[Secure-testing-commits] r19027 - data/CVE
Michael Gilbert
mgilbert at alioth.debian.org
Fri Apr 20 21:40:20 UTC 2012
Author: mgilbert
Date: 2012-04-20 21:40:20 +0000 (Fri, 20 Apr 2012)
New Revision: 19027
Modified:
data/CVE/list
Log:
research some libv8 issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-04-20 21:40:00 UTC (rev 19026)
+++ data/CVE/list 2012-04-20 21:40:20 UTC (rev 19027)
@@ -11686,7 +11686,9 @@
CVE-2011-3058 (Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP ...)
- chromium-browser 18.0.1025.142~r129054-1
CVE-2011-3057 (Google V8, as used in Google Chrome before 17.0.963.83, allows remote ...)
- - libv8 <unfixed>
+ - libv8 <undetermined>
+ NOTE: http://code.google.com/p/chromium/issues/detail?id=117794
+ NOTE: access restricted to chrome/libv8 bug log, so uncheckable
CVE-2011-3056 (Google Chrome before 17.0.963.83 allows remote attackers to bypass the ...)
- chromium-browser 17.0.963.83~r127885-1
CVE-2011-3055 (The browser native UI in Google Chrome before 17.0.963.83 does not ...)
@@ -12296,7 +12298,9 @@
NOT-FOR-US: Citrix Access Gateway
CVE-2011-2881 (Google Chrome before 14.0.835.202 does not properly handle Google V8 ...)
- chromium-browser <not-affected> (chromium uses libv8 system copy)
- - libv8 <unfixed>
+ - libv8 <undetermined>
+ NOTE: http://code.google.com/p/chromium/issues/detail?id=97784
+ NOTE: access restricted to chrome/libv8 bug log, so uncheckable
CVE-2011-2880 (Use-after-free vulnerability in Google Chrome before 14.0.835.202 ...)
- chromium-browser 14.0.835.202~r103287-1
[squeeze] - chromium-browser <not-affected>
@@ -12326,7 +12330,8 @@
[squeeze] - chromium-browser <not-affected>
- webkit <not-affected> (libv8 issue)
- libv8 <undetermined>
- TODO: file bug
+ NOTE: http://code.google.com/p/chromium/issues/detail?id=95920
+ NOTE: access restricted to chrome/libv8 bug log, so uncheckable
CVE-2011-2874 (Google Chrome before 14.0.835.163 does not perform an expected pin ...)
- chromium-browser 14.0.835.163~r101024-1
[squeeze] - chromium-browser <not-affected>
@@ -13943,7 +13948,7 @@
- webkit <undetermined>
NOTE: http://trac.webkit.org/changeset/88456
CVE-2011-2348 (Google V8, as used in Google Chrome before 12.0.742.112, performs an ...)
- - libv8 <unfixed>
+ - libv8 3.4.14-1
NOTE: Fixed in V8 bleeding edge r8230, 3.2.10.17 and 3.3.10.9.
CVE-2011-2347 (Google Chrome before 12.0.742.112 does not properly handle Cascading ...)
- chromium-browser 12.0.742.112~r90304-1
@@ -14375,7 +14380,8 @@
NOT-FOR-US: Microsoft
CVE-2011-2332 (Google V8, as used in Google Chrome before 12.0.742.91, allows remote ...)
- chromium-browser 12.0.742.91~r87961-1
- - libv8 <undetermined>
+ - libv8 3.4.14-1
+ NOTE: execScript removed in libv8 3.2 branch
CVE-2011-2194 (Integer overflow in the XSPF playlist parser in VideoLAN VLC media ...)
{DSA-2257-1}
- vlc 1.1.10-1
More information about the Secure-testing-commits
mailing list