[Secure-testing-commits] r14437 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Thu Apr 8 00:56:44 UTC 2010
Author: gilbert-guest
Date: 2010-04-08 00:56:42 +0000 (Thu, 08 Apr 2010)
New Revision: 14437
Modified:
data/CVE/list
Log:
zabbix cve reassigned; webkit "crasher" has signs of memory corruption
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-04-07 23:29:54 UTC (rev 14436)
+++ data/CVE/list 2010-04-08 00:56:42 UTC (rev 14437)
@@ -41,7 +41,8 @@
CVE-2010-1278
RESERVED
CVE-2010-1277 (SQL injection vulnerability in the user.authenticate method in the API ...)
- TODO: check
+ - zabbix <unfixed>
+ TODO: File bug
CVE-2010-1276 (Multiple cross-site scripting (XSS) vulnerabilities in BBSXP 2008 SP2 ...)
TODO: check
CVE-2010-1275 (Cross-site scripting (XSS) vulnerability in ShowPost.asp in BBSXP 2008 ...)
@@ -182,12 +183,13 @@
CVE-2000-1245 (Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the ...)
TODO: check
CVE-2010-1237 (Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to ...)
- - webkit 1.1.90-1 (unimportant)
+ - webkit 1.1.90-1
- kdelibs <undetermined>
- kde4libs <undetermined>
- qt4-x11 <undetermined>
- chromium-browser <itp> (bug #520324)
- NOTE: http://trac.webkit.org/changeset/55511, just a crasher
+ NOTE: http://trac.webkit.org/changeset/55511
+ NOTE: evidence of memory corruption http://code.google.com/p/chromium/issues/detail?id=37061
CVE-2010-1236 (Google Chrome before 4.1.249.1036 does not properly restrict ...)
- webkit <unfixed>
[lenny] - webkit <not-affected> (Vulnerable code not present)
@@ -1564,10 +1566,8 @@
NOT-FOR-US: Joomla!
CVE-2010-0752 (The week_post_page function in the Weekly Archive by Node Type module ...)
NOT-FOR-US: Weekly Archive by Node Type (Drupal module)
-CVE-2010-1144 [zabbix SQL injection]
+CVE-2010-1144
REJECTED
- - zabbix <unfixed>
- TODO: File bug
CVE-2010-0750 (pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users ...)
- policykit <not-affected> (pkexec introduced in 0.92)
[lenny] - policykit <not-affected> (pkexec introduced in 0.92)
More information about the Secure-testing-commits
mailing list