[Secure-testing-commits] r16358 - in data: CVE DSA
Giuseppe Iuculano
iuculano at alioth.debian.org
Thu Mar 10 19:22:17 UTC 2011
Author: iuculano
Date: 2011-03-10 19:22:09 +0000 (Thu, 10 Mar 2011)
New Revision: 16358
Modified:
data/CVE/list
data/DSA/list
Log:
got CVE id from chromium sec team
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-03-10 17:50:26 UTC (rev 16357)
+++ data/CVE/list 2011-03-10 19:22:09 UTC (rev 16358)
@@ -6,13 +6,6 @@
[lenny] - unixodbc <no-dsa> (Minor issue)
[squeeze] - unixodbc <no-dsa> (Minor issue)
NOTE: http://seclists.org/oss-sec/2011/q1/446
-CVE-2011-XXXX [xslt memory leak]
- - libxslt <unfixed> (bug #617413)
- NOTE: http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html
- [squeeze] - libxslt <no-dsa> (minor issue)
- [lenny] - libxslt <no-dsa> (minor issue)
-CVE-2011-XXXX [v8 issues]
- - libv8 <unfixed> (bug #617418)
CVE-2011-1322 (The SOAP with Attachments API for Java (SAAJ) implementation in the ...)
TODO: check
CVE-2011-1321 (The AuthCache purge implementation in the Security component in IBM ...)
@@ -89,8 +82,10 @@
RESERVED
CVE-2011-1286
RESERVED
+ - libv8 <unfixed> (bug #617418)
CVE-2011-1285
RESERVED
+ - libv8 <unfixed> (bug #617418)
CVE-2011-1284
RESERVED
CVE-2011-1283
@@ -257,44 +252,109 @@
RESERVED
CVE-2011-1204
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ [squeeze] - chromium-browser <no-dsa> (hard merge)
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/79810
CVE-2011-1203
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/79476
CVE-2011-1202
RESERVED
+ - libxslt <unfixed> (bug #617413)
+ NOTE: http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html
+ [squeeze] - libxslt <no-dsa> (minor issue)
+ [lenny] - libxslt <no-dsa> (minor issue)
CVE-2011-1201
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/78921
CVE-2011-1200
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/78744
CVE-2011-1199
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <undetermined>
+ NOTE: https://trac.webkit.org/changeset/78738
CVE-2011-1198
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ [squeeze] - chromium-browser <not-affected>
+ - ffmpeg <undetermined>
CVE-2011-1197
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/79734
CVE-2011-1196
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ [squeeze] - chromium-browser <not-affected>
+ - ffmpeg <undetermined>
CVE-2011-1195
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/78147
CVE-2011-1194
RESERVED
+ - chromium-browser (unimportant)
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/77049 http://trac.webkit.org/changeset/77329
CVE-2011-1193
RESERVED
+ - libv8 <unfixed> (bug #617418)
CVE-2011-1192
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/76732
CVE-2011-1191
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/76652
CVE-2011-1190
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/77563
CVE-2011-1189
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/79689
CVE-2011-1188
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/77142
CVE-2011-1187
RESERVED
+ - libv8 <unfixed> (bug #617418)
CVE-2011-1186
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <not-affected> (chromium specific)
CVE-2011-1185
RESERVED
+ - chromium-browser 10.0.648.127~r76697-1
+ [squeeze] - chromium-browser <no-dsa> (minor issue)
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/74853
CVE-2011-1184
RESERVED
CVE-2011-1183
@@ -412,14 +472,17 @@
NOT-FOR-US: FreeBSD/NetBSD libc
CVE-2011-1125 (Google Chrome before 9.0.597.107 does not properly perform layout, ...)
- chromium-browser 9.0.597.107~r75357-1
+ [squeeze] - chromium-browser <not-affected>
- webkit <not-affected> (vulnerable code introduced in commit 75823)
TODO: recheck once webkit 1.3 enters unstable
NOTE: http://trac.webkit.org/changeset/78775
CVE-2011-1124 (Use-after-free vulnerability in Google Chrome before 9.0.597.107 ...)
- chromium-browser 9.0.597.107~r75357-1
+ [squeeze] - chromium-browser <not-affected>
- webkit <not-affected> (Chromium specific)
CVE-2011-1123 (Google Chrome before 9.0.597.107 does not properly restrict access to ...)
- chromium-browser 9.0.597.107~r75357-1
+ [squeeze] - chromium-browser <not-affected>
- webkit <not-affected> (chromium specific)
CVE-2011-1122 (The WebGL implementation in Google Chrome before 9.0.597.107 allows ...)
- chromium-browser 9.0.597.107~r75357-1
@@ -433,24 +496,29 @@
NOTE: http://trac.webkit.org/changeset/77565
CVE-2011-1120 (The WebGL implementation in Google Chrome before 9.0.597.107 allows ...)
- chromium-browser 9.0.597.107~r75357-1
+ [squeeze] - chromium-browser <not-affected>
- webkit <not-affected> (webgl support not present in 1.2)
TODO: recheck webkit 1.3 once its uploaded to unstable
NOTE: http://trac.webkit.org/changeset/77956
CVE-2011-1119 (Google Chrome before 9.0.597.107 does not properly determine device ...)
- chromium-browser 9.0.597.107~r75357-1
+ [squeeze] - chromium-browser <not-affected>
- webkit <not-affected> (device orientation code/support not present in 1.2)
TODO: recheck webkit 1.3 once its uploaded to unstable
NOTE: http://trac.webkit.org/changeset/77418
CVE-2011-1118 (Google Chrome before 9.0.597.107 does not properly handle TEXTAREA ...)
- chromium-browser 9.0.597.107~r75357-1
+ [squeeze] - chromium-browser <not-affected>
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/77144
CVE-2011-1117 (Google Chrome before 9.0.597.107 does not properly handle XHTML ...)
- chromium-browser 9.0.597.107~r75357-1
+ [squeeze] - chromium-browser <not-affected>
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/77262
CVE-2011-1116 (Google Chrome before 9.0.597.107 does not properly handle SVG ...)
- chromium-browser 9.0.597.107~r75357-1
+ [squeeze] - chromium-browser <not-affected>
- webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/77548
CVE-2011-1115 (Google Chrome before 9.0.597.107 does not properly render tables, ...)
@@ -467,14 +535,17 @@
- webkit <not-affected> (chromium specific)
CVE-2011-1112 (Google Chrome before 9.0.597.107 does not properly perform SVG ...)
- chromium-browser 9.0.597.107~r75357-1
+ [squeeze] - chromium-browser <not-affected>
- webkit <not-affected> (Chromium specific)
CVE-2011-1111 (Google Chrome before 9.0.597.107 does not properly implement forms ...)
- chromium-browser 9.0.597.107~r75357-1
+ [squeeze] - chromium-browser <not-affected>
- webkit <unfixed>
NOTE: needs port (s/FormAssociatedElement/HTMLFormElement)
NOTE: http://trac.webkit.org/changeset/77114
CVE-2011-1110 (Google Chrome before 9.0.597.107 does not properly implement key frame ...)
- chromium-browser 9.0.597.107~r75357-1
+ [squeeze] - chromium-browser <not-affected>
- webkit <not-affected> (vulnerable code not present in 1.2)
TODO: check webkit 1.3 once it gets uploaded to unstable
NOTE: http://trac.webkit.org/changeset/76828
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2011-03-10 17:50:26 UTC (rev 16357)
+++ data/DSA/list 2011-03-10 19:22:09 UTC (rev 16358)
@@ -1,5 +1,5 @@
[10 Mar 2011] DSA-2189-1 chromium-browser - several
- {CVE-2011-1108 CVE-2011-1109 CVE-2011-1113 CVE-2011-1114 CVE-2011-1115 CVE-2011-1121 CVE-2011-1122}
+ {CVE-2011-1108 CVE-2011-1109 CVE-2011-1113 CVE-2011-1114 CVE-2011-1115 CVE-2011-1121 CVE-2011-1122 CVE-2011-1188 CVE-2011-1189 CVE-2011-1190 CVE-2011-1197 CVE-2011-1203}
[squeeze] - chromium-browser 6.0.472.63~r59945-5+squeeze3
[10 Mar 2011] DSA-2188-1 webkit - several
{CVE-2010-1783 CVE-2010-2901 CVE-2010-4199 CVE-2010-4040 CVE-2010-4492 CVE-2010-4493 CVE-2010-4577 CVE-2010-4578 CVE-2010-0474 CVE-2011-0482 CVE-2011-0778}
More information about the Secure-testing-commits
mailing list