[Secure-testing-commits] r14541 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Wed Apr 21 19:55:57 UTC 2010
Author: jmm-guest
Date: 2010-04-21 19:55:57 +0000 (Wed, 21 Apr 2010)
New Revision: 14541
Modified:
data/CVE/list
Log:
Qt triage
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-04-21 06:37:54 UTC (rev 14540)
+++ data/CVE/list 2010-04-21 19:55:57 UTC (rev 14541)
@@ -12900,7 +12900,8 @@
[lenny] - webkit <no-dsa> (Minor issue)
- kdelibs <unfixed> (unimportant)
- kde4libs <unfixed> (unimportant)
- - qt4-x11 <undetermined> (unimportant)
+ - qt4-x11 4:4.6.2-4 (low; bug #561760)
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
NOTE: http://trac.webkit.org/changeset/44010
CVE-2009-1717 (Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 ...)
NOT-FOR-US: Mac OS X
@@ -12910,7 +12911,8 @@
- webkit 1.0.1-4 (medium; bug #535793)
- kdelibs <not-affected>
- kde4libs <not-affected>
- - qt4-x11 <undetermined>
+ - qt4-x11 4:4.6.2-4 (bug #561760)
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
NOTE: http://trac.webkit.org/changeset/31890
CVE-2009-1714 (Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in ...)
{DSA-1950-1}
@@ -12945,10 +12947,11 @@
[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
CVE-2009-1710 (WebKit in Apple Safari before 4.0 allows remote attackers to spoof the ...)
{DSA-1950-1}
- - webkit 1.1.12-1 (medium; bug #535793)
+ - webkit 1.1.12-1 (low; bug #535793)
- kdelibs <not-affected>
- kde4libs <not-affected>
- - qt4-x11 <undetermined>
+ - qt4-x11 4:4.6.2-4 (low; bug #561760)
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
NOTE: http://trac.webkit.org/changeset/35157
CVE-2009-1709 (Use-after-free vulnerability in the garbage-collection implementation ...)
{DSA-1866-1}
@@ -12973,26 +12976,31 @@
[lenny] - webkit <no-dsa> (Minor issue)
- kdelibs <not-affected>
- kde4libs <not-affected>
- - qt4-x11 <undetermined>
+ - qt4-x11 4:4.6.2-4 (medium; bug #561760)
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
+ [lenny] - qt4-x11 <not-affected> (HTML video support introduced in version 4.5)
NOTE: http://trac.webkit.org/changeset/42533
CVE-2009-1702 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
- webkit 1.1.12-1 (low; bug #535793)
- kdelibs <not-affected>
- kde4libs <not-affected>
- - qt4-x11 <undetermined>
+ - qt4-x11 4:4.6.2-4 (low)
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
NOTE: http://trac.webkit.org/changeset/42216
CVE-2009-1701 (Use-after-free vulnerability in the JavaScript DOM implementation in ...)
- webkit 1.1.12-1 (medium; bug #535793)
- kdelibs <not-affected>
- kde4libs <undetermined>
- - qt4-x11 <undetermined>
+ - qt4-x11 4:4.6.2-4
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
NOTE: invasive patch to backport.
NOTE: http://trac.webkit.org/changeset/40881
CVE-2009-1700 (The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone ...)
- webkit 1.1.12-1 (low; bug #535793)
- kdelibs <not-affected>
- kde4libs <not-affected>
- - qt4-x11 <undetermined>
+ - qt4-x11 4:4.6.2-4 (low)
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
NOTE: http://trac.webkit.org/changeset/38065
CVE-2009-1699 (The XSL stylesheet implementation in WebKit in Apple Safari before ...)
{DSA-1988-1}
@@ -13014,14 +13022,17 @@
- webkit 1.1.15.2-1 (medium; bug #535793)
- kdelibs <not-affected>
- kde4libs <not-affected>
- - qt4-x11 <undetermined>
+ - qt4-x11 4:4.6.2-4
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
NOTE: http://trac.webkit.org/changeset/41262
CVE-2009-1696 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
- webkit 1.1.12-1 (medium; bug #535793)
[lenny] - webkit <not-affected> (Vulnerable code not present)
- kdelibs <not-affected>
- kde4libs <not-affected>
- - qt4-x11 <undetermined>
+ - qt4-x11 4:4.6.2-4
+ [lenny] - qt4-x11 <not-affected> (Vulnerable code not present)
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
NOTE: http://trac.webkit.org/changeset/39510
NOTE: http://trac.webkit.org/changeset/39553
CVE-2009-1695 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
@@ -13029,14 +13040,17 @@
- webkit 1.1.12-1 (low; bug #535793)
- kdelibs <not-affected>
- kde4libs <not-affected>
- - qt4-x11 <undetermined>
+ - qt4-x11 4:4.6.2-4 (low)
+ [lenny] - qt4-x11 <not-affected> (Vulnerable code not present)
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
NOTE: http://trac.webkit.org/changeset/42223
CVE-2009-1694 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
{DSA-1950-1}
- webkit 1.1.12-1 (low; bug #535793)
- kdelibs <not-affected>
- kde4libs <not-affected>
- - qt4-x11 <undetermined>
+ - qt4-x11 4:4.6.2-4 (low)
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
NOTE: http://trac.webkit.org/changeset/35935
CVE-2009-1693 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
{DSA-1950-1}
@@ -13076,14 +13090,16 @@
[lenny] - webkit <not-affected> (Vulnerable code not present)
- kdelibs <not-affected>
- kde4libs <not-affected>
- - qt4-x11 <undetermined>
+ - qt4-x11 4.4.3-1
+ NOTE: QT4 might be fixed earlier, but only Lenny version was checked
NOTE: http://trac.webkit.org/changeset/32791
CVE-2009-1688 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
- webkit 1.1.12-1 (low; bug #535793)
[lenny] - webkit <not-affected> (Vulnerable code not present)
- kdelibs <not-affected>
- kde4libs <not-affected>
- - qt4-x11 <undetermined>
+ - qt4-x11 4.4.3-1
+ NOTE: QT4 might be fixed earlier, but only Lenny version was checked
NOTE: http://trac.webkit.org/changeset/32791
CVE-2009-1687 (The JavaScript garbage collector in WebKit in Apple Safari before 4.0, ...)
{DSA-1988-1 DSA-1950-1 DSA-1868-1 DSA-1867-1}
@@ -13098,20 +13114,23 @@
[lenny] - webkit <not-affected> (Vulnerable code not present)
- kdelibs <not-affected>
- kde4libs <not-affected>
- - qt4-x11 <undetermined>
+ - qt4-x11 4:4.6.2-4
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
NOTE: http://trac.webkit.org/changeset/31431
CVE-2009-1685 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
- - webkit 1.0.1-4 (medium; bug #535793)
+ - webkit 1.0.1-4 (bug #535793)
- kdelibs <not-affected>
- kde4libs <unfixed>
- - qt4-x11 <undetermined>
+ - qt4-x11 4:4.6.2-4 (low)
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
NOTE: http://trac.webkit.org/changeset/34574
CVE-2009-1684 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
{DSA-1950-1}
- webkit 1.1.12-1 (low; bug #535793)
- kdelibs <not-affected>
- kde4libs <not-affected>
- - qt4-x11 <undetermined>
+ - qt4-x11 4:4.6.2-4 (low)
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against
NOTE: http://trac.webkit.org/changeset/42365
CVE-2009-1683 (The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and ...)
NOT-FOR-US: iPhone
@@ -13122,7 +13141,8 @@
- webkit 1.1.12-1 (low; bug #535793)
- kdelibs <not-affected>
- kde4libs <not-affected>
- - qt4-x11 <undetermined>
+ - qt4-x11 4:4.6.2-4 (low)
+ NOTE: QT4 might be fixed earlier, but only 4.6.2 was checked against, Lenny is affected
NOTE: http://trac.webkit.org/changeset/42333
CVE-2009-1680 (Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod ...)
NOT-FOR-US: Safari in Apple iPhone OS
More information about the Secure-testing-commits
mailing list