[Secure-testing-commits] r18443 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Feb 15 20:50:23 UTC 2012 

Author: jmm
Date: 2012-02-15 20:50:23 +0000 (Wed, 15 Feb 2012)
New Revision: 18443

Modified:
   data/CVE/list
Log:
fixup vbox additions entry
NFUs
plenty of chrome issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-02-15 20:38:47 UTC (rev 18442)
+++ data/CVE/list	2012-02-15 20:50:23 UTC (rev 18443)
@@ -1635,7 +1635,7 @@
 CVE-2012-0341
 	RESERVED
 CVE-2012-0340 (Cross-site scripting (XSS) vulnerability in the management interface ...)
-	TODO: check
+	NOT-FOR-US: Advantech Studio
 CVE-2012-0339
 	RESERVED
 CVE-2012-0338
@@ -2895,6 +2895,7 @@
 	RESERVED
 CVE-2012-0105 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
 	- virtualbox-guest-additions-iso (bug #659951)
+	- virtualbox-guest-additions-iso (bug #659951)
 CVE-2012-0104 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 ...)
 	TODO: check
 CVE-2012-0103 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...)
@@ -5235,13 +5236,13 @@
 CVE-2011-4042
 	RESERVED
 CVE-2011-4041 (webvrpcs.exe in Advantech/BroadWin WebAccess allows remote attackers ...)
-	TODO: check
+	NOT-FOR-US: Advantech WebAccess
 CVE-2011-4040 (Buffer overflow in MiniSmtp 3.0.11818 in NJStar Communicator allows ...)
 	NOT-FOR-US: NJStar Communicator
 CVE-2011-4039 (Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in ...)
-	TODO: check
+	NOT-FOR-US: Invensys Wonderware HMI Reports
 CVE-2011-4038 (Cross-site scripting (XSS) vulnerability in Invensys Wonderware HMI ...)
-	TODO: check
+	NOT-FOR-US: Invensys Wonderware HMI Reports
 CVE-2011-4037 (Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog ...)
 	NOT-FOR-US: Sielco Sistemi Winlog PRO
 CVE-2011-4036 (Directory traversal vulnerability in Schneider Electric Vijeo ...)
@@ -5632,45 +5633,64 @@
 	- ffmpeg <removed>
 	- ffmpeg-debian <end-of-life>
 CVE-2011-3972 (The shader translator implementation in Google Chrome before ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3971 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3970 (libxslt, as used in Google Chrome before 17.0.963.46, allows remote ...)
 	TODO: check
 CVE-2011-3969 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3968 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3967 (Unspecified vulnerability in Google Chrome before 17.0.963.46 allows ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3966 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3965 (Google Chrome before 17.0.963.46 does not properly check signatures, ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3964 (Google Chrome before 17.0.963.46 does not properly implement the ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3963 (Google Chrome before 17.0.963.46 does not properly handle PDF FAX ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3962 (Google Chrome before 17.0.963.46 does not properly perform path ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3961 (Race condition in Google Chrome before 17.0.963.46 allows remote ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3960 (Google Chrome before 17.0.963.46 does not properly decode audio data, ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3959 (Buffer overflow in the locale implementation in Google Chrome before ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3958 (Google Chrome before 17.0.963.46 does not properly perform casts of ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3957 (Use-after-free vulnerability in the garbage-collection functionality ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3956 (The extension implementation in Google Chrome before 17.0.963.46 does ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3955 (Google Chrome before 17.0.963.46 allows remote attackers to cause a ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3954 (Google Chrome before 17.0.963.46 allows remote attackers to cause a ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3953 (Google Chrome before 17.0.963.46 does not prevent monitoring of the ...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3952
 	RESERVED
 CVE-2011-3951
@@ -10461,7 +10481,7 @@
 CVE-2011-2301 (Unspecified vulnerability in the Oracle Text component in Oracle ...)
 	NOT-FOR-US: Oracle Database
 CVE-2011-2300 (Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local ...)
-	- virtualbox-guest-additions <removed> (bug #635276)
+	- virtualbox-guest-additions-iso 4.0.10-1 (bug #635276)
 	[squeeze] - virtualbox-guest-additions <no-dsa> (Non-free not supported)
 CVE-2011-2299 (Unspecified vulnerability in Oracle SPARC Enterprise M3000, M4000, ...)
 	NOT-FOR-US: Oracle SPARC Enterprise

More information about the Secure-testing-commits mailing list