[Secure-testing-commits] r21174 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Thu Feb 7 08:23:48 UTC 2013 

Author: jmm
Date: 2013-02-07 08:23:47 +0000 (Thu, 07 Feb 2013)
New Revision: 21174

Modified:
   data/CVE/list
Log:
chromium fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-02-07 06:55:09 UTC (rev 21173)
+++ data/CVE/list	2013-02-07 08:23:47 UTC (rev 21174)
@@ -1716,33 +1716,33 @@
 CVE-2013-0843 (content/renderer/media/webrtc_audio_renderer.cc in Google Chrome ...)
 	- chromium-browser <not-affected> (MacOS-specific)
 CVE-2013-0842 (Google Chrome before 24.0.1312.56 does not properly handle %00 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2013-0841 (Array index error in the content-blocking functionality in Google ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2013-0840 (Google Chrome before 24.0.1312.56 does not validate URLs during the ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2013-0839 (Use-after-free vulnerability in Google Chrome before 24.0.1312.56 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2013-0838 (Google Chrome before 24.0.1312.52 on Linux uses weak permissions for ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2013-0837 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2013-0836 (Google V8 before 3.14.5.3, as used in Google Chrome before ...)
 	- libv8 <unfixed>
 CVE-2013-0835 (Unspecified vulnerability in the Geolocation implementation in Google ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2013-0834 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2013-0833 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2013-0832 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2013-0831 (Directory traversal vulnerability in Google Chrome before 24.0.1312.52 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2013-0830 (The IPC layer in Google Chrome before 24.0.1312.52 on Windows omits a ...)
 	- chromium-browser <not-affected> (Only affects Windows)
 CVE-2013-0829 (Google Chrome before 24.0.1312.52 does not properly maintain database ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2013-0828 (The PDF functionality in Google Chrome before 24.0.1312.52 does not ...)
 	- chromium-browser <not-affected> (PDF functionality not available in Chromium)
 CVE-2012-6498 (Unrestricted file upload vulnerability in index.php in Atomymaxsite ...)
@@ -7022,80 +7022,80 @@
 	- libv8 <unfixed>
 	- chromium-browser <unfixed>
 CVE-2012-5152 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 	TODO: Might affect ffmpeg/libav
 CVE-2012-5151 (Integer overflow in Google Chrome before 24.0.1312.52 allows remote ...)
 	- chromium-browser <not-affected> (PDF functionality not available in Chromium)
 CVE-2012-5150 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 	TODO: Might affect ffmpeg/libav
 CVE-2012-5149 (Integer overflow in the audio IPC layer in Google Chrome before ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5148 (The hyphenation functionality in Google Chrome before 24.0.1312.52 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5147 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5146 (Google Chrome before 24.0.1312.52 allows remote attackers to bypass ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5145 (Use-after-free vulnerability in Google Chrome before 24.0.1312.52 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5144 (Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 	- ffmpeg <removed>
 	- libav 6:0.8.5-1 (bug #694483)
 	NOTE: http://git.libav.org/?p=libav.git;a=commitdiff;h=6d5b0092678b2a95dfe209a207550bd2fe9ef646 is supposed to fix this.
 	NOTE: Upstream has a sample, but can only be reproduced with asan/tsan. However, Chrome seems to be affected by this somehow more directly.
 CVE-2012-5143 (Integer overflow in Google Chrome before 23.0.1271.97 allows remote ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5142 (Google Chrome before 23.0.1271.97 does not properly handle history ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5141 (Google Chrome before 23.0.1271.97 does not properly restrict ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5140 (Use-after-free vulnerability in Google Chrome before 23.0.1271.97 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5139 (Use-after-free vulnerability in Google Chrome before 23.0.1271.97 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5138 (Google Chrome before 23.0.1271.95 does not properly handle file paths, ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5137 (Use-after-free vulnerability in Google Chrome before 23.0.1271.95 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5136 (Google Chrome before 23.0.1271.91 does not properly perform a cast of ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5135 (Use-after-free vulnerability in Google Chrome before 23.0.1271.91 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5134 (Heap-based buffer underflow in the xmlParseAttValueComplex function in ...)
 	{DSA-2580-1}
 	- libxml2 2.8.0+dfsg1-7 (bug #694521)
 CVE-2012-5133 (Use-after-free vulnerability in Google Chrome before 23.0.1271.91 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5132 (Google Chrome before 23.0.1271.91 allows remote attackers to cause a ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5131 (Google Chrome before 23.0.1271.91 on Mac OS X does not properly ...)
 	- chromium-browser <not-affected> (MacOS-specific)
 CVE-2012-5130 (Skia, as used in Google Chrome before 23.0.1271.91, allows remote ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5129 (Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS ...)
 	- mesa 8.0.5-3 (bug #695248)
 	[squeeze] - mesa <not-affected> (Vulnerable code not present)
 CVE-2012-5128 (Google V8 before 3.13.7.5, as used in Google Chrome before ...)
 	- libv8 <not-affected> (Doesn't affect 3.8.9, see bug #694808)
 CVE-2012-5127 (Integer overflow in Google Chrome before 23.0.1271.64 allows remote ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 	- libwebp 0.2.1-1
 	NOTE: https://bugs.gentoo.org/show_bug.cgi?id=442152
 	NOTE: Upstream announce: https://groups.google.com/a/webmproject.org/forum/?fromgroups=#!topic/webp-discuss/QTtgi8YfgkE
 CVE-2012-5126 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5125 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5124 (Google Chrome before 23.0.1271.64 does not properly handle textures, ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5123 (Skia, as used in Google Chrome before 23.0.1271.64, allows remote ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5122 (Google Chrome before 23.0.1271.64 does not properly perform a cast of ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5121 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5120 (Google V8 before 3.13.7.5, as used in Google Chrome before ...)
 	- libv8 <not-affected> (Doesn't affect 3.8.9, see bug #694808)
 CVE-2012-5119 (Race condition in Pepper, as used in Google Chrome before ...)
@@ -7105,7 +7105,7 @@
 CVE-2012-5117 (Google Chrome before 23.0.1271.64 does not properly restrict the ...)
 	- chromium-browser <unfixed>
 CVE-2012-5116 (Use-after-free vulnerability in Google Chrome before 23.0.1271.64 ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 24.0.1312.68-1
 CVE-2012-5115 (Google Chrome before 23.0.1271.64 on Mac OS X does not properly ...)
 	- chromium-browser <not-affected> (MacOS-specific)
 CVE-2012-5114

More information about the Secure-testing-commits mailing list