[Secure-testing-commits] r17759 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Wed Dec 7 13:45:42 UTC 2011
Author: jmm
Date: 2011-12-07 13:45:42 +0000 (Wed, 07 Dec 2011)
New Revision: 17759
Modified:
data/CVE/list
Log:
acpid CVEfied
new chromium issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-12-06 21:14:27 UTC (rev 17758)
+++ data/CVE/list 2011-12-07 13:45:42 UTC (rev 17759)
@@ -1,7 +1,7 @@
CVE-2011-4678 (The password reset feature in One Click Orgs before 1.2.3 generates ...)
- TODO: check
+ NOT-FOR-US: One Click Orgs
CVE-2011-4677 (One Click Orgs before 1.2.3 does not have an off autocomplete ...)
- TODO: check
+ NOT-FOR-US: One Click Orgs
CVE-2011-4676
RESERVED
CVE-2011-4675 (The pathname canonicalization functionality in ...)
@@ -17,7 +17,7 @@
CVE-2011-4671 (SQL injection vulnerability in adrotate/adrotate-out.php in the ...)
TODO: check
CVE-2011-4670 (Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM ...)
- TODO: check
+ NOT-FOR-US: vTiger CRM
CVE-2011-4669 (SQL injection vulnerability in wp-users.php in WordPress Users plugin ...)
TODO: check
CVE-2011-XXXX [FFmpeg Libavcodec memory corruption remote code execution]
@@ -214,8 +214,9 @@
RESERVED
CVE-2011-4579
RESERVED
-CVE-2011-4578
+CVE-2011-4578 [acpid insecure umasks for calling external scripts]
RESERVED
+ - acpid 1:2.0.11-1
CVE-2011-4577
RESERVED
CVE-2011-4576
@@ -2302,33 +2303,33 @@
CVE-2011-3901
RESERVED
CVE-2011-3900 (Google V8, as used in Google Chrome before 15.0.874.121, allows remote ...)
- - chromium-browser <unfixed>
+ - chromium-browser 15.0.874.121~r109964-1
- webkit <undetermined>
CVE-2011-3899
RESERVED
CVE-2011-3898 (Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) ...)
- - chromium-browser <unfixed>
+ - chromium-browser 15.0.874.121~r109964-1
- webkit <undetermined>
CVE-2011-3897 (Use-after-free vulnerability in Google Chrome before 15.0.874.120 ...)
- - chromium-browser <unfixed>
+ - chromium-browser 15.0.874.121~r109964-1
- webkit <undetermined>
CVE-2011-3896 (Buffer overflow in Google Chrome before 15.0.874.120 allows remote ...)
- - chromium-browser <unfixed>
+ - chromium-browser 15.0.874.121~r109964-1
- webkit <undetermined>
CVE-2011-3895 (Heap-based buffer overflow in the Vorbis decoder in Google Chrome ...)
- - chromium-browser <undetermined>
+ - chromium-browser 15.0.874.121~r109964-1
- webkit <undetermined>
TODO: might affect libvorbis or libav, didn't check
CVE-2011-3894 (Google Chrome before 15.0.874.120 does not properly perform VP8 ...)
- - chromium-browser <unfixed>
+ - chromium-browser 15.0.874.121~r109964-1
- webkit <undetermined>
TODO: check
CVE-2011-3893 (Google Chrome before 15.0.874.120 does not properly implement the MKV ...)
- - chromium-browser <unfixed>
+ - chromium-browser 15.0.874.121~r109964-1
- webkit <undetermined>
TODO: might affect libtheora or libav
CVE-2011-3892 (Double free vulnerability in the Theora decoder in Google Chrome ...)
- - chromium-browser <undetermined>
+ - chromium-browser 15.0.874.121~r109964-1
- webkit <undetermined>
TODO: might affect libtheora or libav
CVE-2011-3891 (Google Chrome before 15.0.874.102 does not properly restrict access to ...)
@@ -4875,8 +4876,6 @@
NOT-FOR-US: Sunway ForceControl
CVE-2011-2959 (Stack-based buffer overflow in the Open Database Connectivity (ODBC) ...)
NOT-FOR-US: 7-Technologies Interactive Graphical SCADA System (IGSS)
-CVE-2011-XXXX [acpid insecure umasks for calling external scripts]
- - acpid 1:2.0.11-1
CVE-2011-XXXX [TYPO3-SA-2011-001]
- typo3-src 4.5.4+dfsg1-1 (bug #635937)
CVE-2011-2958 (Multiple cross-site scripting (XSS) vulnerabilities in Ecava ...)
More information about the Secure-testing-commits
mailing list