[Secure-testing-commits] r20279 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Tue Oct 2 13:53:12 UTC 2012
Author: jmm
Date: 2012-10-02 13:53:12 +0000 (Tue, 02 Oct 2012)
New Revision: 20279
Modified:
data/CVE/list
Log:
mediawiki fixed
filed bug for eglibc
libv8 updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-10-02 12:57:47 UTC (rev 20278)
+++ data/CVE/list 2012-10-02 13:53:12 UTC (rev 20279)
@@ -709,8 +709,7 @@
CVE-2012-4886
RESERVED
CVE-2012-4885 (The wikitext parser in MediaWiki 1.17.x before 1.17.3 and 1.18.x ...)
- - mediawiki <unfixed>
- TODO: check
+ - mediawiki 1:1.19.0-1 (low)
CVE-2012-4884
RESERVED
CVE-2011-5161 (Unrestricted file upload vulnerability in the patient photograph ...)
@@ -2096,7 +2095,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2012/09/13/18
CVE-2012-4424 [alloca buffer overflow via strcoll]
RESERVED
- - eglibc <unfixed>
+ - eglibc <unfixed> (low; bug #689423)
CVE-2012-4423 [libvirt DoS]
RESERVED
- libvirt 0.9.12-5 (bug #687598)
@@ -4166,7 +4165,6 @@
CVE-2012-3524 (libdbus 1.5.x and earlier, when used in setuid or other privileged ...)
- dbus 1.6.8-1
- glib2.0 <unfixed>
- TODO: Needs more checking, probably this should be fixed in the affected apps like spice?
NOTE: http://www.openwall.com/lists/oss-security/2012/09/12/6
NOTE: https://bugzilla.novell.com/show_bug.cgi?id=697105
NOTE: http://stealth.openwall.net/null/dzug.c
@@ -18705,7 +18703,7 @@
CVE-2011-3116
RESERVED
CVE-2011-3115 (Google V8, as used in Google Chrome before 19.0.1084.52, allows remote ...)
- - libv8 <unfixed> (bug #687574)
+ - libv8 <not-affected> (Only affects >= 3.9, bug #687574)
CVE-2011-3114 (Multiple buffer overflows in the PDF functionality in Google Chrome ...)
- chromium-browser <not-affected> (PDF functionality not built)
CVE-2011-3113 (The PDF functionality in Google Chrome before 19.0.1084.52 does not ...)
@@ -18729,7 +18727,7 @@
CVE-2011-3104 (Skia, as used in Google Chrome before 19.0.1084.52, allows remote ...)
- chromium-browser 20.0.1132.21~r139451-1
CVE-2011-3103 (Google V8, as used in Google Chrome before 19.0.1084.52, does not ...)
- - libv8 <unfixed> (bug #687574)
+ - libv8 <not-affected> (Only affects >= 3.9, bug #687574)
CVE-2011-3102 (Off-by-one error in libxml2, as used in Google Chrome before ...)
{DSA-2479-1}
- libxml2 2.7.8.dfsg-9.1 (bug #674191)
@@ -18754,7 +18752,7 @@
CVE-2011-3093 (Google Chrome before 19.0.1084.46 does not properly handle glyphs, ...)
- chromium-browser 20.0.1132.21~r139451-1
CVE-2011-3092 (The regex implementation in Google V8, as used in Google Chrome before ...)
- - libv8 <unfixed> (bug #687574)
+ - libv8 <not-affected> (Only affects >= 3.9, bug #687574)
CVE-2011-3091 (Use-after-free vulnerability in the IndexedDB implementation in Google ...)
- chromium-browser 20.0.1132.21~r139451-1
CVE-2011-3089 (Use-after-free vulnerability in Google Chrome before 19.0.1084.46 ...)
@@ -18828,7 +18826,7 @@
CVE-2011-3058 (Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP ...)
- chromium-browser 18.0.1025.142~r129054-1
CVE-2011-3057 (Google V8, as used in Google Chrome before 17.0.963.83, allows remote ...)
- - libv8 <unfixed> (bug #687574)
+ - libv8 3.8.9.20-1 (bug #687574)
NOTE: http://code.google.com/p/chromium/issues/detail?id=117794
NOTE: access restricted to chrome/libv8 bug log, so uncheckable
CVE-2011-3056 (Google Chrome before 17.0.963.83 allows remote attackers to bypass the ...)
@@ -19426,7 +19424,7 @@
NOT-FOR-US: Citrix Access Gateway
CVE-2011-2881 (Google Chrome before 14.0.835.202 does not properly handle Google V8 ...)
- chromium-browser <not-affected> (chromium uses libv8 system copy)
- - libv8 <unfixed> (bug #687574)
+ - libv8 3.8.9.20-1 (bug #687574)
NOTE: http://code.google.com/p/chromium/issues/detail?id=97784
NOTE: access restricted to chrome/libv8 bug log, so uncheckable
CVE-2011-2880 (Use-after-free vulnerability in Google Chrome before 14.0.835.202 ...)
@@ -19457,7 +19455,7 @@
- chromium-browser 14.0.835.163~r101024-1
[squeeze] - chromium-browser <not-affected>
- webkit <not-affected> (libv8 issue)
- - libv8 <unfixed> (bug #687574)
+ - libv8 3.8.9.20-1 (bug #687574)
NOTE: http://code.google.com/p/chromium/issues/detail?id=95920
NOTE: access restricted to chrome/libv8 bug log, so uncheckable
CVE-2011-2874 (Google Chrome before 14.0.835.163 does not perform an expected pin ...)
More information about the Secure-testing-commits
mailing list