[Secure-testing-commits] r17226 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Tue Sep 13 08:44:06 UTC 2011 

Author: jmm
Date: 2011-09-13 08:44:06 +0000 (Tue, 13 Sep 2011)
New Revision: 17226

Modified:
   data/CVE/list
Log:
new wireshark issues
new chrome issues



Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-09-13 02:33:20 UTC (rev 17225)
+++ data/CVE/list	2011-09-13 08:44:06 UTC (rev 17226)
@@ -1,9 +1,29 @@
+CVE-2011-XXXX [Wireshark CSN.1 dissector vulnerability]
+	- wireshark <unfixed>
+	[squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
+	[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
+	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-16.html
+CVE-2011-XXXX [Wireshark Lua script execution vulnerability]
+	- wireshark <unfixed> (low)
+	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-15.html
+CVE-2011-XXXX [Wireshark buffer exception handling vulnerability]
+	- wireshark <unfixed>
+	[squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
+	[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
+	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-14.html
+CVE-2011-XXXX [Wireshark OpenSafety dissector vulnerability]
+	- wireshark <unfixed>
+	[squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
+	[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
+	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-12.html
 CVE-2011-3422 (The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does ...)
 	TODO: check
 CVE-2011-3421 (Multiple unspecified vulnerabilities in Google Chrome before ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3420 (Multiple unspecified vulnerabilities in Google Chrome before ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3419
 	RESERVED
 CVE-2011-3418
@@ -366,7 +386,7 @@
 CVE-2011-3267 (PHP before 5.3.7 does not properly implement the error_log function, ...)
 	- php5 <undetermined>
 CVE-2011-3266 (The proto_tree_add_item function in Wireshark 1.6.1, when the IKEv1 ...)
-	- wireshark 1.6.1-1 (unimportant)
+	- wireshark 1.6.2-1 (unimportant)
 	NOTE: no code injection, not treated as a security issue, see README.Debian.security
 CVE-2010-4830 (SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in Techno ...)
 	NOT-FOR-US: Techno Dreams (T-Dreams) Job Career Package

More information about the Secure-testing-commits mailing list