[Secure-testing-commits] r22631 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Sun Jun 16 17:52:52 UTC 2013
Author: jmm
Date: 2013-06-16 17:52:52 +0000 (Sun, 16 Jun 2013)
New Revision: 22631
Modified:
data/CVE/list
Log:
remaining end-of-life for chromium
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-06-16 17:49:51 UTC (rev 22630)
+++ data/CVE/list 2013-06-16 17:52:52 UTC (rev 22631)
@@ -20912,6 +20912,7 @@
NOT-FOR-US: Joomla JCE
CVE-2012-2900 (Skia, as used in Google Chrome before 22.0.1229.92, does not properly ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2899
RESERVED
CVE-2012-2898
@@ -20924,32 +20925,44 @@
- chromium-browser <not-affected> (PDF viewer not included in Chromium)
CVE-2012-2894 (Google Chrome before 22.0.1229.79 does not properly handle ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2893 (Double free vulnerability in libxslt, as used in Google Chrome before ...)
{DSA-2555-1}
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
- libxslt 1.1.26-14 (bug #689422)
CVE-2012-2892 (Unspecified vulnerability in Google Chrome before 22.0.1229.79 allows ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2891 (The IPC implementation in Google Chrome before 22.0.1229.79 allows ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2890 (Use-after-free vulnerability in the PDF functionality in Google Chrome ...)
- chromium-browser <not-affected> (PDF viewer not included in Chromium)
CVE-2012-2889 (Cross-site scripting (XSS) vulnerability in Google Chrome before ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2888 (Use-after-free vulnerability in Google Chrome before 22.0.1229.79 ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2887 (Use-after-free vulnerability in Google Chrome before 22.0.1229.79 ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2886 (Cross-site scripting (XSS) vulnerability in Google Chrome before ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2885 (Double free vulnerability in Google Chrome before 22.0.1229.79 allows ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2884 (Skia, as used in Google Chrome before 22.0.1229.79, allows remote ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2883 (Skia, as used in Google Chrome before 22.0.1229.79, allows remote ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2882 (FFmpeg, as used in Google Chrome before 22.0.1229.79, does not ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
- libav 6:0.8.5-1 (bug #694483)
- ffmpeg <removed>
[squeeze] - ffmpeg <not-affected> (vulnerable code not present)
@@ -20958,42 +20971,58 @@
NOTE: fixed with http://git.libav.org/?p=libav.git;a=commitdiff;h=7751e4693dd10ec98c20fbd9887233b575034272
CVE-2012-2881 (Google Chrome before 22.0.1229.79 does not properly handle plug-ins, ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2880 (Race condition in Google Chrome before 22.0.1229.79 allows remote ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2879 (Google Chrome before 22.0.1229.79 allows remote attackers to cause a ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2878 (Use-after-free vulnerability in Google Chrome before 22.0.1229.79 ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2877 (The extension system in Google Chrome before 22.0.1229.79 does not ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2876 (Buffer overflow in the SSE2 optimization functionality in Google ...)
- chromium-browser 22.0.1229.94~r161065-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2875 (Multiple unspecified vulnerabilities in the PDF functionality in ...)
- chromium-browser <not-affected> (PDF viewer not included in Chromium)
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2874 (Skia, as used in Google Chrome before 22.0.1229.79, allows remote ...)
+ [squeeze] - chromium-browser <end-of-life>
- chromium-browser 22.0.1229.94~r161065-1
CVE-2012-2873
RESERVED
CVE-2012-2872 (Cross-site scripting (XSS) vulnerability in an SSL interstitial page ...)
- chromium-browser 21.0.1180.89~r154005-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2871 (libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before ...)
{DSA-2555-1}
- chromium-browser 21.0.1180.89~r154005-1
+ [squeeze] - chromium-browser <end-of-life>
- libxslt 1.1.26-14 (bug #689422)
CVE-2012-2870 (libxslt 1.1.26 and earlier, as used in Google Chrome before ...)
{DSA-2555-1}
- chromium-browser 21.0.1180.89~r154005-1
+ [squeeze] - chromium-browser <end-of-life>
- libxslt 1.1.26-14 (bug #689422)
CVE-2012-2869 (Google Chrome before 21.0.1180.89 does not properly load URLs, which ...)
- chromium-browser 21.0.1180.89~r154005-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2868 (Race condition in Google Chrome before 21.0.1180.89 allows remote ...)
- chromium-browser 21.0.1180.89~r154005-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2867 (The SPDY implementation in Google Chrome before 21.0.1180.89 allows ...)
- chromium-browser 21.0.1180.89~r154005-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2866 (Google Chrome before 21.0.1180.89 does not properly perform a cast of ...)
- chromium-browser 21.0.1180.89~r154005-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2865 (Google Chrome before 21.0.1180.89 does not properly perform line ...)
- chromium-browser 21.0.1180.89~r154005-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2012-2864 (Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, ...)
- mesa 8.0.4-2 (bug #685667)
[squeeze] - mesa <not-affected> (Vulnerable code not present)
@@ -31780,6 +31809,7 @@
CVE-2011-3895 (Heap-based buffer overflow in the Vorbis decoder in Google Chrome ...)
{DSA-2471-1}
- chromium-browser 15.0.874.121~r109964-1
+ [squeeze] - chromium-browser <end-of-life>
- webkit <not-affected> (Chrome issue)
- ffmpeg <removed>
- libav 4:0.8~beta2-1 (bug #654534; bug #654573)
@@ -31867,6 +31897,7 @@
[squeeze] - chromium-browser <not-affected>
CVE-2011-3876 (Google Chrome before 15.0.874.102 does not properly handle downloading ...)
- chromium-browser 15.0.874.106~r107270-1
+ [squeeze] - chromium-browser <end-of-life>
CVE-2011-3875 (Google Chrome before 15.0.874.102 does not properly handle drag and ...)
- chromium-browser 15.0.874.106~r107270-1 (unimportant)
- webkit <not-affected> (Chrome issue)
@@ -33249,6 +33280,7 @@
- iceweasel <not-affected>
NOTE: http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/
- chromium-browser 15.0.874.106~r107270-1
+ [squeeze] - chromium-browser <end-of-life>
- lighttpd 1.4.30-1
NOTE: strictly speaking this is no lighttpd issue, but lighttpd adds a workaround
- curl 7.24.0-1
@@ -34185,6 +34217,7 @@
[squeeze] - chromium-browser <end-of-life>
CVE-2011-3062 (Off-by-one error in the OpenType Sanitizer in Google Chrome before ...)
- chromium-browser 18.0.1025.142~r129054-1
+ [squeeze] - chromium-browser <end-of-life>
- icedove 10.0.4-1
[squeeze] - icedove <not-affected> (Vulnerable code not present)
- iceweasel 10.0.4esr-1
@@ -43317,6 +43350,7 @@
NOTE: CVE ID requested
CVE-2010-XXXX [webkit info leak]
- chromium-browser 26.0.1410.43-1 (low)
+ [squeeze] - chromium-browser <end-of-life>
NOTE: this was fixed much earlier (webkit 1.2), but this was the version checked
NOTE: http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html
CVE-2010-4558 (phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and ...)
@@ -64680,6 +64714,7 @@
- w3m <unfixed> (unimportant; bug #532521)
NOTE: w3m doesn't have Javascript support and the boundary issue is harmles
- chromium-browser 26.0.1410.43-1 (bug #520324)
+ [squeeze] - chromium-browser <end-of-life>
NOTE: chromium has provides window.crypto.getRandomValues as a strong random number generator
NOTE: https://code.google.com/p/chromium/issues/detail?id=246054
- lynx 2.8.7rel.1-1 (unimportant; bug #532520)
More information about the Secure-testing-commits
mailing list