[Secure-testing-commits] r26986 - in data: . CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed May 21 05:20:53 UTC 2014 

Author: jmm
Date: 2014-05-21 05:20:53 +0000 (Wed, 21 May 2014)
New Revision: 26986

Modified:
   data/CVE/list
   data/dsa-needed.txt
Log:
new chrome issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-05-21 05:16:43 UTC (rev 26985)
+++ data/CVE/list	2014-05-21 05:20:53 UTC (rev 26986)
@@ -630,7 +630,7 @@
 CVE-2013-7376 (Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX ...)
 	TODO: check
 CVE-2014-3800 [file containing a password world readable]
-	- xbmc <unfixed> (bug #747428)
+	- xbmc <unfixed> (low; bug #747428)
 	NOTE: http://trac.xbmc.org/ticket/15198
 CVE-2014-3774 [Multiple XSS vectors in items.php]
 	RESERVED
@@ -1377,6 +1377,9 @@
 	RESERVED
 CVE-2014-3152
 	RESERVED
+	- chromium-browser <unfixed>
+	- libv8 <removed>
+	- libv8-3.14 <unfixed>
 CVE-2014-3151
 	RESERVED
 CVE-2014-3150
@@ -5046,18 +5049,25 @@
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2014-1749
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2014-1748
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2014-1747
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2014-1746
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2014-1745
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2014-1744
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2014-1743
 	RESERVED
+	- chromium-browser <unfixed>
 CVE-2014-1742 (Use-after-free vulnerability in the FrameSelection::updateAppearance ...)
 	{DSA-2930-1}
 	- chromium-browser 34.0.1847.137-1
@@ -54425,7 +54435,7 @@
 CVE-2011-2076 (MediaCAST 8 and earlier stores passwords in cleartext, which makes it ...)
 	NOT-FOR-US: MediaCAST
 CVE-2011-2075 (Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 ...)
-	- chromium-browser <undetermined>
+	NOT-FOR-US: Historical Chrome issue on Windows
 CVE-2011-2074 (Unspecified vulnerability in the client in Skype 5.x before 5.1.0.922 ...)
 	NOT-FOR-US: Skype
 CVE-2011-2073

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2014-05-21 05:16:43 UTC (rev 26985)
+++ data/dsa-needed.txt	2014-05-21 05:20:53 UTC (rev 26986)
@@ -17,6 +17,8 @@
 --
 cacti
 --
+chromium-browser
+--
 fail2ban
 --
 icinga

More information about the Secure-testing-commits mailing list