[Secure-testing-commits] r20884 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Jan 11 07:42:43 UTC 2013 

Author: jmm
Date: 2013-01-11 07:42:42 +0000 (Fri, 11 Jan 2013)
New Revision: 20884

Modified:
   data/CVE/list
Log:
new chromium issues
Linux /dev/ptmx issue minor info leak


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-01-11 00:53:25 UTC (rev 20883)
+++ data/CVE/list	2013-01-11 07:42:42 UTC (rev 20884)
@@ -218,26 +218,37 @@
 	RESERVED
 CVE-2013-0838
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2013-0837
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2013-0836
 	RESERVED
+	- libv8 <unfixed>
 CVE-2013-0835
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2013-0834
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2013-0833
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2013-0832
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2013-0831
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2013-0830
 	RESERVED
+	- chromium-browser <not-affected> (Only affects Windows)
 CVE-2013-0829
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2013-0828
 	RESERVED
+	- chromium-browser <not-affected> (PDF functionality not available in Chromium)
 CVE-2012-6498 (Unrestricted file upload vulnerability in index.php in Atomymaxsite ...)
 	TODO: check
 CVE-2013-0827
@@ -2029,8 +2040,9 @@
 	NOT-FOR-US: Havalite CMS
 CVE-2013-0160 [/dev/ptmx to measure inter-keystroke timing]
 	RESERVED
-	- linux <unfixed>
-	- linux-2.6 <removed>
+	- linux <unfixed> (unimportant)
+	- linux-2.6 <removed> (unimportant)
+	NOTE: Minor information leak, rather a missing hardening feature than a security vulnerability.
 CVE-2013-0159
 	RESERVED
 	NOT-FOR-US: Fedora build script
@@ -5266,30 +5278,46 @@
 	RESERVED
 CVE-2012-5157
 	RESERVED
+	- chromium-browser <not-affected> (PDF functionality not available in Chromium)
 CVE-2012-5156
 	RESERVED
+	- chromium-browser <not-affected> (PDF functionality not available in Chromium)
 CVE-2012-5155
 	RESERVED
+	- chromium-browser <not-affected> (Only affects MacOS X)
 CVE-2012-5154
 	RESERVED
+	- chromium-browser <not-affected> (Only affects Windows)
 CVE-2012-5153
 	RESERVED
+	- libv8 <unfixed>
+	- chromium-browser <unfixed>
 CVE-2012-5152
 	RESERVED
+	- chromium-browser <unfixed>
+	TODO: Might affect ffmpeg/libav
 CVE-2012-5151
 	RESERVED
+	- chromium-browser <not-affected> (PDF functionality not available in Chromium)
 CVE-2012-5150
 	RESERVED
+	- chromium-browser <unfixed>
+	TODO: Might affect ffmpeg/libav
 CVE-2012-5149
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2012-5148
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2012-5147
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2012-5146
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2012-5145
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2012-5144 (Google Chrome before 23.0.1271.97 does not properly perform AAC ...)
 	- chromium-browser <unfixed>
 	- ffmpeg <removed>

More information about the Secure-testing-commits mailing list