Author: iuculano Date: 2010-07-19 13:15:44 +0000 (Mon, 19 Jul 2010) New Revision: 15001
Modified: data/CVE/list data/embedded-code-copies Log: CVE-2010-2713 fixed in vte 1:0.24.3-1 CVE-2010-2249 and CVE-2010-1205: tuxonice-userui was binNMUed CVE-2010-2244: fixed in avahi 0.6.26-1 webkit and chromium issues Modified: data/CVE/list =================================================================== --- data/CVE/list 2010-07-19 12:27:50 UTC (rev 15000) +++ data/CVE/list 2010-07-19 13:15:44 UTC (rev 15001) @@ -112,8 +112,11 @@ NOT-FOR-US: TCW PHP Album CVE-2010-2714 (SQL injection vulnerability in photos/index.php in TCW PHP Album 1.0 ...) NOT-FOR-US: TCW PHP Album -CVE-2010-2713 +CVE-2010-2713 [vte: responds to get window title escape sequence request] RESERVED + - vte 1:0.24.3-1 + NOTE: http://git.gnome.org/browse/vte/commit/?id=58bc3a942f198a1a8788553ca72c19d7c1702b74 + NOTE: http://git.gnome.org/browse/vte/commit/?id=8b971a7b2c59902914ecbbc3915c45dd21530a91 CVE-2010-2712 RESERVED CVE-2010-2711 @@ -258,29 +261,46 @@ CVE-2009-4925 (Multiple SQL injection vulnerabilities in Portale e-commerce Creasito ...) TODO: check CVE-2010-2652 (Google Chrome before 5.0.375.99 does not properly implement modal ...) - - webkit <undetermined> - - chromium-browser <undetermined> + - webkit <not-affected> (chromium specific issue) + - chromium-browser 5.0.375.99~r51029-1 CVE-2010-2651 (The Cascading Style Sheets (CSS) implementation in Google Chrome ...) - webkit <undetermined> - - chromium-browser <undetermined> + - chromium-browser 5.0.375.99~r51029-1 + NOTE: https://bugs.webkit.org/show_bug.cgi?id=38891 + NOTE: http://src.chromium.org/viewvc/chrome?view=rev&revision=51014 CVE-2010-2650 (Unspecified vulnerability in Google Chrome before 5.0.375.99 has ...) - - webkit <undetermined> - - chromium-browser <undetermined> + - webkit <not-affected> (chromium specific) + - chromium-browser 5.0.375.99~r51029-1 CVE-2010-2649 (Unspecified vulnerability in Google Chrome before 5.0.375.99 allows ...) - webkit <undetermined> - - chromium-browser <undetermined> + - chromium-browser 5.0.375.99~r51029-1 + NOTE: https://bugs.webkit.org/show_bug.cgi?id=39797 + NOTE: http://trac.webkit.org/changeset/60973 + NOTE: http://trac.webkit.org/changeset/60977 CVE-2010-2648 (The implementation of the Unicode Bidirectional Algorithm (aka Bidi ...) - webkit <undetermined> - - chromium-browser <undetermined> + - chromium-browser 5.0.375.99~r51029-1 + NOTE: https://bugs.webkit.org/show_bug.cgi?id=39305 + NOTE: http://trac.webkit.org/projects/webkit/changeset/61921 CVE-2010-2647 (Google Chrome before 5.0.375.99 allows remote attackers to cause a ...) - webkit <undetermined> - - chromium-browser <undetermined> + - chromium-browser 5.0.375.99~r51029-1 + NOTE: https://bugs.webkit.org/show_bug.cgi?id=38627 + NOTE: http://trac.webkit.org/changeset/61667 + NOTE: http://trac.webkit.org/changeset/61669 + NOTE: http://trac.webkit.org/changeset/61676 + NOTE: http://trac.webkit.org/changeset/61679 CVE-2010-2646 (Google Chrome before 5.0.375.99 does not properly isolate sandboxed ...) - webkit <undetermined> - - chromium-browser <undetermined> + - chromium-browser 5.0.375.99~r51029-1 + NOTE: https://bugs.webkit.org/show_bug.cgi?id=38151 + NOTE: http://trac.webkit.org/changeset/58873 + NOTE: http://trac.webkit.org/changeset/59870 CVE-2010-2645 (Unspecified vulnerability in Google Chrome before 5.0.375.99, when ...) - webkit <undetermined> - - chromium-browser <undetermined> + - chromium-browser 5.0.375.99~r51029-1 + NOTE: https://bugs.webkit.org/show_bug.cgi?id=38039 + NOTE: http://trac.webkit.org/changeset/58957 CVE-2010-2644 RESERVED CVE-2010-2643 @@ -1253,8 +1273,8 @@ NOTE: http://www.ocert.org/advisories/ocert-2010-001.html CVE-2010-2249 (Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before ...) - libpng 1.2.44-1 (low; bug #587670) - - tuxonice-userui <unfixed> (unimportant) - TODO: binNMU tuxonice-userui once libpng is fixed + - tuxonice-userui 1.0-1 (unimportant) + NOTE: tuxonice-userui 1.0-1 was binNMUed CVE-2010-2248 [os/2 smb issue] RESERVED - linux-2.6 2.6.32-12 (low) @@ -1269,7 +1289,7 @@ CVE-2010-2245 RESERVED CVE-2010-2244 (The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in ...) - - avahi <undetermined> + - avahi 0.6.26-1 CVE-2010-2243 [timekeeping oops] RESERVED - linux-2.6 2.6.32-11 @@ -4164,8 +4184,8 @@ NOTE: Scheduled for next round of Firefox updates (20th July) CVE-2010-1205 (Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before ...) - libpng 1.2.44-1 (bug #587670) - - tuxonice-userui <unfixed> - TODO: binNMU tuxonice-userui once libpng is fixed + - tuxonice-userui 1.0-1 + NOTE: tuxonice-userui 1.0-1 was binNMUed CVE-2010-1204 (Search.pm in Bugzilla 2.17.1 through 3.2.6, 3.3.1 through 3.4.6, 3.5.1 ...) - bugzilla 3.4.7.0-1 (low; bug #587663) [lenny] - bugzilla <no-dsa> (Minor issue) Modified: data/embedded-code-copies =================================================================== --- data/embedded-code-copies 2010-07-19 12:27:50 UTC (rev 15000) +++ data/embedded-code-copies 2010-07-19 13:15:44 UTC (rev 15001) @@ -702,6 +702,7 @@ - kde4libs <unfixable> (fork) NOTE: kde4lib's khtml and webkit were forked from khtml (this tracking, which seems NOTE: reversed genesis-wise, is used because of so much other stuff in kde4libs) + - chromium-browser <unfixed> (fork) ftgl - blender 2.46+dfsg-1 (embed) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits