[Secure-testing-commits] r32102 - data/CVE

Mon Feb 9 09:04:51 UTC 2015

Author: jmm
Date: 2015-02-09 09:04:51 +0000 (Mon, 09 Feb 2015)
New Revision: 32102

Modified:
   data/CVE/list
Log:
mark chromium issues split-off CVE-2015-1205 also as fixed
one RH issue to-be-rejected


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-02-09 07:54:15 UTC (rev 32101)
+++ data/CVE/list	2015-02-09 09:04:51 UTC (rev 32102)
@@ -362,20 +362,18 @@
 CVE-2015-1362 (Buffer overflow in the Customize 35mm tab in Two Pilots Exif Pilot ...)
 	NOT-FOR-US: Exif Pilot
 CVE-2015-1361 (platform/image-decoders/ImageFrame.h in Blink, as used in Google ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-	TODO: check
 CVE-2015-1360 (Skia, as used in Google Chrome before 40.0.2214.91, allows remote ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
 	TODO: check
 CVE-2015-1359 (Multiple off-by-one errors in fpdfapi/fpdf_font/font_int.h in PDFium, ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-	TODO: check
 CVE-2015-1358
 	RESERVED
 CVE-2015-1357 (Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, ...)
@@ -385,15 +383,11 @@
 CVE-2015-1355
 	RESERVED
 CVE-2014-9648 (components/navigation_interception/intercept_navigation_resource_throttle.cc ...)
-	- chromium-browser <unfixed>
-	[wheezy] - chromium-browser <end-of-life>
-	[squeeze] - chromium-browser <end-of-life>
-	TODO: check
+	- chromium-browser <not-affected> (Chrome on Android)
 CVE-2014-9647 (Use-after-free vulnerability in PDFium, as used in Google Chrome ...)
-	- chromium-browser <unfixed>
+	- chromium-browser 40.0.2214.91-1
 	[wheezy] - chromium-browser <end-of-life>
 	[squeeze] - chromium-browser <end-of-life>
-	TODO: check
 CVE-2014-9646 (Unquoted Windows search path vulnerability in the ...)
 	- chromium-browser <not-affected> (Windows specific problem for chromium-browser)
 CVE-2015-XXXX [XSA-118]
@@ -105025,7 +105019,7 @@
 	- pango1.0 1.24.0-2 (medium; bug #527474)
 CVE-2009-1193
 	RESERVED
-	- dbus <not-affected> (Only affects 1.2.4, which was only in experimental)
+	NOTE: To be rejected
 CVE-2009-1192 (The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages ...)
 	{DSA-1800-1 DSA-1794-1 DSA-1787-1}
 	- linux-2.6 2.6.29-4


