[Secure-testing-commits] r14454 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Sun Apr 11 20:22:50 UTC 2010
Author: gilbert-guest
Date: 2010-04-11 20:22:48 +0000 (Sun, 11 Apr 2010)
New Revision: 14454
Modified:
data/CVE/list
Log:
bug submitted for webkit issue (and lenny has the vuln code); webkit is affected by gif issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-04-11 18:37:58 UTC (rev 14453)
+++ data/CVE/list 2010-04-11 20:22:48 UTC (rev 14454)
@@ -262,13 +262,13 @@
NOTE: http://trac.webkit.org/changeset/55511
NOTE: evidence of memory corruption http://code.google.com/p/chromium/issues/detail?id=37061
CVE-2010-1236 (Google Chrome before 4.1.249.1036 does not properly restrict ...)
- - webkit <unfixed>
- [lenny] - webkit <not-affected> (Vulnerable code not present)
+ - webkit <unfixed> (bug #577457)
- kdelibs <undetermined>
- kde4libs <undetermined>
- qt4-x11 <undetermined>
- chromium-browser <itp> (bug #520324)
NOTE: http://trac.webkit.org/changeset/55822
+ NOTE: vulnerable code is in KURL.cpp even though the changeset says it is in KURLGoogle.cpp
CVE-2010-1235 (Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows ...)
- chromium-browser <itp> (bug #520324)
NOTE: issue in chrome-specific download dialog
@@ -1911,7 +1911,10 @@
- chromium-browser <itp> (bug #520334)
CVE-2010-0659 (The image decoder in WebKit before r52833, as used in Google Chrome ...)
- chromium-browser <itp> (bug #520334)
- - webkit <not-affected> (Chrome-specific vulnerability)
+ - webkit 1.1.21-1 (low)
+ - qt4-x11 <undetermined> (low)
+ - kdelibs <undetermined> (low)
+ - kde4libs <undetermined> (low)
CVE-2010-0658 (Multiple integer overflows in Skia, as used in Google Chrome before ...)
- chromium-browser <itp> (bug #520334)
CVE-2010-0657 (Google Chrome before 4.0.249.78 on Windows does not perform the ...)
More information about the Secure-testing-commits
mailing list