[Secure-testing-commits] r15747 - data/CVE

Giuseppe Iuculano Fri, 24 Dec 2010 04:26:27 -0800

Author: iuculano
Date: 2010-12-24 12:25:55 +0000 (Fri, 24 Dec 2010)
New Revision: 15747


Modified:
   data/CVE/list
Log:
chromium/webkit issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-12-23 21:14:45 UTC (rev 15746)
+++ data/CVE/list       2010-12-24 12:25:55 UTC (rev 15747)
@@ -149,14 +149,14 @@
 CVE-2010-4577 (Google Chrome before 8.0.552.224 and Chrome OS before 
8.0.552.343 do ...)
        TODO: check
 CVE-2010-4576 (browser/worker_host/message_port_dispatcher.cc in Google Chrome 
before ...)
-       - chromium-browser <unfixed> (bug #607843; low)
+       - chromium-browser 6.0.472.63~r59945-4 (bug #607843; low)
        NOTE: http://code.google.com/p/chromium/issues/detail?id=63529
 CVE-2010-4575 (The ThemeInstalledInfoBarDelegate::Observe function in ...)
-       - chromium-browser <unfixed> (bug #607846; low)
+       - chromium-browser 6.0.472.63~r59945-4 (bug #607846; low)
        NOTE: http://code.google.com/p/chromium/issues/detail?id=60761
        NOTE: http://codereview.chromium.org/5326011/
 CVE-2010-4574 (The Pickle::Pickle function in base/pickle.cc in Google Chrome 
before ...)
-       - chromium-browser <unfixed> (bug #607848; low)
+       - chromium-browser 6.0.472.63~r59945-4 (bug #607848; low)
        NOTE: http://code.google.com/p/chromium/issues/detail?id=56449
        NOTE: http://codereview.chromium.org/4716006
 CVE-2010-4573 (The Update Installer in VMware ESXi 4.1, when a modified 
sfcb.cfg is ...)
@@ -486,8 +486,7 @@
 CVE-2010-4495 (Unspecified vulnerability in the ActiveMatrix Runtime component 
in ...)
        NOT-FOR-US: TIBCO ActiveMatrix
 CVE-2010-4494 (Double free vulnerability in Google Chrome before 8.0.552.215 
allows ...)
-       - chromium-browser <undetermined>
-       - webkit <undetermined>
+       - libxml2 <unfixed> (bug #607922) 
 CVE-2010-4493 (Use-after-free vulnerability in Google Chrome before 
8.0.552.215 ...)
        - chromium-browser <undetermined>
        - webkit <undetermined>
@@ -504,26 +503,36 @@
        - chromium-browser <undetermined>
        - webkit <undetermined>
 CVE-2010-4488 (Google Chrome before 8.0.552.215 does not properly handle HTTP 
proxy ...)
-       - chromium-browser <undetermined>
-       - webkit <undetermined>
+       - chromium-browser <unfixed> (unimportant)
+       [squeeze] - chromium-browser <not-affected>
+       - webkit <not-affected> (chromium issue)
+       NOTE: only a browser crash
 CVE-2010-4487 (Incomplete blacklist vulnerability in Google Chrome before 
8.0.552.215 ...)
-       - chromium-browser <undetermined>
-       - webkit <undetermined>
+       - chromium-browser 6.0.472.63~r59945-3
+       - webkit <not-affected> (chromium issue)
 CVE-2010-4486 (Use-after-free vulnerability in Google Chrome before 
8.0.552.215 ...)
-       - chromium-browser <undetermined>
+       - chromium-browser 6.0.472.63~r59945-3
        - webkit <undetermined>
+       NOTE: http://trac.webkit.org/changeset/71170
 CVE-2010-4485 (Google Chrome before 8.0.552.215 does not properly restrict the 
...)
-       - chromium-browser <undetermined>
+       - chromium-browser <unfixed> (unimportant)
        - webkit <undetermined>
+       NOTE: http://trac.webkit.org/changeset/69914
+       NOTE: only a browser crash
 CVE-2010-4484 (Google Chrome before 8.0.552.215 does not properly handle HTML5 
...)
-       - chromium-browser <undetermined>
-       - webkit <undetermined>
+       - chromium-browser <unfixed> (unimportant)
+       [squeeze] - chromium-browser <not-affected>
+       - webkit <not-affected> (chromium specific)
+       NOTE: only a browser crash
 CVE-2010-4483 (Google Chrome before 8.0.552.215 does not properly restrict 
read ...)
-       - chromium-browser <undetermined>
+       - chromium-browser 6.0.472.63~r59945-3
        - webkit <undetermined>
+       NOTE: https://bugs.webkit.org/show_bug.cgi?id=46678
 CVE-2010-4482 (Unspecified vulnerability in Google Chrome before 8.0.552.215 
allows ...)
-       - chromium-browser <undetermined>
+       - chromium-browser <unfixed> (unimportant)
        - webkit <undetermined>
+       NOTE: unimportant, bypass the pop-up blocker
+       NOTE: http://trac.webkit.org/changeset/69990
 CVE-2010-4481 (phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass 
...)
        - phpmyadmin <unfixed>
        TODO: check


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r15747 - data/CVE

Reply via email to