Author: derevko-guest
Date: 2010-05-07 10:06:47 +0000 (Fri, 07 May 2010)
New Revision: 14619
Modified:
data/CVE/list
Log:
Get in contact with chromium security team,
except for CVE-2009-2352 all recent CVEs are fixed in chromium
5.0.375.29~r46008-1.
Need to determine CVE-2009-3456 CVE-2009-2068 and CVE-2009-1598
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-05-06 20:56:54 UTC (rev 14618)
+++ data/CVE/list 2010-05-07 10:06:47 UTC (rev 14619)
@@ -495,31 +495,31 @@
CVE-2010-1507
RESERVED
CVE-2010-1506 (The Google V8 bindings in Google Chrome before 4.1.249.1059
allow ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
- webkit <not-affected> (doesn't use v8 bindings yet)
TODO: recheck newer webkits
CVE-2010-1505 (Google Chrome before 4.1.249.1059 does not prevent pages from
loading ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
- webkit <undetermined>
TODO: check
CVE-2010-1504 (Cross-site scripting (XSS) vulnerability in Google Chrome
before ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
- webkit <undetermined>
TODO: check
CVE-2010-1503 (Cross-site scripting (XSS) vulnerability in Google Chrome
before ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
- webkit <undetermined>
TODO: check
CVE-2010-1502 (Unspecified vulnerability in Google Chrome before 4.1.249.1059
allows ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
- webkit <undetermined>
TODO: check
CVE-2010-1501 (Cross-site request forgery (CSRF) vulnerability in Google
Chrome ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
- webkit <undetermined>
TODO: check
CVE-2010-1500 (Google Chrome before 4.1.249.1059 does not properly support
forms, ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
- webkit <undetermined>
TODO: check
CVE-2010-1499 (SQL injection vulnerability in genre_artists.php in MusicBox
3.3 ...)
@@ -1263,23 +1263,23 @@
- kdelibs <undetermined>
- kde4libs <undetermined>
- qt4-x11 <undetermined>
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
NOTE: http://trac.webkit.org/changeset/55511
NOTE: evidence of memory corruption
http://code.google.com/p/chromium/issues/detail?id=37061
CVE-2010-1236 (Google Chrome before 4.1.249.1036 does not properly restrict
...)
- webkit <not-affected> (bug #577457; proof-of-concepts are not
effective against webkit)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
NOTE: http://trac.webkit.org/changeset/55822
NOTE: vulnerable code is in KURL.cpp even though the changeset says it
is in KURLGoogle.cpp
CVE-2010-1235 (Unspecified vulnerability in Google Chrome before 4.1.249.1036
allows ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
NOTE: issue in chrome-specific download dialog
CVE-2010-1234 (Unspecified vulnerability in Google Chrome before 4.1.249.1036
allows ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
NOTE: chrome-specific and claimed windows-only
CVE-2010-1233 (Multiple integer overflows in Google Chrome before 4.1.249.1036
allow ...)
- webkit <not-affected> (v8 and webgl not yet included)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
NOTE: http://trac.webkit.org/changeset/55376
TODO: recheck as newer webkits get uploaded
CVE-2010-1232 (Google Chrome before 4.1.249.1036 allows remote attackers to
cause a ...)
@@ -1287,23 +1287,23 @@
- kdelibs <undetermined>
- kde4libs <undetermined>
- qt4-x11 <undetermined>
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
NOTE: http://code.google.com/p/chromium/issues/detail?id=34978
CVE-2010-1231 (Google Chrome before 4.1.249.1036 processes HTTP headers before
...)
- webkit <undetermined>
- kdelibs <undetermined>
- kde4libs <undetermined>
- qt4-x11 <undetermined>
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
TODO: check
CVE-2010-1230 (Google Chrome before 4.1.249.1036 does not have the expected
behavior ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
NOTE: chrome-specific issue
CVE-2010-1229 (The sandbox infrastructure in Google Chrome before 4.1.249.1036
does ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
NOTE: chrome-specific sandboxing issue
CVE-2010-1228 (Multiple race conditions in the sandbox infrastructure in
Google ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
NOTE: chrome-specific sandboxing issue
CVE-2010-1227 (Cross-site scripting (XSS) vulnerability in Sun Java System ...)
NOT-FOR-US: Sun Java System Communication Express
@@ -2938,36 +2938,36 @@
[lenny] - konversation <not-affected> (Doesn't affect the combination
of kdelibs/QT in Lenny)
NOTE: http://bugs.kde.org/show_bug.cgi?id=219985
CVE-2010-0664 (Stack consumption vulnerability in the ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-0663 (The ParamTraits<SkBitmap>::Read function in ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-0662 (The ParamTraits<SkBitmap>::Read function in ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-0661 (WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit
before ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
- webkit <not-affected> (no v8 code included yet)
TODO: recheck as newer webkits are uploaded
CVE-2010-0660 (Google Chrome before 4.0.249.78 sends an https URL in the
Referer ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-0659 (The image decoder in WebKit before r52833, as used in Google
Chrome ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
- webkit 1.1.21-1 (low)
- qt4-x11 <undetermined> (low)
- kdelibs <undetermined> (low)
- kde4libs <undetermined> (low)
CVE-2010-0658 (Multiple integer overflows in Skia, as used in Google Chrome
before ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-0657 (Google Chrome before 4.0.249.78 on Windows does not perform the
...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
NOTE: claimed to be a windows-only issue
CVE-2010-0656 (WebKit before r51295, as used in Google Chrome before
4.0.249.78, ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
- webkit 1.1.21-1 (low)
- qt4-x11 <undetermined> (low)
- kdelibs <undetermined> (low)
- kde4libs <undetermined> (low)
CVE-2010-0655 (Use-after-free vulnerability in Google Chrome before 4.0.249.78
allows ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-0654 (Mozilla Firefox permits cross-origin loading of CSS stylesheets
even ...)
- xulrunner <undetermined> (bug #570743)
CVE-2010-0653 (Opera permits cross-origin loading of CSS stylesheets even when
the ...)
@@ -2975,7 +2975,7 @@
CVE-2010-0652 (Microsoft Internet Explorer permits cross-origin loading of CSS
...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-0651 (WebKit before r52784, as used in Google Chrome before
4.0.249.78 and ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
- webkit 1.1.21-1 (low)
[lenny] - webkit <no-dsa> (Too intrusive to backport, disk of
regression higher than impact at hand)
- qt4-x11 <undetermined> (low)
@@ -2983,7 +2983,7 @@
- kde4libs <undetermined> (low)
NOTE: http://trac.webkit.org/changeset/52784
CVE-2010-0650 (WebKit, as used in Google Chrome before 4.0.249.78 and Apple
Safari, ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
- webkit 1.1.21-1 (unimportant)
NOTE: http://code.google.com/p/chromium/issues/detail?id=3275
- qt4-x11 <undetermined> (unimportant)
@@ -2991,23 +2991,23 @@
- kde4libs <undetermined> (unimportant)
NOTE: unimportant because this is just a popup blocker bypass
CVE-2010-0649 (Integer overflow in the CrossCallParamsEx::CreateFromBuffer
function ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-0648 (Mozilla Firefox, possibly before 3.6, allows remote attackers
to ...)
- xulrunner <undetermined> (bug #570743)
CVE-2010-0647 (WebKit before r53525, as used in Google Chrome before
4.0.249.89, ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
- webkit 1.1.21-1 (medium)
- qt4-x11 <undetermined> (medium)
- kdelibs <undetermined> (medium)
- kde4libs <undetermined> (medium)
CVE-2010-0646 (Multiple integer signedness errors in factory.cc in Google V8
before ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-0645 (Multiple integer overflows in factory.cc in Google V8 before
r3560, as ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-0644 (Google Chrome before 4.0.249.89, when a SOCKS 5 proxy server is
...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-0643 (Google Chrome before 4.0.249.89 attempts to make direct
connections to ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2010-0642 (Cisco Collaboration Server (CCS) 5 allows remote attackers to
read the ...)
NOT-FOR-US: Cisco Collaboration Server
CVE-2010-0641 (Cross-site scripting (XSS) vulnerability in ...)
@@ -3277,7 +3277,7 @@
CVE-2010-0557 (IBM Cognos Express 9.0 allows attackers to obtain unspecified
access ...)
NOT-FOR-US: IBM Cognos Express
CVE-2010-0556 (browser/login/login_prompt.cc in Google Chrome before
4.0.249.89 ...)
- - chromium-browser <undetermined> (low)
+ - chromium-browser 5.0.375.29~r46008-1
CVE-2003-1587 (Cross-site scripting (XSS) vulnerability in LoganPro allows
remote ...)
NOT-FOR-US: LoganPro
CVE-2003-1586 (Cross-site scripting (XSS) vulnerability in WebExpert allows
remote ...)
@@ -3978,7 +3978,7 @@
CVE-2010-0316 (Integer overflow in Google SketchUp before 7.1 M2 allows remote
...)
NOT-FOR-US: Google SketchUp
CVE-2010-0315 (WebKit before r53607, as used in Google Chrome before
4.0.249.89, ...)
- - chromium-browser <undetermined>
+ - chromium-browser 5.0.375.29~r46008-1
- webkit 1.1.21-1 (low)
[lenny] - webkit <no-dsa> (Too intrusive to backport, disk of
regression higher than impact at hand)
- qt4-x11 <undetermined>
@@ -11894,7 +11894,9 @@
CVE-2009-2353 (encoder.php in eAccelerator allows remote attackers to execute
...)
- eaccelerator-src <itp> (bug #460341)
CVE-2009-2352 (Google Chrome 1.0.154.48 and earlier does not block javascript:
URIs ...)
- - chromium-browser <undetermined>
+ - chromium-browser <unfixed>
+ NOTE: chromium security team doesn't consider this a valid security
issue
+ NOTE: http://crbug.com/40086
CVE-2009-2351 (Opera 9.52 and earlier does not block javascript: URIs in
Refresh ...)
NOT-FOR-US: Opera
CVE-2009-2350 (Microsoft Internet Explorer 6.0.2900.2180 and earlier does not
block ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
