[Secure-testing-commits] r18824 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Apr 4 16:13:51 UTC 2012 

Author: jmm
Date: 2012-04-04 16:13:51 +0000 (Wed, 04 Apr 2012)
New Revision: 18824

Modified:
   data/CVE/list
Log:
chromium fixed
drupal non-issue
NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-04-04 14:10:29 UTC (rev 18823)
+++ data/CVE/list	2012-04-04 16:13:51 UTC (rev 18824)
@@ -251,21 +251,21 @@
 CVE-2007-6753 (Untrusted search path vulnerability in Shell32.dll in Microsoft ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2012-1931 (Opera before 11.62 on UNIX, when used in conjunction with an ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2012-1930 (Opera before 11.62 on UNIX uses world-readable permissions for ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2012-1929 (Opera before 11.62 on Mac OS X allows remote attackers to spoof the ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2012-1928 (Opera before 11.62 allows remote attackers to spoof the address field ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2012-1927 (Opera before 11.62 allows remote attackers to spoof the address field ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2012-1926 (Opera before 11.62 allows remote attackers to bypass the Same Origin ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2012-1925 (Opera before 11.62 does not ensure that a dialog window is placed on ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2012-1924 (Opera before 11.62 allows user-assisted remote attackers to trick ...)
-	TODO: check
+	NOT-FOR-US: Opera
 CVE-2012-1923
 	RESERVED
 CVE-2012-1922
@@ -273,17 +273,17 @@
 CVE-2012-1921
 	RESERVED
 CVE-2012-1920 (@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows ...)
-	TODO: check
+	NOT-FOR-US: AtMail
 CVE-2012-1919 (CRLF injection vulnerability in mime.php in @Mail WebMail Client in ...)
-	TODO: check
+	NOT-FOR-US: AtMail
 CVE-2012-1918 (Multiple directory traversal vulnerabilities in (1) compose.php and ...)
-	TODO: check
+	NOT-FOR-US: AtMail
 CVE-2012-1917 (compose.php in @Mail WebMail Client in AtMail Open-Source before 1.05 ...)
-	TODO: check
+	NOT-FOR-US: AtMail
 CVE-2012-1916 (@Mail WebMail Client in AtMail Open-Source before 1.05 allows remote ...)
-	TODO: check
+	NOT-FOR-US: AtMail
 CVE-2007-6752 (** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in ...)
-	TODO: check
+	- drupal7 <unfixed> (unimportant)
 CVE-2012-1915
 	RESERVED
 CVE-2012-1914
@@ -301,7 +301,7 @@
 CVE-2012-1908
 	RESERVED
 CVE-2012-1907 (The scanner engine in PrivaWall Antivirus 5.6 and earlier does not ...)
-	TODO: check
+	NOT-FOR-US: PrivaWall Antivirus
 CVE-2012-1906
 	RESERVED
 CVE-2012-1905
@@ -792,7 +792,7 @@
 CVE-2012-1671
 	RESERVED
 CVE-2012-1670 (admin/index.php in PHP Grade Book before 1.9.5 BETA allows remote ...)
-	TODO: check
+	NOT-FOR-US: PHP Grade Book
 CVE-2012-1669
 	RESERVED
 CVE-2012-1668
@@ -1142,7 +1142,7 @@
 CVE-2012-1516
 	RESERVED
 CVE-2012-1515 (VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not ...)
-	TODO: check
+	NOT-FOR-US: VMware ESXi
 CVE-2012-1514 (Cross-site request forgery (CSRF) vulnerability in VMware vShield ...)
 	NOT-FOR-US: VMware vShield Manager
 CVE-2012-1513 (The Web Configuration tool in VMware vCenter Orchestrator (vCO) 4.0 ...)
@@ -1264,9 +1264,9 @@
 CVE-2012-1458 (The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus ...)
 	TODO: check
 CVE-2012-1457 (The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK ...)
-	TODO: check
+	NOT-FOR-US: multiple Anti-Virus applications
 CVE-2012-1456 (The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat ...)
-	TODO: check
+	NOT-FOR-US: multiple Anti-Virus applications
 CVE-2012-1455 (The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus ...)
 	NOT-FOR-US: NOD32 Antivirus, Rising Antivirus
 CVE-2012-1454 (The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee ...)
@@ -10688,21 +10688,21 @@
 CVE-2011-3066
 	RESERVED
 CVE-2011-3065 (Skia, as used in Google Chrome before 18.0.1025.142, allows remote ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 18.0.1025.142~r129054-1
 CVE-2011-3064 (Use-after-free vulnerability in Google Chrome before 18.0.1025.142 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 18.0.1025.142~r129054-1
 CVE-2011-3063 (Google Chrome before 18.0.1025.142 does not properly validate the ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 18.0.1025.142~r129054-1
 CVE-2011-3062 (Off-by-one error in the OpenType Sanitizer in Google Chrome before ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 18.0.1025.142~r129054-1
 CVE-2011-3061 (Google Chrome before 18.0.1025.142 does not properly check X.509 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 18.0.1025.142~r129054-1
 CVE-2011-3060 (Google Chrome before 18.0.1025.142 does not properly handle text ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 18.0.1025.142~r129054-1
 CVE-2011-3059 (Google Chrome before 18.0.1025.142 does not properly handle SVG text ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 18.0.1025.142~r129054-1
 CVE-2011-3058 (Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 18.0.1025.142~r129054-1
 CVE-2011-3057 (Google V8, as used in Google Chrome before 17.0.963.83, allows remote ...)
 	- libv8 <unfixed>
 CVE-2011-3056 (Google Chrome before 17.0.963.83 allows remote attackers to bypass the ...)

More information about the Secure-testing-commits mailing list