Author: iuculano
Date: 2011-10-21 11:54:28 +0000 (Fri, 21 Oct 2011)
New Revision: 17473
Modified:
data/CVE/list
Log:
chromium/webkit issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-10-21 11:35:10 UTC (rev 17472)
+++ data/CVE/list 2011-10-21 11:54:28 UTC (rev 17473)
@@ -3564,10 +3564,13 @@
- webkit <not-affected> (chromium specific)
CVE-2011-2848 (Google Chrome before 14.0.835.163 allows user-assisted remote
...)
- chromium-browser 14.0.835.163~r101024-1
- - webkit <undetermined>
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <not-affected> (chromium specific)
CVE-2011-2847 (Use-after-free vulnerability in the document loader in Google
Chrome ...)
- chromium-browser 14.0.835.163~r101024-1
+ [squeeze] - chromium-browser <not-affected>
- webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/93521
CVE-2011-2846 (Use-after-free vulnerability in Google Chrome before
14.0.835.163 ...)
- chromium-browser 14.0.835.163~r101024-1
- webkit <undetermined>
@@ -3575,33 +3578,41 @@
RESERVED
CVE-2011-2844 (Google Chrome before 14.0.835.163 does not properly process MP3
files, ...)
- chromium-browser 14.0.835.163~r101024-1
- - webkit <undetermined>
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <not-affected>
+ TODO: check ffmpeg,
http://src.chromium.org/viewvc/chrome?view=rev&revision=88382
CVE-2011-2843 (Google Chrome before 14.0.835.163 does not properly handle
media ...)
- chromium-browser 14.0.835.163~r101024-1
- - webkit <undetermined>
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <not-affected> (chromium specific)
CVE-2011-2842 (The installer in Google Chrome before 14.0.835.163 on Mac OS X
does ...)
- - chromium-browser <undetermined>
- - webkit <undetermined>
+ - chromium-browser <not-affected>
+ - webkit <not-affected>
CVE-2011-2841 (Google Chrome before 14.0.835.163 does not properly perform
garbage ...)
- - chromium-browser <undetermined>
- - webkit <undetermined>
+ - chromium-browser <not-affected> (pdf plugin)
+ - webkit <not-affected>
CVE-2011-2840 (Google Chrome before 14.0.835.163 allows user-assisted remote
...)
- chromium-browser 14.0.835.163~r101024-1
+ [squeeze] - chromium-browser <not-affected>
- webkit <undetermined>
+ NOTE: http://trac.webkit.org/changeset/90164
CVE-2011-2839 (The PDF implementation in Google Chrome before 13.0.782.215 on
Linux ...)
- chromium-browser <not-affected> (Pdf plugin)
CVE-2011-2838 (Google Chrome before 14.0.835.163 does not properly consider
the MIME ...)
- chromium-browser 14.0.835.163~r101024-1
- - webkit <undetermined>
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <not-affected> (chromium specific)
CVE-2011-2837 (Google Chrome before 14.0.835.163 on Linux does not use the PIC
and ...)
- chromium-browser 14.0.835.163~r101024-1
- - webkit <undetermined>
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <not-affected> (chromium specific)
CVE-2011-2836 (Google Chrome before 14.0.835.163 does not require Infobar
interaction ...)
- - chromium-browser 14.0.835.163~r101024-1
- - webkit <undetermined>
+ - chromium-browser 14.0.835.163~r101024-1 (unimportant)
+ - webkit <not-affected> (chromium specific)
CVE-2011-2835 (Race condition in Google Chrome before 14.0.835.163 allows
attackers ...)
- chromium-browser 14.0.835.163~r101024-1
- - webkit <undetermined>
+ [squeeze] - chromium-browser <not-affected>
+ - webkit <not-affected>
CVE-2011-2834 (Double free vulnerability in libxml2, as used in Google Chrome
before ...)
- libxml2 2.7.8.dfsg-5 (bug #643648)
CVE-2011-2833
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
