[Secure-testing-commits] r14157 - data/CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Fri Feb 26 21:08:49 UTC 2010


Author: gilbert-guest
Date: 2010-02-26 21:08:49 +0000 (Fri, 26 Feb 2010)
New Revision: 14157

Modified:
   data/CVE/list
Log:
info on webkit issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-02-26 20:45:35 UTC (rev 14156)
+++ data/CVE/list	2010-02-26 21:08:49 UTC (rev 14157)
@@ -147,11 +147,12 @@
 	- kde4libs <undetermined> (low)
 CVE-2010-0650 (WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, ...)
 	- chromium-browser <itp> (bug #520334)
-	- webkit <undetermined> (low)
-	- qt4-x11 <undetermined> (low)
-	- kdelibs <undetermined> (low)
-	- kde4libs <undetermined> (low)
-	TODO: check (not enough info available yet since webkit bug is still restricted)
+	- webkit 1.1.21-1 (unimportant)
+	NOTE: http://code.google.com/p/chromium/issues/detail?id=3275
+	- qt4-x11 <undetermined> (unimportant)
+	- kdelibs <undetermined> (unimportant)
+	- kde4libs <undetermined> (unimportant)
+	NOTE: unimportant because this is just a popup blocker bypass
 CVE-2010-0649 (Integer overflow in the CrossCallParamsEx::CreateFromBuffer function ...)
 	- chromium-browser <itp> (bug #520334)
 CVE-2010-0648 (Mozilla Firefox, possibly before 3.6, allows remote attackers to ...)




More information about the Secure-testing-commits mailing list