[Secure-testing-commits] r14693 - data/CVE
Giuseppe Iuculano
derevko-guest at alioth.debian.org
Fri May 14 13:11:11 UTC 2010
Author: derevko-guest
Date: 2010-05-14 13:11:05 +0000 (Fri, 14 May 2010)
New Revision: 14693
Modified:
data/CVE/list
Log:
CVE-2010-1152 fixed in memcached 1.4.5-1
chromium-browser triage
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-05-13 23:53:46 UTC (rev 14692)
+++ data/CVE/list 2010-05-14 13:11:05 UTC (rev 14693)
@@ -482,9 +482,10 @@
CVE-2010-1732 (Cross-site request forgery (CSRF) vulnerability in the users module in ...)
NOT-FOR-US: Zikula Application Framework
CVE-2010-1731 (Google Chrome on the HTC Hero allows remote attackers to cause a ...)
- - chromium-browser <unfixed>
+ - chromium-browser <unfixed> (unimportant)
NOTE: various crashes on window close after opening the file on chromium (including sometimes segfaults)
NOTE: CVE-2010-1729/1730/1731 are the same issue but with different effects
+ NOTE: Browser DoS not treated as security issues
CVE-2010-1730 (Dolphin Browser 2.5.0 on the HTC Hero allows remote attackers to cause ...)
- kdelibs <undetermined>
- kde4libs <undetermined>
@@ -636,14 +637,11 @@
CVE-2010-1666
RESERVED
CVE-2010-1665 (Google Chrome before 4.1.249.1064 does not properly handle fonts, ...)
- - chromium-browser <undetermined>
- TODO: check
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-1664 (Google Chrome before 4.1.249.1064 does not properly handle HTML5 ...)
- - chromium-browser <undetermined>
- TODO: check
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-1663 (The Google URL Parsing Library (aka google-url or GURL) in Google ...)
- - chromium-browser <undetermined>
- TODO: check
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-1662 (Cross-site scripting (XSS) vulnerability in acpmoderate.php in ...)
NOT-FOR-US: PHP-Quick-Arcade
CVE-2010-1661 (Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) ...)
@@ -2012,7 +2010,7 @@
- typo3-src 4.3.3-1 (bug #577993)
[lenny] - typo3-src <not-affected> (Only affects 4.3.x)
CVE-2010-1152 (memcached.c in memcached before 1.4.3 allows remote attackers to cause ...)
- - memcached <unfixed> (medium; bug #579913)
+ - memcached 1.4.5-1 (medium; bug #579913)
CVE-2010-1151 (Race condition in the mod_auth_shadow module for the Apache HTTP ...)
- libapache2-mod-auth-shadow <itp> (bug #503184)
CVE-2010-1150 (MediaWiki before 1.15.3, and 1.6.x before 1.16.0beta2, does not ...)
@@ -2335,8 +2333,7 @@
NOT-FOR-US: HP-UX
CVE-2010-1029 (Stack consumption vulnerability in the WebCore::CSSSelector function ...)
- webkit <not-affected> (proof-of-concept not effective)
- - chromium-browser <undetermined>
- TODO: check
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-1027 (SQL injection vulnerability in the Meet Travelmates (travelmate) ...)
NOT-FOR-US: travelmate extension for typo3
CVE-2010-1026 (SQL injection vulnerability in the CleanDB - DBAL (tmsw_cleandb) ...)
@@ -14877,7 +14874,7 @@
CVE-2009-1516 (Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX ...)
NOT-FOR-US: ActiveX
CVE-2009-1514 (Google Chrome 1.0.154.53 allows remote attackers to cause a denial of ...)
- - chromium-browser <unfixed> (low)
+ - chromium-browser 5.0.375.38~r46659-1 (low)
- webkit <unfixed> (bug #578982)
- qt4-x11 <undetermined>
- kdebase <undetermined>
More information about the Secure-testing-commits
mailing list