[Secure-testing-commits] r28866 - data/CVE
Holger Levsen
holger at moszumanska.debian.org
Wed Sep 17 14:25:42 UTC 2014
Author: holger
Date: 2014-09-17 14:25:42 +0000 (Wed, 17 Sep 2014)
New Revision: 28866
Modified:
data/CVE/list
Log:
split 12 NOTES with several http(s)-URLs into several lines.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-09-17 14:05:46 UTC (rev 28865)
+++ data/CVE/list 2014-09-17 14:25:42 UTC (rev 28866)
@@ -23739,7 +23739,8 @@
CVE-2013-4339 (WordPress before 3.6.1 does not properly validate URLs before use in ...)
{DSA-2757-1}
- wordpress 3.6.1+dfsg-1 (bug #722537)
- NOTE: http://core.trac.wordpress.org/changeset/25323 and http://core.trac.wordpress.org/changeset/25324
+ NOTE: http://core.trac.wordpress.org/changeset/25323
+ NOTE: http://core.trac.wordpress.org/changeset/25324
CVE-2013-4338 (wp-includes/functions.php in WordPress before 3.6.1 does not properly ...)
{DSA-2757-1}
- wordpress 3.6.1+dfsg-1 (bug #722537)
@@ -48078,7 +48079,8 @@
CVE-2012-1823 (sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when ...)
{DSA-2465-1}
- php5 5.4.3-1
- NOTE: http://ompldr.org/vZGxxaQ https://bugs.php.net/bug.php?id=61910
+ NOTE: http://ompldr.org/vZGxxaQ
+ NOTE: https://bugs.php.net/bug.php?id=61910
NOTE: 5.4.2-1 'fixed' this, but fix is incomplete: CVE-2012-2311
CVE-2012-1822
RESERVED
@@ -59170,7 +59172,9 @@
CVE-2011-2880 (Use-after-free vulnerability in Google Chrome before 14.0.835.202 ...)
- chromium-browser 14.0.835.202~r103287-1
[squeeze] - chromium-browser <not-affected>
- NOTE: http://trac.webkit.org/changeset/95667 http://trac.webkit.org/changeset/95689 http://trac.webkit.org/changeset/95728
+ NOTE: http://trac.webkit.org/changeset/95667
+ NOTE: http://trac.webkit.org/changeset/95689
+ NOTE: http://trac.webkit.org/changeset/95728
CVE-2011-2879 (Google Chrome before 14.0.835.202 does not properly consider object ...)
- chromium-browser 14.0.835.202~r103287-1
[squeeze] - chromium-browser <not-affected>
@@ -59266,7 +59270,8 @@
CVE-2011-2854 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 ...)
- chromium-browser 14.0.835.163~r101024-1
[squeeze] - chromium-browser <not-affected>
- NOTE: http://trac.webkit.org/changeset/94109 http://trac.webkit.org/changeset/94543
+ NOTE: http://trac.webkit.org/changeset/94109
+ NOTE: http://trac.webkit.org/changeset/94543
CVE-2011-2853 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 ...)
- chromium-browser 14.0.835.163~r101024-1
[squeeze] - chromium-browser <not-affected>
@@ -59369,7 +59374,9 @@
CVE-2011-2825 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 ...)
- chromium-browser 13.0.782.215~r97094-1
[squeeze] - chromium-browser <not-affected>
- NOTE: http://trac.webkit.org/r91738 http://trac.webkit.org/r91739 http://trac.webkit.org/changeset/92744
+ NOTE: http://trac.webkit.org/r91738
+ NOTE: http://trac.webkit.org/r91739
+ NOTE: http://trac.webkit.org/changeset/92744
CVE-2011-2824 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 ...)
- chromium-browser 13.0.782.215~r97094-1
[squeeze] - chromium-browser <end-of-life>
@@ -60732,11 +60739,13 @@
CVE-2011-2351 (Use-after-free vulnerability in Google Chrome before 12.0.742.112 ...)
- chromium-browser 12.0.742.112~r90304-1
[squeeze] - chromium-browser <not-affected>
- NOTE: http://trac.webkit.org/changeset/88584 http://trac.webkit.org/changeset/88549
+ NOTE: http://trac.webkit.org/changeset/88584
+ NOTE: http://trac.webkit.org/changeset/88549
CVE-2011-2350 (The HTML parser in Google Chrome before 12.0.742.112 does not properly ...)
- chromium-browser 12.0.742.112~r90304-1
[squeeze] - chromium-browser <not-affected>
- NOTE: http://trac.webkit.org/changeset/88411 http://trac.webkit.org/changeset/88434
+ NOTE: http://trac.webkit.org/changeset/88411
+ NOTE: http://trac.webkit.org/changeset/88434
CVE-2011-2349 (Use-after-free vulnerability in Google Chrome before 12.0.742.112 ...)
- chromium-browser 12.0.742.112~r90304-1
[squeeze] - chromium-browser <not-affected>
@@ -62156,7 +62165,9 @@
CVE-2011-1808 (Use-after-free vulnerability in Google Chrome before 12.0.742.91 ...)
- chromium-browser 12.0.742.91~r87961-1
[squeeze] - chromium-browser <not-affected>
- NOTE: http://trac.webkit.org/changeset/84096 http://trac.webkit.org/changeset/84098 http://trac.webkit.org/changeset/84119
+ NOTE: http://trac.webkit.org/changeset/84096
+ NOTE: http://trac.webkit.org/changeset/84098
+ NOTE: http://trac.webkit.org/changeset/84119
CVE-2011-1807 (Google Chrome before 11.0.696.71 does not properly handle blobs, which ...)
- chromium-browser 11.0.696.71~r86024-1
[squeeze] - chromium-browser <not-affected>
@@ -63275,7 +63286,8 @@
CVE-2011-1441 (Google Chrome before 11.0.696.57 does not properly perform a cast of ...)
- chromium-browser 11.0.696.65~r84435-1
[squeeze] - chromium-browser <not-affected>
- NOTE: http://trac.webkit.org/changeset/80773 http://trac.webkit.org/changeset/81088
+ NOTE: http://trac.webkit.org/changeset/80773
+ NOTE: http://trac.webkit.org/changeset/81088
CVE-2011-1440 (Use-after-free vulnerability in Google Chrome before 11.0.696.57 ...)
{DSA-2245-1}
- chromium-browser 11.0.696.65~r84435-1
@@ -71397,7 +71409,8 @@
- chromium-browser 6.0.472.53~r57914-1
- webkit 1.2.5-1
[lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps)
- NOTE: http://trac.webkit.org/changeset/65748 https://bugs.webkit.org/show_bug.cgi?id=44226
+ NOTE: http://trac.webkit.org/changeset/65748
+ NOTE: https://bugs.webkit.org/show_bug.cgi?id=44226
CVE-2010-3256 (Google Chrome before 6.0.472.53 does not properly limit the number of ...)
- chromium-browser 6.0.472.53~r57914-1
- webkit <not-affected>
@@ -71446,7 +71459,8 @@
CVE-2010-3246 (Google Chrome before 6.0.472.53 does not properly handle the _blank ...)
- chromium-browser 6.0.472.53~r57914-1
- webkit <not-affected> (vulnerable code not present in 1.2.x series)
- NOTE: https://bugs.webkit.org/show_bug.cgi?id=34541 https://bugs.webkit.org/show_bug.cgi?id=44969
+ NOTE: https://bugs.webkit.org/show_bug.cgi?id=34541
+ NOTE: https://bugs.webkit.org/show_bug.cgi?id=44969
NOTE: http://trac.webkit.org/changeset/66742
CVE-2010-3245 (The automated-backup functionality in Blackboard Transact Suite ...)
NOT-FOR-US: Blackboard Transact Suite
@@ -122731,7 +122745,9 @@
CVE-2007-XXXX [heap-based buffer overflow in git-blame with long file names]
[etch] - git-core <not-affected> (1.4.4.4 tagged 2007-1-8, bug introduced 2007-1-30)
- git-core 1:1.5.1.2-1 (low)
- NOTE: http://git.kernel.org/?p=git/git.git;a=commit;h=1bb88be99e4fdedcd5cc5292c11b566a00028deb, http://git.kernel.org/?p=git/git.git;a=commitdiff;h=1cfe77333f274c9ba9879c2eb61057a790eb050f, http://git.kernel.org/?p=git/git.git;a=tag;h=ae9ced19800491a5d80de5ee36bc07d68868a4dd
+ NOTE: http://git.kernel.org/?p=git/git.git;a=commit;h=1bb88be99e4fdedcd5cc5292c11b566a00028deb
+ NOTE: http://git.kernel.org/?p=git/git.git;a=commitdiff;h=1cfe77333f274c9ba9879c2eb61057a790eb050f
+ NOTE: http://git.kernel.org/?p=git/git.git;a=tag;h=ae9ced19800491a5d80de5ee36bc07d68868a4dd
CVE-2007-2138 (Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x ...)
{DSA-1311-1 DSA-1309-1}
- postgresql-8.2 8.2.4-1
More information about the Secure-testing-commits
mailing list