[Secure-testing-commits] r17472 - data/CVE
Giuseppe Iuculano
iuculano at alioth.debian.org
Fri Oct 21 11:35:10 UTC 2011
Author: iuculano
Date: 2011-10-21 11:35:10 +0000 (Fri, 21 Oct 2011)
New Revision: 17472
Modified:
data/CVE/list
Log:
chromium/webkit issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-10-21 08:40:46 UTC (rev 17471)
+++ data/CVE/list 2011-10-21 11:35:10 UTC (rev 17472)
@@ -822,7 +822,8 @@
RESERVED
CVE-2011-3873 (Google Chrome before 14.0.835.202 does not properly implement shader ...)
- chromium-browser 14.0.835.202~r103287-1
- - libv8 <undetermined>
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <not-affected> (chromium specific)
CVE-2011-XXXX [Fix file indirectory injection]
- puppet 2.7.3-3 (unimportant)
[squeeze] - puppet 2.6.2-5+squeeze1
@@ -1935,10 +1936,10 @@
CVE-2011-3422 (The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does ...)
NOT-FOR-US: Apple Mac OS X
CVE-2011-3421 (Multiple unspecified vulnerabilities in Google Chrome before ...)
- - chromium-browser 14.0.835.163~r101024-1
+ - chromium-browser 14.0.835.163~r101024-1 (unimportant)
NOTE: duplicate
CVE-2011-3420 (Multiple unspecified vulnerabilities in Google Chrome before ...)
- - chromium-browser 14.0.835.163~r101024-1
+ - chromium-browser 14.0.835.163~r101024-1 (unimportant)
NOTE: duplicate
CVE-2011-3419
RESERVED
@@ -3442,23 +3443,32 @@
CVE-2011-2882 (Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control ...)
NOT-FOR-US: Citrix Access Gateway
CVE-2011-2881 (Google Chrome before 14.0.835.202 does not properly handle Google V8 ...)
- - chromium-browser 14.0.835.202~r103287-1
+ - chromium-browser <not-affected> (chromium uses libv8 system copy)
- libv8 <undetermined>
CVE-2011-2880 (Use-after-free vulnerability in Google Chrome before 14.0.835.202 ...)
- chromium-browser 14.0.835.202~r103287-1
- - libv8 <undetermined>
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/95667 http://trac.webkit.org/changeset/95689 http://trac.webkit.org/changeset/95728
CVE-2011-2879 (Google Chrome before 14.0.835.202 does not properly consider object ...)
- chromium-browser 14.0.835.202~r103287-1
- - libv8 <undetermined>
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/94984
CVE-2011-2878 (Google Chrome before 14.0.835.202 does not properly restrict access to ...)
- chromium-browser 14.0.835.202~r103287-1
- - libv8 <undetermined>
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/95488
CVE-2011-2877 (Google Chrome before 14.0.835.202 does not properly handle SVG text, ...)
- chromium-browser 14.0.835.202~r103287-1
- - libv8 <undetermined>
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/94508
CVE-2011-2876 (Use-after-free vulnerability in Google Chrome before 14.0.835.202 ...)
- chromium-browser 14.0.835.202~r103287-1
- - libv8 <undetermined>
+ - webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/95600
CVE-2011-2875 (Google V8, as used in Google Chrome before 14.0.835.163, does not ...)
- chromium-browser 14.0.835.163~r101024-1
[squeeze] - chromium-browser <not-affected>
More information about the Secure-testing-commits
mailing list