[Secure-testing-commits] r15481 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Mon Oct 18 16:36:55 UTC 2010
Author: jmm-guest
Date: 2010-10-18 16:36:49 +0000 (Mon, 18 Oct 2010)
New Revision: 15481
Modified:
data/CVE/list
Log:
- vdr fixed
- gnome-subtitles fixed
- webkit fixed
- new eglibc issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-10-18 07:30:20 UTC (rev 15480)
+++ data/CVE/list 2010-10-18 16:36:49 UTC (rev 15481)
@@ -259,6 +259,8 @@
RESERVED
CVE-2010-3847
RESERVED
+ - eglibc <unfixed>
+ - glibc <removed>
CVE-2010-3846
RESERVED
CVE-2010-3844
@@ -1491,7 +1493,7 @@
RESERVED
CVE-2010-3387
RESERVED
- - vdr <unfixed> (unimportant; bug #598308)
+ - vdr 1.6.0-18.1 (unimportant; bug #598308)
NOTE: Only affects a debugging tool, see bug #598308
CVE-2010-3386
RESERVED
@@ -1589,7 +1591,7 @@
- henplus <unfixed> (bug #598290)
CVE-2010-3357
RESERVED
- - gnome-subtitles <unfixed> (bug #598289)
+ - gnome-subtitles 1.0-2 (bug #598289)
CVE-2010-3356
RESERVED
CVE-2010-3355
@@ -1823,7 +1825,7 @@
RESERVED
CVE-2010-3259 (Google Chrome before 6.0.472.53 does not properly restrict read access ...)
- chromium-browser 6.0.472.53~r57914-1
- - webkit <undetermined>
+ - webkit 1.2.5-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=44399
NOTE: http://trac.webkit.org/changeset/65826
CVE-2010-3258 (The sandbox implementation in Google Chrome before 6.0.472.53 does not ...)
@@ -1832,7 +1834,7 @@
NOTE: chromium specific
CVE-2010-3257 (Google Chrome before 6.0.472.53 does not properly perform focus ...)
- chromium-browser 6.0.472.53~r57914-1
- - webkit <undetermined>
+ - webkit 1.2.5-1
NOTE: http://trac.webkit.org/changeset/65748 https://bugs.webkit.org/show_bug.cgi?id=44226
CVE-2010-3256 (Google Chrome before 6.0.472.53 does not properly limit the number of ...)
- chromium-browser 6.0.472.53~r57914-1
@@ -2208,7 +2210,7 @@
- vlc <not-affected> (Windows specific vulnerability)
CVE-2010-3120 (Google Chrome before 5.0.375.127 does not properly implement the ...)
- chromium-browser 5.0.375.127~r55887-1
- - webkit <undetermined>
+ - webkit 1.2.5-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=43776
NOTE: https://bugs.webkit.org/show_bug.cgi?id=39879
NOTE: https://bugs.webkit.org/show_bug.cgi?id=44096
@@ -2226,14 +2228,14 @@
- chromium-browser 5.0.375.127~r55887-1
- webkit <not-affected> (chromium specific)
CVE-2010-3116 (Google Chrome before 5.0.375.127 does not properly process MIME types, ...)
- - webkit <undetermined>
+ - webkit 1.2.5-1
- chromium-browser 5.0.375.127~r55887-1
NOTE: http://trac.webkit.org/changeset/64293
NOTE: https://bugs.webkit.org/show_bug.cgi?id=43147
NOTE: https://bugs.webkit.org/show_bug.cgi?id=43888
NOTE: http://trac.webkit.org/changeset/65280 vulnerable code not present in 1.2 series
CVE-2010-3115 (Google Chrome before 5.0.375.127 does not properly implement the ...)
- - webkit <unfixed> (bug #599830)
+ - webkit 1.2.5-1 (bug #599830)
- chromium-browser 5.0.375.127~r55887-1
NOTE: http://trac.webkit.org/changeset/63925
NOTE: http://trac.webkit.org/changeset/64077
@@ -2244,7 +2246,7 @@
NOTE: https://bugs.webkit.org/show_bug.cgi?id=42655
NOTE: http://trac.webkit.org/changeset/63773
CVE-2010-3113 (Google Chrome before 5.0.375.127 does not properly handle SVG ...)
- - webkit 1.2.4-1
+ - webkit 1.2.5-1
- chromium-browser 5.0.375.127~r55887-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=42659
NOTE: http://trac.webkit.org/changeset/63865
@@ -2748,12 +2750,12 @@
NOTE: http://trac.webkit.org/changeset/62662
NOTE: duplicate of cve-2010-1793
CVE-2010-2901 (The rendering implementation in Google Chrome before 5.0.375.125 ...)
- - webkit <undetermined>
+ - webkit 1.2.5-1
- chromium-browser 5.0.375.125~r53311-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=41373
NOTE: http://trac.webkit.org/changeset/63048
CVE-2010-2900 (Google Chrome before 5.0.375.125 does not properly handle a large ...)
- - webkit <undetermined>
+ - webkit 1.2.5-1
- chromium-browser 5.0.375.125~r53311-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=41962
NOTE: http://trac.webkit.org/changeset/63219
@@ -3485,7 +3487,7 @@
- webkit <not-affected> (chromium specific issue)
- chromium-browser 5.0.375.99~r51029-1
CVE-2010-2651 (The Cascading Style Sheets (CSS) implementation in Google Chrome ...)
- - webkit <unfixed> (bug #599830)
+ - webkit 1.2.5-1 (bug #599830)
- chromium-browser 5.0.375.99~r51029-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=38891
NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=51014
@@ -3514,7 +3516,7 @@
NOTE: http://trac.webkit.org/changeset/61679 additional layout test
NOTE: duplicate of cve-2010-1786
CVE-2010-2646 (Google Chrome before 5.0.375.99 does not properly isolate sandboxed ...)
- - webkit <unfixed> (bug #599830)
+ - webkit 1.2.5-1 (bug #599830)
- chromium-browser 5.0.375.99~r51029-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=38151
NOTE: http://trac.webkit.org/changeset/58873
@@ -5625,7 +5627,7 @@
CVE-2010-1816
RESERVED
CVE-2010-1815 (Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the ...)
- - webkit <undetermined>
+ - webkit 1.2.5-1
- chromium-browser <undetermined>
CVE-2010-1814 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows ...)
- webkit <not-affected>
@@ -5648,7 +5650,7 @@
CVE-2010-1808 (Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac ...)
NOT-FOR-US: Apple Mac OS X
CVE-2010-1807 (WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 does not ...)
- - webkit <unfixed> (bug #599830)
+ - webkit 1.2.5-1 (bug #599830)
- chromium-browser <not-affected>
NOTE: http://trac.webkit.org/changeset/64706 https://bugs.webkit.org/show_bug.cgi?id=43461
NOTE: the problem is that the standard-library strtod()
@@ -5753,7 +5755,7 @@
NOTE: claimed fixed in upstream webkit 1.2.4 changelog, but no info currently available
TODO: check
CVE-2010-1780 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on ...)
- - webkit <undetermined>
+ - webkit 1.2.5-1
- chromium-browser 5.0.375.125~r53311-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=40407
NOTE: http://trac.webkit.org/changeset/60984
More information about the Secure-testing-commits
mailing list