[Secure-testing-commits] r15581 - data/CVE

Sun Nov 14 10:50:37 UTC 2010

Author: iuculano
Date: 2010-11-14 10:50:36 +0000 (Sun, 14 Nov 2010)
New Revision: 15581

Modified:
   data/CVE/list
Log:
chromium/webkit issues

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2010-11-13 21:14:28 UTC (rev 15580)
+++ data/CVE/list	2010-11-14 10:50:36 UTC (rev 15581)
@@ -398,35 +398,38 @@
 	NOT-FOR-US: Opera
 CVE-2010-4042 (Google Chrome before 7.0.517.41 does not properly handle element maps, ...)
 	- webkit <undetermined>
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-1
+	NOTE: http://trac.webkit.org/changeset/68096
 CVE-2010-4041 (The sandbox implementation in Google Chrome before 7.0.517.41 on Linux ...)
 	- webkit <not-affected> (issue with chromium sandbox)
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-1
 CVE-2010-4040 (Google Chrome before 7.0.517.41 does not properly handle animated GIF ...)
 	- webkit <unfixed>
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-1
 	NOTE: http://trac.webkit.org/changeset/68446
 CVE-2010-4039 (Google Chrome before 7.0.517.41 on Linux does not properly set the ...)
 	- webkit <not-affected> (chromium-specifc LD_LIBRARY_PATH issue)
-	- chromium-browser <undetermined>
+	- chromium-browser <not-affected> (package uses its own startup script)
 CVE-2010-4038 (The Web Sockets implementation in Google Chrome before 7.0.517.41 does ...)
 	- webkit <not-affected> (issue in chromium code base)
-	- chromium-browser <undetermined>
+	- chromium-browser 9.0.570
+	[squeeze] - chromium-browser <not-affected> (websocket_experiment not enabled in v6)
 CVE-2010-4037 (Unspecified vulnerability in Google Chrome before 7.0.517.41 allows ...)
 	- webkit <undetermined>
-	- chromium-browser <undetermined>
+	- chromium-browser <unfixed> (unimportant)
+	NOTE: http://trac.webkit.org/changeset/67716
 CVE-2010-4036 (Google Chrome before 7.0.517.41 does not properly handle the unloading ...)
-	- webkit <undetermined>
-	- chromium-browser <undetermined>
+	- webkit <not-affected> (chromium-specifc issue)
+	- chromium-browser 6.0.472.63~r59945-1
 CVE-2010-4035 (Google Chrome before 7.0.517.41 does not properly perform autofill ...)
 	- webkit <not-affected> (issue in chromium code base)
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-1
 CVE-2010-4034 (Google Chrome before 7.0.517.41 does not properly handle forms, which ...)
 	- webkit <not-affected> (issue in chromium code base)
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-1
 CVE-2010-4033 (Google Chrome before 7.0.517.41 does not properly implement the ...)
 	- webkit <not-affected> (issue in gestures, which resides in the webkit codebase, but is only used by chromium right now)
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-1
 	NOTE: http://trac.webkit.org/changeset/63786
 	NOTE: http://trac.webkit.org/changeset/67240
 CVE-2010-4032 (Cross-site request forgery (CSRF) vulnerability in HP Insight Control ...)
@@ -1142,7 +1145,7 @@
 CVE-2010-3730 (Google Chrome before 6.0.472.62 does not properly use information ...)
 	- webkit <not-affected> (issue in libv8)
 	- chromium-browser 6.0.472.62~r59676-1
-	- libv8 <undetermined>
+	- libv8 <not-affected>
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=45700
 	NOTE: http://trac.webkit.org/changeset/67509
 CVE-2010-3729 (The SPDY protocol implementation in Google Chrome before 6.0.472.62 ...)
@@ -6178,7 +6181,7 @@
 	NOTE: http://trac.webkit.org/changeset/66795
 CVE-2010-1823 (Use-after-free vulnerability in WebKit before r65958, as used in ...)
 	- webkit <not-affected> (vulnerable code not present in 1.2.x series)
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.59~r59126-1
 	NOTE: http://trac.webkit.org/changeset/65958
 	TODO: recheck chromium, was wrong commit
 CVE-2010-1822 (WebKit, as used in Google Chrome before 6.0.472.62, does not properly ...)


