[Secure-testing-commits] r15279 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Tue Sep 7 01:30:58 UTC 2010
Author: gilbert-guest
Date: 2010-09-07 01:30:52 +0000 (Tue, 07 Sep 2010)
New Revision: 15279
Modified:
data/CVE/list
Log:
webkit updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-06 23:51:36 UTC (rev 15278)
+++ data/CVE/list 2010-09-07 01:30:52 UTC (rev 15279)
@@ -219,7 +219,7 @@
NOTE: http://trac.webkit.org/changeset/65325
CVE-2010-3119 (Google Chrome before 5.0.375.127 does not properly support the Ruby ...)
- chromium-browser 5.0.375.127~r55887-1
- - webkit <undetermined>
+ - webkit 1.2.4-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=43795
NOTE: http://trac.webkit.org/changeset/65090
CVE-2010-3118 (The autosuggest feature in the Omnibox implementation in Google Chrome ...)
@@ -234,19 +234,20 @@
NOTE: http://trac.webkit.org/changeset/64293
NOTE: https://bugs.webkit.org/show_bug.cgi?id=43147
NOTE: https://bugs.webkit.org/show_bug.cgi?id=43888
- NOTE: http://trac.webkit.org/changeset/65280
+ NOTE: http://trac.webkit.org/changeset/65280 vulnerable code not present in 1.2 series
CVE-2010-3115 (Google Chrome before 5.0.375.127 does not properly implement the ...)
- - webkit <undetermined>
+ - webkit <unfixed>
- chromium-browser 5.0.375.127~r55887-1
NOTE: http://trac.webkit.org/changeset/63925
NOTE: http://trac.webkit.org/changeset/64077
+ NOTE: only partially fixed: only 64077 applied in 1.2.4-1
CVE-2010-3114 (The text-editing implementation in Google Chrome before 5.0.375.127 ...)
- - webkit <undetermined>
+ - webkit 1.2.4-1
- chromium-browser 5.0.375.127~r55887-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=42655
NOTE: http://trac.webkit.org/changeset/63773
CVE-2010-3113 (Google Chrome before 5.0.375.127 does not properly handle SVG ...)
- - webkit <undetermined>
+ - webkit 1.2.4-1
- chromium-browser 5.0.375.127~r55887-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=42659
NOTE: http://trac.webkit.org/changeset/63865
@@ -733,10 +734,11 @@
- webkit <not-affected> (Chromium specific issue)
- chromium-browser 5.0.375.125~r53311-1
CVE-2010-2902 (The SVG implementation in Google Chrome before 5.0.375.125 allows ...)
- - webkit <undetermined>
+ - webkit 1.2.4-1
- chromium-browser 5.0.375.125~r53311-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=41621
NOTE: http://trac.webkit.org/changeset/62662
+ NOTE: duplicate of cve-2010-1793
CVE-2010-2901 (The rendering implementation in Google Chrome before 5.0.375.125 ...)
- webkit <undetermined>
- chromium-browser 5.0.375.125~r53311-1
@@ -748,10 +750,11 @@
NOTE: https://bugs.webkit.org/show_bug.cgi?id=41962
NOTE: http://trac.webkit.org/changeset/63219
CVE-2010-2899 (Unspecified vulnerability in the layout implementation in Google ...)
- - webkit <undetermined>
+ - webkit 1.2.4-1
- chromium-browser 5.0.375.125~r53311-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=38977
NOTE: http://trac.webkit.org/changeset/62134
+ NOTE: duplicate of cve-2010-1783
CVE-2010-2898 (Google Chrome before 5.0.375.125 does not properly mitigate an ...)
- webkit <not-affected> (chromium specific issue)
- chromium-browser 5.0.375.125~r53311-1
@@ -1441,13 +1444,14 @@
NOTE: https://bugs.webkit.org/show_bug.cgi?id=39305
NOTE: http://trac.webkit.org/projects/webkit/changeset/61921
CVE-2010-2647 (Google Chrome before 5.0.375.99 allows remote attackers to cause a ...)
- - webkit <unfixed>
+ - webkit 1.2.4-1
- chromium-browser 5.0.375.99~r51029-1
NOTE: https://bugs.webkit.org/show_bug.cgi?id=38627
NOTE: http://trac.webkit.org/changeset/61667
- NOTE: http://trac.webkit.org/changeset/61669
- NOTE: http://trac.webkit.org/changeset/61676
- NOTE: http://trac.webkit.org/changeset/61679
+ NOTE: http://trac.webkit.org/changeset/61669 mac fixes
+ NOTE: http://trac.webkit.org/changeset/61676 chromium fixes
+ NOTE: http://trac.webkit.org/changeset/61679 additional layout test
+ NOTE: duplicate of cve-2010-1786
CVE-2010-2646 (Google Chrome before 5.0.375.99 does not properly isolate sandboxed ...)
- webkit <unfixed>
- chromium-browser 5.0.375.99~r51029-1
@@ -2375,6 +2379,7 @@
- chromium-browser 6.0.466.0~r52279-1
TODO: someone with access to webkit security list please track down commit
NOTE: This is a large series of risky behaviour-changing changesets.
+ NOTE: upstream changelog says this is fixed in 1.2.3, but i'm doubtful of that
CVE-2010-2263 (nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on ...)
- nginx <not-affected> (Windows-specific vulnerability when running on NTFS)
CVE-2009-4892 (SQL injection vulnerability in Content Management System WEBjump! ...)
@@ -3586,6 +3591,7 @@
CVE-2010-1796 (The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 ...)
- webkit <undetermined>
- chromium-browser <undetermined>
+ TODO: someone with access to webkit security list, please check
CVE-2010-1795 (Untrusted search path vulnerability in Apple iTunes before 9.1, when ...)
NOT-FOR-US: Apple iTunes on Windows
CVE-2010-1794 (The webdav_mount function in webdav_vfsops.c in the WebDAV kernel ...)
@@ -3593,49 +3599,69 @@
CVE-2010-1793 (Multiple use-after-free vulnerabilities in WebKit in Apple Safari ...)
- webkit 1.2.4-1
- chromium-browser <undetermined>
+ NOTE: http://trac.webkit.org/changeset/62482
+ NOTE: http://trac.webkit.org/changeset/62662
+ NOTE: duplicated as cve-2010-2902
CVE-2010-1792 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
- webkit 1.2.4-1
- chromium-browser <undetermined>
+ NOTE: http://trac.webkit.org/changeset/62386
CVE-2010-1791 (Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac ...)
- webkit <undetermined>
- chromium-browser <undetermined>
+ TODO: someone with access to webkit security list, please check
CVE-2010-1790 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
- webkit 1.2.4-1
- chromium-browser <undetermined>
+ NOTE: http://trac.webkit.org/changeset/62301
CVE-2010-1789 (Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on ...)
- webkit <undetermined>
- chromium-browser <undetermined>
+ TODO: someone with access to webkit security list, please check
CVE-2010-1788 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
- webkit 1.2.4-1
- chromium-browser <undetermined>
CVE-2010-1787 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
- webkit 1.2.4-1
- chromium-browser <undetermined>
+ NOTE: http://trac.webkit.org/changeset/61044
CVE-2010-1786 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on ...)
- webkit 1.2.4-1
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.99~r51029-1
+ NOTE: http://trac.webkit.org/changeset/61667
+ NOTE: duplicated as cve-2010-2647
CVE-2010-1785 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
- webkit 1.2.4-1
- chromium-browser <undetermined>
+ NOTE: http://trac.webkit.org/changeset/61050
CVE-2010-1784 (The counters functionality in the Cascading Style Sheets (CSS) ...)
- webkit 1.2.4-1
- chromium-browser <undetermined>
+ NOTE: http://trac.webkit.org/changeset/62271
CVE-2010-1783 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
- webkit <undetermined>
- chromium-browser <undetermined>
+ NOTE: duplicated as cve-2010-2899
CVE-2010-1782 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
- webkit 1.2.4-1
- chromium-browser <undetermined>
+ NOTE: http://trac.webkit.org/changeset/60984
CVE-2010-1781
RESERVED
+ - webkit <undetermined>
+ - chromium-browser <undetermined>
+ NOTE: claimed fixed in upstream webkit 1.2.4 changelog, but no info currently available
+ TODO: check
CVE-2010-1780 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on ...)
- webkit <undetermined>
- chromium-browser <undetermined>
+ TODO: someone with access to webkit security list, please check
CVE-2010-1779
RESERVED
CVE-2010-1778 (Cross-site scripting (XSS) vulnerability in Apple Safari before 5.0.1 ...)
- webkit <undetermined>
- chromium-browser <undetermined>
+ TODO: someone with access to webkit security list, please check
CVE-2010-1777 (Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers ...)
NOT-FOR-US: Apple iTunes
CVE-2010-1776
More information about the Secure-testing-commits
mailing list