Secure testing commits - Jan 2011 - r15927 - data/CVE

Author: iuculano
Date: 2011-01-19 10:40:41 +0000 (Wed, 19 Jan 2011)
New Revision: 15927

Modified:
   data/CVE/list
Log:
chromium/webkit/libvpx issues

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-01-19 09:14:46 UTC (rev 15926)
+++ data/CVE/list	2011-01-19 10:40:41 UTC (rev 15927)
@@ -1,50 +1,63 @@
 CVE-2011-0485 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
-	- chromium-browser <undetermined>
-	- webkit <undetermined>
+	- chromium-browser 9.0.597.45~r70550-1
+	[squeeze] - chromium-browser <not-affected>
+	- webkit <not-affected> (chromium specific)
 CVE-2011-0484 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-5
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/75082
+	NOTE: http://trac.webkit.org/changeset/75084
 CVE-2011-0483 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-5
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/74787
 CVE-2011-0482 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-5
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/74779
 CVE-2011-0481 (Buffer overflow in Google Chrome before 8.0.552.237 and Chrome
OS ...)
-	- chromium-browser <undetermined>
-	- webkit <undetermined>
+	- chromium-browser <not-affected> (Chrome PDF plugin)
+	- webkit <not-affected> (Chrome PDF plugin)
 CVE-2011-0480 (Multiple buffer overflows in the Vorbis decoder in Google Chrome
...)
 	TODO: check, might affects libvorbis, needs to be checked by code fix
 CVE-2011-0479 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
-	- chromium-browser <undetermined>
-	- webkit <undetermined>
+	- chromium-browser 9.0.597.45~r70550-1
+	[squeeze] - chromium-browser <not-affected>
+	- webkit <not-affected> (chromium specific)
 CVE-2011-0478 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-5
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/74636
 CVE-2011-0477 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
-	- chromium-browser <undetermined>
-	- webkit <undetermined>
+	- chromium-browser 6.0.472.63~r59945-5
+	- webkit <not-affected> (chromium specific)
 CVE-2011-0476 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 ...)
-	- chromium-browser <undetermined>
-	- webkit <undetermined>
+	- chromium-browser <not-affected> (Chrome PDF plugin)
+	- webkit <not-affected> (Chrome PDF plugin)
 CVE-2011-0475 (Use-after-free vulnerability in Google Chrome before 8.0.552.237
and ...)
-	- chromium-browser <undetermined>
-	- webkit <undetermined>
+	- chromium-browser <not-affected> (Chrome PDF plugin)
+	- webkit <not-affected> (Chrome PDF plugin)
 CVE-2011-0474 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-5
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/74574
 CVE-2011-0473 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-5
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/73927
+	NOTE: http://trac.webkit.org/changeset/73937
 CVE-2011-0472 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
-	- chromium-browser <undetermined>
-	- webkit <undetermined>
+	- chromium-browser <not-affected> (Chrome PDF plugin)
+	- webkit <not-affected> (Chrome PDF plugin)
 CVE-2011-0471 (The node-iteration implementation in Google Chrome before
8.0.552.237 ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-5
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/73559
+	NOTE: http://trac.webkit.org/changeset/73620
 CVE-2011-0470 (Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344 do ...)
-	- chromium-browser <undetermined>
-	- webkit <undetermined>
+	- chromium-browser 9.0.597.45~r70550-1
+	[squeeze] - chromium-browser <not-affected>
+	- webkit <not-affected> (chromium specific)
 CVE-2011-0469
 	RESERVED
 CVE-2011-0468
@@ -1546,20 +1559,25 @@
 	- chromium-browser 5.0.375.29~r46008-1 
 	- webkit <not-affected> (never embedded libxml2''s xpath.c)
 CVE-2010-4493 (Use-after-free vulnerability in Google Chrome before 8.0.552.215
...)
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-3
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/72013
 CVE-2010-4492 (Use-after-free vulnerability in Google Chrome before 8.0.552.215
...)
-	- chromium-browser <undetermined>
+	- chromium-browser 6.0.472.63~r59945-3
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/71686
 CVE-2010-4491 (Google Chrome before 8.0.552.215 does not properly restrict
privileged ...)
-	- chromium-browser <undetermined>
+	- chromium-browser 9.0.597.45~r70550-1
+	[squeeze] - chromium-browser <not-affected>
 	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/71533
 CVE-2010-4490 (Google Chrome before 8.0.552.215 allows remote attackers to
cause a ...)
-	- chromium-browser <undetermined>
-	- webkit <undetermined>
+	- chromium-browser 6.0.472.63~r59945-3
+	- webkit <not-affected> (chromium specific issue)
 CVE-2010-4489 (Google Chrome before 8.0.552.215 does not properly handle WebM
video, ...)
-	- chromium-browser <undetermined>
-	- webkit <undetermined>
+	- chromium-browser <not-affected>
+	- webkit <not-affected>
+	- libvpx 0.9.5-1 (bug #610510)
 CVE-2010-4488 (Google Chrome before 8.0.552.215 does not properly handle HTTP
proxy ...)
 	- chromium-browser <unfixed> (unimportant)
 	[squeeze] - chromium-browser <not-affected>