[Secure-testing-commits] r13978 - in data: . CVE

Giuseppe Iuculano derevko-guest at alioth.debian.org
Sun Jan 31 00:13:54 UTC 2010 

Author: derevko-guest
Date: 2010-01-31 00:13:51 +0000 (Sun, 31 Jan 2010)
New Revision: 13978

Modified:
   data/CVE/list
   data/embedded-code-copies
Log:
qt4-x11 in lenny is affected by webkit related issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-01-30 21:54:10 UTC (rev 13977)
+++ data/CVE/list	2010-01-31 00:13:51 UTC (rev 13978)
@@ -2695,7 +2695,6 @@
 	- webkit <unfixed> (low; bug #560905)
 	- qt4-x11 <undetermined> (bug #561760)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
-	[lenny] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- kdelibs <undetermined> (bug #561765)
 	- kde4libs <undetermined> (bug #561762)
 CVE-2009-3931 (Incomplete blacklist vulnerability in browser/download/download_exe.cc ...)
@@ -4319,7 +4318,6 @@
 	- webkit 1.1.17-2 (medium; bug #559759)
 	- qt4-x11 <undetermined> (bug #561760)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
-	[lenny] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- kdelibs <undetermined> (bug #561765)
 	- kde4libs <undetermined> (bug #561762)
 CVE-2009-3383 (Multiple unspecified vulnerabilities in the JavaScript engine in ...)
@@ -4617,7 +4615,6 @@
 	- webkit <unfixed> (unimportant; bug #559759)
 	- qt4-x11 <unfixed> (unimportant)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
-	[lenny] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- kdelibs <unfixed> (unimportant)
 	- kde4libs <unfixed> (unimportant)
 	NOTE: browser crashers are not considered security-relevant
@@ -5833,7 +5830,6 @@
 	- webkit <unfixed> (unimportant; bug #557752)
 	- qt4-x11 <undetermined> (unimportant; bug #561760)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
-	[lenny] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- kdelibs <undetermined> (unimportant; bug #561765)
 	- kde4libs <undetermined> (unimportant; bug #561762)
 	NOTE: browser denial-of-services are considered unimportant
@@ -6297,7 +6293,6 @@
 	- webkit <undetermined> (medium; bug #559759)
 	- qt4-x11 <undetermined> (bug #561760)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
-	[lenny] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- kdelibs <undetermined> (bug #561765)
 	- kde4libs <undetermined> (bug #561762)
 CVE-2009-2840 (Spotlight in Apple Mac OS X 10.5.8 does not properly handle temporary ...)
@@ -9628,7 +9623,6 @@
 	{DSA-1950-1}
 	- webkit 1.1.13-1 (medium; bug #538346)
 	- qt4-x11 4:4.5.2-2 (medium; bug #538347)
-	[lenny] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	- kdelibs <not-affected> (medium; bug #538350)
 	- kde4libs <not-affected> (medium; bug #538349)
@@ -9638,7 +9632,6 @@
 CVE-2009-1724 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
 	- qt4-x11 <unfixed> (low; bug #538403)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
-	[lenny] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- webkit 1.1.13-1 (low; bug #538402)
 	NOTE: http://www.thespanner.co.uk/2009/06/19/minor-safari-cross-domain-bug/
 CVE-2009-1723 (CFNetwork in Apple Mac OS X 10.5 before 10.5.8 places an incorrect URL ...)
@@ -9670,14 +9663,12 @@
 CVE-2009-1713 (The XSLT functionality in WebKit in Apple Safari before 4.0 does not ...)
 	- webkit 1.0.1-4 (medium; bug #535793)
 	- qt4-x11 4:4.5.2-2
-	[lenny] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	NOTE: http://trac.webkit.org/changeset/34533
 CVE-2009-1712 (WebKit in Apple Safari before 4.0 does not prevent remote loading of ...)
 	{DSA-1950-1}
 	- webkit 1.1.12-1 (medium; bug #535793)
 	- qt4-x11 4:4.5.2-2
-	[lenny] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	NOTE: http://trac.webkit.org/changeset/41568
 CVE-2009-1711 (WebKit in Apple Safari before 4.0 does not properly initialize memory ...)
@@ -9685,7 +9676,6 @@
 	- webkit 1.1.12-1 (medium; bug #535793)
 	NOTE: http://trac.webkit.org/changeset/36918
 	- qt4-x11 4:4.5.2-1
-	[lenny] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 CVE-2009-1710 (WebKit in Apple Safari before 4.0 allows remote attackers to spoof the ...)
 	{DSA-1950-1}
@@ -9720,14 +9710,12 @@
 CVE-2009-1699 (The XSL stylesheet implementation in WebKit in Apple Safari before ...)
 	- webkit 1.0.1-4 (medium; bug #535793)
 	- qt4-x11 4:4.5.2-2
-	[lenny] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 CVE-2009-1698 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
 	{DSA-1950-1 DSA-1868-1 DSA-1867-1}
 	- webkit 1.1.5-1 (medium; bug #534946)
 	NOTE: http://trac.webkit.org/changeset/42081
 	- qt4-x11 4:4.5.2-1
-	[lenny] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	- kdelibs 3.5.10.dfsg.1-2.1 (medium; bug #534949)
 CVE-2009-1697 (CRLF injection vulnerability in WebKit in Apple Safari before 4.0, ...)
@@ -9763,7 +9751,6 @@
 	- kde4libs 4:4.3.0-1 (medium; bug #534949)
 	NOTE: http://websvn.kde.org/?view=rev&revision=983316
 	- qt4-x11 4:4.5.2-1 (medium; bug #534947)
-	[lenny] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 CVE-2009-1689 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
 	- webkit 1.1.12-1 (low; bug #535793)
@@ -9778,7 +9765,6 @@
 	- kde4libs 4:4.3.0-1
 	NOTE: http://trac.webkit.org/changeset/41854
 	- qt4-x11 4:4.5.2-1 (medium; bug #534946)
-	[lenny] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 	[etch] - qt4-x11 <not-affected> (QTWebkit was introduced in 4.4)
 CVE-2009-1686 (WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...)
 	- webkit 1.1.12-1 (medium; bug #535793)
@@ -12426,7 +12412,6 @@
 	{DSA-1950-1 DSA-1866-1}
 	- qt4-x11 4:4.5.2-1 (medium; bug #532718)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
-	[lenny] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- webkit 1.1.5-1 (medium; bug #532724; bug #532725)
 	NOTE: http://trac.webkit.org/changeset/43590
 	- kde4libs 4:4.3.0-1 (medium; bug #534917)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies	2010-01-30 21:54:10 UTC (rev 13977)
+++ data/embedded-code-copies	2010-01-31 00:13:51 UTC (rev 13978)
@@ -665,7 +665,6 @@
 webkit
 	- qt4-x11 <unfixed> (embed; bug #479851)
         [etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
-        [lenny] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
 	- kde4libs <unfixable> (fork)
 	NOTE: kde4lib's khtml and webkit were forked from khtml (this tracking, which seems 
 	NOTE: reversed genesis-wise, is used because of so much other stuff in kde4libs)

More information about the Secure-testing-commits mailing list