[Secure-testing-commits] r16069 - data/CVE

Sat Feb 5 23:34:27 UTC 2011

Author: gilbert-guest
Date: 2011-02-05 23:34:27 +0000 (Sat, 05 Feb 2011)
New Revision: 16069

Modified:
   data/CVE/list
Log:
webkit updates

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-02-05 21:05:57 UTC (rev 16068)
+++ data/CVE/list	2011-02-05 23:34:27 UTC (rev 16069)
@@ -1922,6 +1922,8 @@
 CVE-2010-4577 (The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp ...)
 	- chromium-browser 6.0.472.63~r59945-4
 	- webkit <undetermined>
+	NOTE: https://bugs.webkit.org/show_bug.cgi?id=49883
+	NOTE: http://code.google.com/p/chromium/issues/detail?id=63866
 	NOTE: http://trac.webkit.org/changeset/72685
 CVE-2010-4576 (browser/worker_host/message_port_dispatcher.cc in Google Chrome before ...)
 	- chromium-browser 6.0.472.63~r59945-4 (bug #607843; low)
@@ -2322,6 +2324,7 @@
 	- chromium-browser 9.0.597.45~r70550-1
 	[squeeze] - chromium-browser <not-affected>
 	- webkit <undetermined>
+	NOTE: http://code.google.com/p/chromium/issues/detail?id=62168
 	NOTE: http://trac.webkit.org/changeset/71533
 CVE-2010-4490 (Google Chrome before 8.0.552.215 allows remote attackers to cause a ...)
 	- chromium-browser 6.0.472.63~r59945-3
@@ -2344,9 +2347,9 @@
 	NOTE: http://trac.webkit.org/changeset/71170
 CVE-2010-4485 (Google Chrome before 8.0.552.215 does not properly restrict the ...)
 	- chromium-browser <unfixed> (unimportant)
-	- webkit <undetermined>
+	- webkit <unfixed> (unimportant)
 	NOTE: http://trac.webkit.org/changeset/69914
-	NOTE: only a browser crash
+	NOTE: only a browser crash due to opening too many dialogs (i.e. a dos)
 CVE-2010-4484 (Google Chrome before 8.0.552.215 does not properly handle HTML5 ...)
 	- chromium-browser <unfixed> (unimportant)
 	[squeeze] - chromium-browser <not-affected>
@@ -7833,7 +7836,6 @@
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.55~r47796-1
 	NOTE: http://trac.webkit.org/changeset/58829
-	NOTE: above patch for cve-2010-1773 fixes the problem, so this seems to be a dup
 CVE-2010-2440 (Stack-based buffer overflow in st-wizard.exe in Subtitle Translation ...)
 	NOT-FOR-US: Subtitle Translation Wizard
 CVE-2010-2439 (Stack-based buffer overflow in MoreAmp allows remote attackers to ...)
@@ -9451,18 +9453,16 @@
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser <undetermined>
 CVE-2010-1814 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows ...)
-	- webkit <not-affected>
-	- chromium-browser <not-affected>
-	NOTE: duplicate of CVE-2010-1783
+	- webkit <undetermined>
+	- chromium-browser <undetermined>
 CVE-2010-1813 (WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows ...)
 	- webkit 1.2.5-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser <not-affected>
 	NOTE: http://trac.webkit.org/changeset/63048
 CVE-2010-1812 (Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the ...)
-	- webkit <not-affected>
-	- chromium-browser <not-affected>
-	NOTE: duplicate of CVE-2010-1780
+	- webkit <undetermined>
+	- chromium-browser <undetermined>
 CVE-2010-1811 (ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows ...)
 	NOT-FOR-US: Apple iOS
 CVE-2010-1810 (FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not ...)
@@ -9483,10 +9483,9 @@
 	NOTE: test-case: -parseFloat("NAN(ffffeeeeeff0f)")
 	NOTE: reproduced with epiphany
 CVE-2010-1806 (Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x ...)
-	- webkit <undetermined>
+	- webkit <unfixed>
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: http://trac.webkit.org/changeset/63772
-	NOTE: duplicate of cve-2010-1782
 CVE-2010-1805 (Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 ...)
 	- webkit <not-affected> (windows-specific issue)
 	- chromium-browser <not-affected> (windows-specific issue)
@@ -9575,14 +9574,14 @@
 CVE-2010-1783 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
 	- webkit <undetermined>
 	- chromium-browser 5.0.375.127~r55887-1
-	NOTE: (Chromium Sec) This seems a duplicate of CVE-2010-3114
+	NOTE: (Chromium Sec) This seems a duplicate of CVE-2010-2899
+	NOTE: http://trac.webkit.org/changeset/62134
 CVE-2010-1782 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)
 	- webkit 1.2.4-1
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
 	- chromium-browser 5.0.375.127~r55887-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=41375
-	NOTE: http://trac.webkit.org/changeset/63772
-	TODO: recheck webkit (the changeset was wrong)
+	NOTE: http://trac.webkit.org/changeset/61921
 CVE-2010-1781 (Double free vulnerability in WebKit in Apple iOS before 4.1 on the ...)
 	- webkit <undetermined> 
 	- chromium-browser <undetermined>
@@ -9648,8 +9647,6 @@
 	- chromium-browser 5.0.375.29~r46008-1
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=36843
 	NOTE: http://trac.webkit.org/changeset/57041
-	NOTE: if this is the right commit, then this is a dup of cve-2010-1501
-	TODO: request rejection
 CVE-2010-1766 (Off-by-one error in the WebSocketHandshake::readServerHandshake ...)
 	- webkit 1.2.1-2
 	[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)


