[Secure-testing-commits] r16495 - data/CVE

Giuseppe Iuculano iuculano at alioth.debian.org
Fri Apr 8 10:52:30 UTC 2011 

Author: iuculano
Date: 2011-04-08 10:52:27 +0000 (Fri, 08 Apr 2011)
New Revision: 16495

Modified:
   data/CVE/list
Log:
chromium/webkit issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-04-07 21:15:04 UTC (rev 16494)
+++ data/CVE/list	2011-04-08 10:52:27 UTC (rev 16495)
@@ -455,8 +455,8 @@
 	- php5 5.3.6-1
 	NOTE: null pointer deref because of int overflow. Fix has a bug
 CVE-2011-1465 (The SPDY implementation in net/http/http_network_transaction.cc in ...)
-	- chromium-browser <undetermined>
-	- webkit <undetermined>
+	- chromium-browser <not-affected> (only the dev version was affected)
+	- webkit <not-affected> (chromium specific)
 CVE-2011-1464 (Buffer overflow in the strval function in PHP before 5.3.6, when the ...)
 	- php5 5.3.6-1 (unimportant)
 	NOTE: ini setting needs to be modified.
@@ -859,21 +859,26 @@
 CVE-2011-1296 (Google Chrome before 10.0.648.204 does not properly handle SVG text, ...)
 	- chromium-browser 10.0.648.204~r79063-1
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/80520
 CVE-2011-1295 (Google Chrome before 10.0.648.204 does not properly handle node ...)
 	- chromium-browser 10.0.648.204~r79063-1
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/80487
 CVE-2011-1294 (Google Chrome before 10.0.648.204 does not properly handle Cascading ...)
 	- chromium-browser 10.0.648.204~r79063-1
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/80144
 CVE-2011-1293 (Use-after-free vulnerability in the HTMLCollection implementation in ...)
 	- chromium-browser 10.0.648.204~r79063-1
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/80797
 CVE-2011-1292 (Use-after-free vulnerability in the frame-loader implementation in ...)
 	- chromium-browser 10.0.648.204~r79063-1
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/79808
 CVE-2011-1291 (Google Chrome before 10.0.648.204 does not properly handle base ...)
 	- chromium-browser 10.0.648.204~r79063-1
-	- webkit <undetermined>
+	- webkit <not-affected> (chromium specific)
 CVE-2011-1290 (Integer overflow in WebKit, as used on the Research In Motion (RIM) ...)
 	{DSA-2192-1}
 	- chromium-browser 10.0.648.133~r77742-1

More information about the Secure-testing-commits mailing list