[Secure-testing-commits] r30470 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 1 13:04:55 UTC 2014
Author: carnil
Date: 2014-12-01 13:04:55 +0000 (Mon, 01 Dec 2014)
New Revision: 30470
Modified:
data/CVE/list
Log:
Add fixed version for chromium-browser
NOTE for reviewers: Please double check this one. Is CVE-2014-7910 also
fixed? And CVE-2014-0574 seems also to be a special case, while CVE
assigned to Flash.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-01 10:39:27 UTC (rev 30469)
+++ data/CVE/list 2014-12-01 13:04:55 UTC (rev 30470)
@@ -3413,43 +3413,43 @@
[squeeze] - chromium-browser <end-of-life>
NOTE: https://code.google.com/p/chromium/issues/detail?id=433500 (private)
CVE-2014-7909 (effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before ...)
- - chromium-browser <unfixed>
+ - chromium-browser 39.0.2171.71-1
[squeeze] - chromium-browser <end-of-life>
NOTE: https://code.google.com/p/chromium/issues/detail?id=391001 (private)
CVE-2014-7908 (Multiple integer overflows in the CheckMov function in ...)
- - chromium-browser <unfixed>
+ - chromium-browser 39.0.2171.71-1
[squeeze] - chromium-browser <end-of-life>
NOTE: https://code.google.com/p/chromium/issues/detail?id=425980 (private)
CVE-2014-7907 (Multiple use-after-free vulnerabilities in ...)
- - chromium-browser <unfixed>
+ - chromium-browser 39.0.2171.71-1
[squeeze] - chromium-browser <end-of-life>
NOTE: https://code.google.com/p/chromium/issues/detail?id=424453 (private)
CVE-2014-7906 (Use-after-free vulnerability in the Pepper plugins in Google Chrome ...)
- - chromium-browser <unfixed>
+ - chromium-browser 39.0.2171.71-1
[squeeze] - chromium-browser <end-of-life>
NOTE: https://code.google.com/p/chromium/issues/detail?id=423030 (private)
CVE-2014-7905 (Google Chrome before 39.0.2171.65 on Android does not prevent ...)
- - chromium-browser <unfixed>
+ - chromium-browser 39.0.2171.71-1
[squeeze] - chromium-browser <end-of-life>
NOTE: https://code.google.com/p/chromium/issues/detail?id=421817 (private)
CVE-2014-7904 (Buffer overflow in Skia, as used in Google Chrome before 39.0.2171.65, ...)
- - chromium-browser <unfixed>
+ - chromium-browser 39.0.2171.71-1
[squeeze] - chromium-browser <end-of-life>
NOTE: https://code.google.com/p/chromium/issues/detail?id=418161 (private)
CVE-2014-7903 (Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google ...)
- - chromium-browser <unfixed>
+ - chromium-browser 39.0.2171.71-1
[squeeze] - chromium-browser <end-of-life>
CVE-2014-7902 (Use-after-free vulnerability in PDFium, as used in Google Chrome ...)
- - chromium-browser <unfixed>
+ - chromium-browser 39.0.2171.71-1
[squeeze] - chromium-browser <end-of-life>
CVE-2014-7901 (Integer overflow in the opj_t2_read_packet_data function in ...)
- - chromium-browser <unfixed>
+ - chromium-browser 39.0.2171.71-1
[squeeze] - chromium-browser <end-of-life>
CVE-2014-7900 (Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile ...)
- - chromium-browser <unfixed>
+ - chromium-browser 39.0.2171.71-1
[squeeze] - chromium-browser <end-of-life>
CVE-2014-7899 (Google Chrome before 38.0.2125.101 allows remote attackers to spoof ...)
- - chromium-browser <unfixed>
+ - chromium-browser 39.0.2171.71-1
[squeeze] - chromium-browser <end-of-life>
NOTE: http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html
NOTE: https://chromium.googlesource.com/chromium/src/+/5cfbddc9cc972f5133f26664dbf5810bb569cd04
@@ -13783,7 +13783,7 @@
- arora <unfixed> (unimportant)
- bouncycastle <not-affected> (SSLv3 needs to be explicitly enabled)
NOTE: http://www.kb.cert.org/vuls/id/BLUU-9PYTFQ
- - chromium-browser <unfixed> (bug #765928)
+ - chromium-browser 39.0.2171.71-1 (bug #765928)
[squeeze] - chromium-browser <end-of-life>
- conkeror <unfixed> (unimportant)
- cyassl <unfixed> (bug #769905)
More information about the Secure-testing-commits
mailing list