Author: derevko-guest
Date: 2010-04-05 10:27:02 +0000 (Mon, 05 Apr 2010)
New Revision: 14405
Modified:
data/CVE/list
Log:
- fixed chromium source name
- CVE-2009-2688 fixed in sid
- CVE-2010-0828 fixed in sid
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-04-05 09:14:42 UTC (rev 14404)
+++ data/CVE/list 2010-04-05 10:27:02 UTC (rev 14405)
@@ -3,24 +3,24 @@
- kdelibs <undetermined>
- kde4libs <undetermined>
- qt4-x11 <undetermined>
- - chromium <itp> (bug #520324)
+ - chromium-browser <itp> (bug #520324)
NOTE: http://trac.webkit.org/changeset/55511
CVE-2010-1236 (Google Chrome before 4.1.249.1036 does not properly restrict
...)
- webkit <unfixed>
- kdelibs <undetermined>
- kde4libs <undetermined>
- qt4-x11 <undetermined>
- - chromium <itp> (bug #520324)
+ - chromium-browser <itp> (bug #520324)
NOTE: http://trac.webkit.org/changeset/55822
CVE-2010-1235 (Unspecified vulnerability in Google Chrome before 4.1.249.1036
allows ...)
- - chromium <itp> (bug #520324)
+ - chromium-browser <itp> (bug #520324)
NOTE: issue in chrome-specific download dialog
CVE-2010-1234 (Unspecified vulnerability in Google Chrome before 4.1.249.1036
allows ...)
- - chromium <itp> (bug #520324)
+ - chromium-browser <itp> (bug #520324)
NOTE: chrome-specific and claimed windows-only
CVE-2010-1233 (Multiple integer overflows in Google Chrome before 4.1.249.1036
allow ...)
- webkit <not-affected> (v8 and webgl not yet included)
- - chromium <itp> (bug #520324)
+ - chromium-browser <itp> (bug #520324)
NOTE: http://trac.webkit.org/changeset/55376
TODO: recheck as newer webkits get uploaded
CVE-2010-1232 (Google Chrome before 4.1.249.1036 allows remote attackers to
cause a ...)
@@ -28,23 +28,23 @@
- kdelibs <undetermined>
- kde4libs <undetermined>
- qt4-x11 <undetermined>
- - chromium <itp> (bug #520324)
+ - chromium-browser <itp> (bug #520324)
NOTE: http://code.google.com/p/chromium/issues/detail?id=34978
CVE-2010-1231 (Google Chrome before 4.1.249.1036 processes HTTP headers before
...)
- webkit <undetermined>
- kdelibs <undetermined>
- kde4libs <undetermined>
- qt4-x11 <undetermined>
- - chromium <itp> (bug #520324)
+ - chromium-browser <itp> (bug #520324)
TODO: check
CVE-2010-1230 (Google Chrome before 4.1.249.1036 does not have the expected
behavior ...)
- - chromium <itp> (bug #520324)
+ - chromium-browser <itp> (bug #520324)
NOTE: chrome-specific issue
CVE-2010-1229 (The sandbox infrastructure in Google Chrome before 4.1.249.1036
does ...)
- - chromium <itp> (bug #520324)
+ - chromium-browser <itp> (bug #520324)
NOTE: chrome-specific sandboxing issue
CVE-2010-1228 (Multiple race conditions in the sandbox infrastructure in Google
...)
- - chromium <itp> (bug #520324)
+ - chromium-browser <itp> (bug #520324)
NOTE: chrome-specific sandboxing issue
CVE-2010-1227 (Cross-site scripting (XSS) vulnerability in Sun Java System ...)
NOT-FOR-US: Sun Java System Communication Express
@@ -1160,7 +1160,7 @@
CVE-2010-0828 [moin despam action xss]
RESERVED
{DSA-2024-1}
- - moin <unfixed> (low; bug #575995)
+ - moin 1.9.2-3 (low; bug #575995)
CVE-2010-0827
RESERVED
CVE-2010-0826
@@ -9533,7 +9533,7 @@
[lenny] - sun-java5 <no-dsa> (Non-free not supported)
- openjdk-6 6b16-1.6-1 (medium; bug #542210)
CVE-2009-2688 (Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22,
when ...)
- - xemacs21 <unfixed> (low; bug #540470)
+ - xemacs21 21.4.22-3 (low; bug #540470)
[etch] - xemacs21 <no-dsa> (Minor issue, obscure attack vector)
[lenny] - xemacs21 <no-dsa> (Minor issue, obscure attack vector)
CVE-2009-2686 (Unspecified vulnerability in HP NonStop G06.12.00 through
G06.32.00, ...)