[Secure-testing-commits] r23440 - data/CVE
Michael Gilbert
mgilbert at alioth.debian.org
Tue Aug 27 03:23:07 UTC 2013
Author: mgilbert
Date: 2013-08-27 03:23:06 +0000 (Tue, 27 Aug 2013)
New Revision: 23440
Modified:
data/CVE/list
Log:
some chromium research
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-08-27 00:20:45 UTC (rev 23439)
+++ data/CVE/list 2013-08-27 03:23:06 UTC (rev 23440)
@@ -48395,11 +48395,13 @@
CVE-2010-3813 (The WebCore::HTMLLinkElement::process function in ...)
- webkit 1.2.6-1
[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
- - chromium-browser <undetermined>
+ - chromium-browser 29.0.1547.57-1
+ NOTE: fixed much earlier in chromium, but this was the version checked
CVE-2010-3812 (Integer overflow in the Text::wholeText method in dom/Text.cpp in ...)
- webkit 1.2.6-1
[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
- - chromium-browser <undetermined>
+ - chromium-browser 29.0.1547.57-1
+ NOTE: fixed much earlier in chromium, but this was the version checked
NOTE: http://www.zerodayinitiative.com/advisories/ZDI-10-257
CVE-2010-3811 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on ...)
NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
More information about the Secure-testing-commits
mailing list