[Secure-testing-commits] r17759 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Dec 7 13:45:42 UTC 2011


Author: jmm
Date: 2011-12-07 13:45:42 +0000 (Wed, 07 Dec 2011)
New Revision: 17759

Modified:
   data/CVE/list
Log:
acpid CVEfied
new chromium issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-12-06 21:14:27 UTC (rev 17758)
+++ data/CVE/list	2011-12-07 13:45:42 UTC (rev 17759)
@@ -1,7 +1,7 @@
 CVE-2011-4678 (The password reset feature in One Click Orgs before 1.2.3 generates ...)
-	TODO: check
+	NOT-FOR-US: One Click Orgs
 CVE-2011-4677 (One Click Orgs before 1.2.3 does not have an off autocomplete ...)
-	TODO: check
+	NOT-FOR-US: One Click Orgs
 CVE-2011-4676
 	RESERVED
 CVE-2011-4675 (The pathname canonicalization functionality in ...)
@@ -17,7 +17,7 @@
 CVE-2011-4671 (SQL injection vulnerability in adrotate/adrotate-out.php in the ...)
 	TODO: check
 CVE-2011-4670 (Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM ...)
-	TODO: check
+	NOT-FOR-US: vTiger CRM
 CVE-2011-4669 (SQL injection vulnerability in wp-users.php in WordPress Users plugin ...)
 	TODO: check
 CVE-2011-XXXX [FFmpeg Libavcodec memory corruption remote code execution]
@@ -214,8 +214,9 @@
 	RESERVED
 CVE-2011-4579
 	RESERVED
-CVE-2011-4578
+CVE-2011-4578 [acpid insecure umasks for calling external scripts]
 	RESERVED
+	- acpid 1:2.0.11-1
 CVE-2011-4577
 	RESERVED
 CVE-2011-4576
@@ -2302,33 +2303,33 @@
 CVE-2011-3901
 	RESERVED
 CVE-2011-3900 (Google V8, as used in Google Chrome before 15.0.874.121, allows remote ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <undetermined>
 CVE-2011-3899
 	RESERVED
 CVE-2011-3898 (Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <undetermined>
 CVE-2011-3897 (Use-after-free vulnerability in Google Chrome before 15.0.874.120 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <undetermined>
 CVE-2011-3896 (Buffer overflow in Google Chrome before 15.0.874.120 allows remote ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <undetermined>
 CVE-2011-3895 (Heap-based buffer overflow in the Vorbis decoder in Google Chrome ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <undetermined>
 	TODO: might affect libvorbis or libav, didn't check
 CVE-2011-3894 (Google Chrome before 15.0.874.120 does not properly perform VP8 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <undetermined>
 	TODO: check
 CVE-2011-3893 (Google Chrome before 15.0.874.120 does not properly implement the MKV ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <undetermined>
 	TODO: might affect libtheora or libav
 CVE-2011-3892 (Double free vulnerability in the Theora decoder in Google Chrome ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 15.0.874.121~r109964-1
 	- webkit <undetermined>
 	TODO: might affect libtheora or libav
 CVE-2011-3891 (Google Chrome before 15.0.874.102 does not properly restrict access to ...)
@@ -4875,8 +4876,6 @@
 	NOT-FOR-US: Sunway ForceControl
 CVE-2011-2959 (Stack-based buffer overflow in the Open Database Connectivity (ODBC) ...)
 	NOT-FOR-US: 7-Technologies Interactive Graphical SCADA System (IGSS)
-CVE-2011-XXXX [acpid insecure umasks for calling external scripts]
-	- acpid 1:2.0.11-1
 CVE-2011-XXXX [TYPO3-SA-2011-001]
 	- typo3-src 4.5.4+dfsg1-1 (bug #635937)
 CVE-2011-2958 (Multiple cross-site scripting (XSS) vulnerabilities in Ecava ...)




More information about the Secure-testing-commits mailing list