[Secure-testing-commits] r13699 - in data: . CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Sat Jan 2 20:40:53 UTC 2010 

Author: gilbert-guest
Date: 2010-01-02 20:40:53 +0000 (Sat, 02 Jan 2010)
New Revision: 13699

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
recommit some of the webkit embeds to demonstrate usage of <undetermined>

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-01-02 18:28:18 UTC (rev 13698)
+++ data/CVE/list	2010-01-02 20:40:53 UTC (rev 13699)
@@ -1513,6 +1513,11 @@
 CVE-2009-3932 (The Gears plugin in Google Chrome before 3.0.195.32 allows ...)
 	- chromium-browser <itp> (low; bug #520324)
 	- webkit <unfixed> (low; bug #560905)
+	- qt4-x11 <undetermined> (bug #561760)
+	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
+	[lenny] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
+	- kdelibs <undetermined> (bug #561765)
+	- kde4libs <undetermined> (bug #561762)
 CVE-2009-3931 (Incomplete blacklist vulnerability in browser/download/download_exe.cc ...)
 	- chromium-browser <itp> (low; bug #520324)
 CVE-2009-3930 (Multiple integer overflows in Christos Zoulas file before 5.02 allow ...)
@@ -3161,6 +3166,11 @@
 	RESERVED
 CVE-2009-3384 (Multiple unspecified vulnerabilities in WebKit in Apple Safari before ...)
 	- webkit 1.1.17-2 (medium; bug #559759)
+	- qt4-x11 <undetermined> (bug #561760)
+	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
+	[lenny] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
+	- kdelibs <undetermined> (bug #561765)
+	- kde4libs <undetermined> (bug #561762)
 CVE-2009-3383 (Multiple unspecified vulnerabilities in the JavaScript engine in ...)
 	- xulrunner 1.9.1.4-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
@@ -3450,6 +3460,8 @@
 CVE-2009-3272 (Stack consumption vulnerability in WebKit.dll in WebKit in Apple ...)
 	- webkit <unfixed> (unimportant; bug #559759)
 	- qt4-x11 <unfixed> (unimportant)
+	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
+	[lenny] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- kdelibs <unfixed> (unimportant)
 	- kde4libs <unfixed> (unimportant)
 	NOTE: browser crashers are not considered security-relevant
@@ -4668,6 +4680,11 @@
 CVE-2009-2953 (Mozilla Firefox 3.0.6 through 3.0.13, and 3.5.x, allows remote ...)
 	- xulrunner <unfixed> (unimportant; bug #557753)
 	- webkit <unfixed> (unimportant; bug #557752)
+	- qt4-x11 <undetermined> (unimportant; bug #561760)
+	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
+	[lenny] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
+	- kdelibs <undetermined> (unimportant; bug #561765)
+	- kde4libs <undetermined> (unimportant; bug #561762)
 	NOTE: browser denial-of-services are considered unimportant
 CVE-2009-2952 (Unspecified vulnerability in the pollwakeup function in Sun Solaris ...)
 	NOT-FOR-US: Sun Solaris
@@ -5119,8 +5136,12 @@
 CVE-2009-2842 (Apple Safari before 4.0.4 does not properly implement certain (1) Open ...)
 	NOT-FOR-US: Apple Safari
 CVE-2009-2841 (WebKit in Apple Safari before 4.0.4 on Mac OS X does not perform the ...)
-	- webkit <unfixed> (medium; bug #559759)
-	TODO: work with upstream to determine affected/not-affected versions
+	- webkit <undetermined> (medium; bug #559759)
+	- qt4-x11 <undetermined> (bug #561760)
+	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
+	[lenny] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
+	- kdelibs <undetermined> (bug #561765)
+	- kde4libs <undetermined> (bug #561762)
 CVE-2009-2840 (Spotlight in Apple Mac OS X 10.5.8 does not properly handle temporary ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2009-2839 (Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to ...)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2010-01-02 18:28:18 UTC (rev 13698)
+++ data/embedded-code-copies	2010-01-02 20:40:53 UTC (rev 13699)
@@ -643,6 +643,8 @@
 
 webkit
 	- qt4-x11 <unfixed> (embed; bug #479851)
+        [etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
+        [lenny] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- kdelibs <unfixed> (old-version)
 	- kde4libs <unfixed> (fork)

More information about the Secure-testing-commits mailing list