[Secure-testing-commits] r17443 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Oct 17 16:10:17 UTC 2011
Author: jmm
Date: 2011-10-17 16:10:17 +0000 (Mon, 17 Oct 2011)
New Revision: 17443
Modified:
data/CVE/list
Log:
new webkit/chromium issues
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-10-17 11:49:58 UTC (rev 17442)
+++ data/CVE/list 2011-10-17 16:10:17 UTC (rev 17443)
@@ -2173,9 +2173,10 @@
- chromium-browser <undetermined>
- webkit <undetermined>
CVE-2011-3243 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-3242 (The Private Browsing feature in Apple Safari before 5.1.1 on Mac OS X ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2011-3241 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- chromium-browser <undetermined>
- webkit <undetermined>
@@ -2212,11 +2213,11 @@
- iceape <not-affected> (Only affects Firefox >= 4)
- icedove <not-affected> (Only affects Thunderbird 5)
CVE-2011-3231 (The SSL implementation in Apple Safari before 5.1.1 on Mac OS X before ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2011-3230 (Apple Safari before 5.1.1 on Mac OS X does not enforce an intended ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2011-3229 (Directory traversal vulnerability in Apple Safari before 5.1.1 allows ...)
- TODO: check
+ NOT-FOR-US: Apple Safari
CVE-2011-3228 (QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to ...)
NOT-FOR-US: QuickTime in Apple Mac OS X
CVE-2011-3227 (libsecurity in Apple Mac OS X before 10.7.2 does not properly handle ...)
@@ -2240,7 +2241,7 @@
CVE-2011-3218 (The "Save for Web" selection in QuickTime Player in Apple Mac OS X ...)
NOT-FOR-US: QuickTime in Apple Mac OS X
CVE-2011-3217 (MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Mac OS X
CVE-2011-3216 (The kernel in Apple Mac OS X before 10.7.2 does not properly implement ...)
NOT-FOR-US: kernel in Apple Mac OS X
CVE-2011-3215 (The kernel in Apple Mac OS X before 10.7.2 does not properly prevent ...)
@@ -2737,7 +2738,7 @@
CVE-2011-3011 (BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle ...)
NOT-FOR-US: CA ARCserve D2D
CVE-2011-3010 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki before ...)
- TODO: check
+ NOT-FOR-US: Twiki
CVE-2011-3009 (Ruby before 1.8.6-p114 does not reset the random seed upon forking, ...)
TODO: check
CVE-2011-3008 (The default configuration of Avaya Secure Access Link (SAL) Gateway ...)
@@ -3355,7 +3356,8 @@
CVE-2011-2832
RESERVED
CVE-2011-2831 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-2830
RESERVED
CVE-2011-2829 (Integer overflow in Google Chrome before 13.0.782.215 on 32-bit ...)
@@ -3411,23 +3413,30 @@
- webkit <undetermined>
NOTE: http://trac.webkit.org/changeset/91386
CVE-2011-2817 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-2816 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-2815 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-2814 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-2813 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-2812
RESERVED
CVE-2011-2811 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-2810
REJECTED
CVE-2011-2809 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-2808
RESERVED
CVE-2011-2807
@@ -3724,7 +3733,6 @@
NOTE: Since 3.3.0 openoffice.org is a transitional source package to migrate to libreoffice
CVE-2011-2712 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...)
NOT-FOR-US: Apache Wicket
- TODO: check
CVE-2011-2711 (Cross-site scripting (XSS) vulnerability in the print_fileinfo ...)
NOT-FOR-US: cgit
CVE-2011-2710 (Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before ...)
@@ -4689,17 +4697,20 @@
[squeeze] - chromium-browser <unfixed> (unimportant)
- webkit <not-affected> (chromium specific)
CVE-2011-2357 (Cross-application scripting vulnerability in the Browser URL loading ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2011-2356 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-2355
RESERVED
CVE-2011-2354 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-2353
RESERVED
CVE-2011-2352 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-2351 (Use-after-free vulnerability in Google Chrome before 12.0.742.112 ...)
- chromium-browser 12.0.742.112~r90304-1
[squeeze] - chromium-browser <not-affected>
@@ -4737,13 +4748,16 @@
CVE-2011-2343
RESERVED
CVE-2011-2341 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-2340
RESERVED
CVE-2011-2339 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-2338 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...)
- TODO: check
+ - chromium-browser <undetermined>
+ - webkit <undetermined>
CVE-2011-2337
RESERVED
CVE-2011-2336
@@ -5852,7 +5866,7 @@
CVE-2011-1912
RESERVED
CVE-2011-1911 (JasperServer in JasperReports Server Community Project 3.7.0 and 3.7.1 ...)
- TODO: check
+ NOT-FOR-US: JasperReports Server
CVE-2011-1910 (Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x ...)
{DSA-2244-1}
- bind9 <unfixed> (high)
More information about the Secure-testing-commits
mailing list