[Secure-testing-commits] r15569 - in data: . CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Mon Nov 8 02:24:02 UTC 2010
Author: gilbert-guest
Date: 2010-11-08 02:23:56 +0000 (Mon, 08 Nov 2010)
New Revision: 15569
Modified:
data/CVE/list
data/embedded-code-copies
Log:
webkit triage
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-11-07 09:51:33 UTC (rev 15568)
+++ data/CVE/list 2010-11-08 02:23:56 UTC (rev 15569)
@@ -2231,12 +2231,14 @@
NOTE: http://trac.webkit.org/changeset/65135
CVE-2010-3253 (The implementation of notification permissions in Google Chrome before ...)
- chromium-browser 6.0.472.53~r57914-1
- - webkit <undetermined>
- NOTE: http://trac.webkit.org/changeset/64647 http://trac.webkit.org/changeset/64651
+ - webkit <not-affected> (notifications not yet used in webkit)
+ NOTE: http://trac.webkit.org/changeset/64647
+ NOTE: http://trac.webkit.org/changeset/64651
CVE-2010-3252 (Use-after-free vulnerability in the Notifications presenter in Google ...)
- chromium-browser 6.0.472.53~r57914-1
- - webkit <undetermined>
- NOTE: https://bugs.webkit.org/show_bug.cgi?id=43645 http://trac.webkit.org/changeset/65742
+ - webkit <not-affected> (notifications not yet used in webkit)
+ NOTE: https://bugs.webkit.org/show_bug.cgi?id=43645
+ NOTE: http://trac.webkit.org/changeset/65742
CVE-2010-3251 (The WebSockets implementation in Google Chrome before 6.0.472.53 ...)
- chromium-browser 6.0.472.53~r57914-1
- webkit <not-affected>
@@ -6024,9 +6026,10 @@
- chromium-browser 6.0.472.59~r59126-1
NOTE: http://trac.webkit.org/changeset/66795
CVE-2010-1823 (Use-after-free vulnerability in WebKit before r65958, as used in ...)
- - webkit <undetermined>
- - chromium-browser 6.0.472.59~r59126-1
- NOTE: http://trac.webkit.org/changeset/65692
+ - webkit <not-affected> (vulnerable code not present in 1.2.x series)
+ - chromium-browser <undetermined>
+ NOTE: http://trac.webkit.org/changeset/65958
+ TODO: recheck chromium, was wrong commit
CVE-2010-1822 (WebKit, as used in Google Chrome before 6.0.472.62, does not properly ...)
- webkit <undetermined>
- chromium-browser 6.0.472.62~r59676-1
@@ -6050,9 +6053,9 @@
- chromium-browser <not-affected>
NOTE: duplicate of CVE-2010-1783
CVE-2010-1813 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows ...)
- - webkit <not-affected>
+ - webkit <unfixed>
- chromium-browser <not-affected>
- NOTE: duplicate of CVE-2010-1782
+ NOTE: http://trac.webkit.org/changeset/63048
CVE-2010-1812 (Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the ...)
- webkit <not-affected>
- chromium-browser <not-affected>
@@ -6068,7 +6071,8 @@
CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 does not ...)
- webkit 1.2.5-1 (bug #599830)
- chromium-browser <not-affected>
- NOTE: http://trac.webkit.org/changeset/64706 https://bugs.webkit.org/show_bug.cgi?id=43461
+ NOTE: http://trac.webkit.org/changeset/64706
+ NOTE: https://bugs.webkit.org/show_bug.cgi?id=43461
NOTE: the problem is that the standard-library strtod()
NOTE: parses "NAN(payload)" as a NaN with a user-defined payload, which is bad for the nan-boxing
NOTE: scheme used by webkit (and mozilla). The fix is not to accept "NAN(payload)".
@@ -6077,11 +6081,10 @@
CVE-2010-1806 (Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x ...)
- webkit <undetermined>
- chromium-browser 5.0.375.127~r55887-1
- NOTE: duplicated of CVE-2010-1782
CVE-2010-1805 (Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 ...)
- - webkit <undetermined>
- - chromium-browser <not-affected>
- NOTE: This is the DLL planting attack
+ - webkit <not-affected> (windows-specific issue)
+ - chromium-browser <not-affected> (windows-specific issue)
+ NOTE: This is the windows DLL planting attack
CVE-2010-1804
RESERVED
CVE-2010-1803
@@ -6212,8 +6215,9 @@
NOTE: https://bugs.webkit.org/show_bug.cgi?id=38626
NOTE: http://trac.webkit.org/changeset/59795
CVE-2010-1769 (WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 ...)
- - webkit <undetermined>
+ - webkit 1.2.2-1
- chromium-browser 5.0.375.55~r47796-1
+ NOTE: dupe of CVE-2010-1774
CVE-2010-1768 (Unspecified vulnerability in Apple iTunes before 9.1 allows local ...)
NOT-FOR-US: Apple iTunes
CVE-2010-1767 (Cross-site request forgery (CSRF) vulnerability in ...)
@@ -7465,7 +7469,7 @@
- webkit <not-affected> (this is a bug in Apple's PDFKit)
- chromium-browser <not-affected> (this is a bug in Apple's PDFKit)
CVE-2010-1384 (Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and ...)
- - webkit <undetermined> (unimportant)
+ - webkit <unfixed> (unimportant)
- chromium-browser <unfixed> (unimportant)
NOTE: This is based on various misconceptions surrounding "phishing" The only supported browser security model
NOTE: surrounding URLs is the accurate post-link-click indication of the final target URL in the URL bar.
@@ -10638,7 +10642,8 @@
- kdelibs <undetermined>
- kde4libs <undetermined>
CVE-2010-0314 (Apple Safari allows remote attackers to discover a redirect's target ...)
- NOT-FOR-US: Safari
+ - webkit 1.1.90-1
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-0313 (The core_get_proxyauth_dn function in ns-slapd in Sun Java System ...)
NOT-FOR-US: Sun Java System Directory Server Enterprise Edition
CVE-2010-0312 (The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server ...)
@@ -12052,6 +12057,7 @@
- xar <removed> (bug #572556)
[lenny] - xar <no-dsa> (Minor issue)
CVE-2010-0054 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
+ - chromium-browser <undetermined>
- webkit 1.1.90-1 (bug #574064)
- kde4libs <undetermined>
- kdelibs <undetermined>
@@ -12060,6 +12066,7 @@
NOTE: http://trac.webkit.org/changeset/53813
NOTE: http://trac.webkit.org/changeset/54242
CVE-2010-0053 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
+ - chromium-browser <undetermined>
- webkit 1.1.90-1 (bug #574064)
[lenny] - webkit <not-affected> (Vulnerable code not present)
- kde4libs <undetermined>
@@ -12067,6 +12074,7 @@
- qt4-x11 <undetermined>
NOTE: http://trac.webkit.org/changeset/50466
CVE-2010-0052 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
+ - chromium-browser <undetermined>
- webkit 1.1.90-1 (bug #574064)
[lenny] - webkit <not-affected> (Vulnerable code not present)
- kde4libs <undetermined>
@@ -12078,30 +12086,35 @@
NOTE: duplicate of CVE-2010-0651
TODO: request rejection for this CVE
CVE-2010-0050 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
+ - chromium-browser <undetermined>
- webkit 1.1.90-1 (bug #574064)
- kde4libs <undetermined>
- kdelibs <undetermined>
- qt4-x11 <undetermined>
NOTE: http://trac.webkit.org/changeset/52073
CVE-2010-0049 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
+ - chromium-browser <undetermined>
- webkit 1.1.90-1 (bug #574064)
- kde4libs <undetermined>
- kdelibs <undetermined>
- qt4-x11 <undetermined>
NOTE: http://trac.webkit.org/changeset/52527
CVE-2010-0048 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
+ - chromium-browser <undetermined>
- webkit 1.1.90-1 (bug #574064)
- kde4libs <undetermined>
- kdelibs <undetermined>
- qt4-x11 <undetermined>
NOTE: http://trac.webkit.org/changeset/51962
CVE-2010-0047 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 ...)
+ - chromium-browser <undetermined>
- webkit 1.1.90-1 (bug #574064)
- kde4libs <undetermined>
- kdelibs <undetermined>
- qt4-x11 <undetermined>
NOTE: http://trac.webkit.org/changeset/50698
CVE-2010-0046 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple ...)
+ - chromium-browser <undetermined>
- webkit 1.1.90-1 (bug #574064)
- kde4libs <undetermined>
- kdelibs <undetermined>
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2010-11-07 09:51:33 UTC (rev 15568)
+++ data/embedded-code-copies 2010-11-08 02:23:56 UTC (rev 15569)
@@ -1163,6 +1163,7 @@
pidgin (libpurple)
- gaim <removed> (old-version)
- qutecom 2.2~rc3.hg396~dfsg1-6 (embed; bug #559785)
+ - wengophone <unfixed> (embed; bug #601425)
icu
- webkit 1.0.1-1 (embed; bug #547214)
@@ -2046,8 +2047,5 @@
- boson <unfixed> (embed; bug #600900)
- openscenegraph <unfixed> (embed; bug #601181)
-gaim
- - wengophone <unfixed> (embed; bug #601425)
-
xcftools
- gnome-xcf-thumbnailer <unfixed> (embed)
More information about the Secure-testing-commits
mailing list