pidgin
- gaim <old-version>
+
+icu
+ - webkit <unfixed> (embed; bug #547214) [./WebCore/icu/*]
More information about the Secure-testing-commits
mailing list