[Secure-testing-commits] r14428 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Wed Apr 7 18:51:40 UTC 2010
Author: jmm-guest
Date: 2010-04-07 18:51:40 +0000 (Wed, 07 Apr 2010)
New Revision: 14428
Modified:
data/CVE/list
Log:
- suspicious cert turned out to be from RSA
- webkit triage: one dupe, one chrome-only issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-04-07 18:30:04 UTC (rev 14427)
+++ data/CVE/list 2010-04-07 18:51:40 UTC (rev 14428)
@@ -5,8 +5,6 @@
TODO: check
NOTE: http://sourceforge.net/projects/tcpdf/files/CHANGELOG.TXT/view
NOTE: setting K_TCPDF_CALLS_IN_HTML to false mitigates the problem
-CVE-2010-XXXX [unused/unowned certificates need to be removed]
- - ca-certificaties <unfixed> (low; bug #576739)
CVE-2010-XXXX [xmail insecure temp files handling]
- xmail <undetermined>
TODO: check
@@ -1742,10 +1740,7 @@
- chromium-browser <itp> (bug #520334)
CVE-2010-0659 (The image decoder in WebKit before r52833, as used in Google Chrome ...)
- chromium-browser <itp> (bug #520334)
- - webkit 1.1.21-1 (low)
- - qt4-x11 <undetermined> (low)
- - kdelibs <undetermined> (low)
- - kde4libs <undetermined> (low)
+ - webkit <not-affected> (Chrome-specific vulnerability)
CVE-2010-0658 (Multiple integer overflows in Skia, as used in Google Chrome before ...)
- chromium-browser <itp> (bug #520334)
CVE-2010-0657 (Google Chrome before 4.0.249.78 on Windows does not perform the ...)
@@ -4136,13 +4131,9 @@
- qt4-x11 <undetermined>
NOTE: http://trac.webkit.org/changeset/51877
CVE-2010-0051 (WebKit in Apple Safari before 4.0.5 does not properly validate the ...)
- - webkit 1.1.21-1 (bug #574064)
- - kde4libs <undetermined>
- - kdelibs <undetermined>
- - qt4-x11 <undetermined>
NOTE: http://trac.webkit.org/changeset/52784
NOTE: duplicate of CVE-2010-0651
- TODO: reqest rejection for this CVE
+ TODO: request rejection for this CVE
CVE-2010-0050 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
- webkit 1.1.90-1 (bug #574064)
- kde4libs <undetermined>
More information about the Secure-testing-commits
mailing list