Author: jmm-guest Date: 2010-11-02 22:09:15 +0000 (Tue, 02 Nov 2010) New Revision: 15555 Modified: data/CVE/list Log: - monotone fixed, not in Lenny - new rails issue only affects more recent releases - remove a few historic webkit TODOs - two freetype issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-11-02 14:22:28 UTC (rev 15554) +++ data/CVE/list 2010-11-02 22:09:15 UTC (rev 15555) @@ -105,7 +105,8 @@ CVE-2010-4099 (ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is ...) NOT-FOR-US: NitroSecurity NitroView CVE-2010-4098 (monotone before 0.48.1, when configured to allow remote commands, ...) - TODO: check + - monotone 0.48-3 + [lenny] - monotone <not-affected> (Vulnerable feature introduced in 0.46) CVE-2010-4097 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in ...) NOT-FOR-US: Aardvark Topsites PHP CVE-2010-4095 (Directory traversal vulnerability in the FTP client in Serengeti ...) @@ -494,7 +495,7 @@ CVE-2010-3934 (The browser in Research In Motion (RIM) BlackBerry Device Software ...) NOT-FOR-US: BlackBerry Device Software CVE-2010-3933 (Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested ...) - TODO: check + - rails <not-affected> (Only affects >= 2.3.9, which is not yet in the archive) CVE-2010-3932 RESERVED CVE-2010-3931 @@ -664,6 +665,7 @@ [squeeze] - eglibc 2.11.2-6+squeeze1 CVE-2010-3855 RESERVED + - freetype <unfixed> (bug filed) CVE-2010-3854 RESERVED CVE-2010-3853 @@ -789,6 +791,7 @@ RESERVED CVE-2010-3814 RESERVED + - freetype <unfixed> (bug filed) CVE-2010-3813 RESERVED CVE-2010-3812 @@ -1156,7 +1159,7 @@ CVE-2010-3655 (Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player ...) NOT-FOR-US: Adobe Shockwave Player CVE-2010-3654 (Adobe Flash Player 10.1.85.3 and earlier on Windows, Mac OS X, Linux, ...) - TODO: check + NOT-FOR-US: Adobe Flash CVE-2010-3653 (The Director module (dirapi.dll) in Adobe Shockwave Player before ...) NOT-FOR-US: Adobe Shockwave CVE-2010-3652 @@ -1345,7 +1348,7 @@ NOTE: http://code.google.com/p/pyftpdlib/issues/detail?id=104 CVE-2010-3493 (Multiple race conditions in smtpd.py in the smtpd module in Python ...) - python3.1 3.1.2+20100829-1 - - python2.6 <unfixed> (low; bug #601690) + - python2.6 2.6.6-1 (low; bug #601690) - python2.5 <unfixed> [lenny] - python2.5 <no-dsa> (Minor issue) CVE-2010-3492 (The asyncore module in Python before 3.2 does not properly handle ...) @@ -4845,7 +4848,6 @@ CVE-2010-2264 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple ...) - webkit <undetermined> - chromium-browser 6.0.466.0~r52279-1 - TODO: someone with access to webkit security list please track down commit NOTE: This is a large series of risky behaviour-changing changesets. NOTE: upstream changelog says this is fixed in 1.2.3, but i''m doubtful of that CVE-2010-2263 (nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on ...) @@ -5685,7 +5687,6 @@ CVE-2010-1940 (Apple Safari 4.0.5 on Windows sends the "Authorization: Basic" header ...) - chromium-browser <not-affected> - webkit <not-affected> - TODO: someone with access to the webkit security list please track down commit NOTE: Safari-specific. Chromium and Safari have totally separate HTTP stacks. CVE-2010-1939 (Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows ...) - chromium-browser <not-affected> @@ -6156,7 +6157,6 @@ - webkit <undetermined> - chromium-browser <undetermined> NOTE: claimed fixed in upstream webkit 1.2.4 changelog, but no info currently available - TODO: check CVE-2010-1780 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on ...) - webkit 1.2.5-1 - chromium-browser 5.0.375.125~r53311-1 @@ -6202,7 +6202,6 @@ CVE-2010-1769 (WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 ...) - webkit <undetermined> - chromium-browser 5.0.375.55~r47796-1 - TODO: someone with access to the webkit security list please track down commit CVE-2010-1768 (Unspecified vulnerability in Apple iTunes before 9.1 allows local ...) NOT-FOR-US: Apple iTunes CVE-2010-1767 (Cross-site request forgery (CSRF) vulnerability in ...) @@ -6234,7 +6233,6 @@ - chromium-browser 5.0.375.55~r47796-1 NOTE: https://bugs.webkit.org/show_bug.cgi?id=39008 NOTE: http://trac.webkit.org/changeset/59486 - TODO: recheck newer webkit uploads CVE-2010-1762 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - webkit 1.2.2-1 - chromium-browser 5.0.375.55~r47796-1 @@ -6267,7 +6265,6 @@ NOTE: is CVE-2010-2441 a dup of this? NOTE: chromium-sec don''t have info NOTE: Sounds like it could be iPhone specific - TODO: someone with access to the webkit security list please track down the commit CVE-2010-1756 (The Settings application in Apple iOS before 4 on the iPhone and iPod ...) NOT-FOR-US: Apple iPhone CVE-2010-1755 (Safari in Apple iOS before 4 on the iPhone and iPod touch does not ...) @@ -6286,7 +6283,6 @@ NOTE: apple hasn''t disclosed enough info to check NOTE: From Apple''s advisory: "This issue does not affect Mac OS X systems." Implies it may be outside of WebKit NOTE: chromium-sec don''t have info - TODO: someone with access to the webkit security list please track down the commit CVE-2010-1749 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit 1.2.1-2 - chromium-browser 5.0.342.9~r43360-1