Author: iuculano Date: 2011-10-21 11:54:28 +0000 (Fri, 21 Oct 2011) New Revision: 17473 Modified: data/CVE/list Log: chromium/webkit issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-10-21 11:35:10 UTC (rev 17472) +++ data/CVE/list 2011-10-21 11:54:28 UTC (rev 17473) @@ -3564,10 +3564,13 @@ - webkit <not-affected> (chromium specific) CVE-2011-2848 (Google Chrome before 14.0.835.163 allows user-assisted remote ...) - chromium-browser 14.0.835.163~r101024-1 - - webkit <undetermined> + [squeeze] - chromium-browser <not-affected> + - webkit <not-affected> (chromium specific) CVE-2011-2847 (Use-after-free vulnerability in the document loader in Google Chrome ...) - chromium-browser 14.0.835.163~r101024-1 + [squeeze] - chromium-browser <not-affected> - webkit <undetermined> + NOTE: http://trac.webkit.org/changeset/93521 CVE-2011-2846 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 ...) - chromium-browser 14.0.835.163~r101024-1 - webkit <undetermined> @@ -3575,33 +3578,41 @@ RESERVED CVE-2011-2844 (Google Chrome before 14.0.835.163 does not properly process MP3 files, ...) - chromium-browser 14.0.835.163~r101024-1 - - webkit <undetermined> + [squeeze] - chromium-browser <not-affected> + - webkit <not-affected> + TODO: check ffmpeg, http://src.chromium.org/viewvc/chrome?view=rev&revision=88382 CVE-2011-2843 (Google Chrome before 14.0.835.163 does not properly handle media ...) - chromium-browser 14.0.835.163~r101024-1 - - webkit <undetermined> + [squeeze] - chromium-browser <not-affected> + - webkit <not-affected> (chromium specific) CVE-2011-2842 (The installer in Google Chrome before 14.0.835.163 on Mac OS X does ...) - - chromium-browser <undetermined> - - webkit <undetermined> + - chromium-browser <not-affected> + - webkit <not-affected> CVE-2011-2841 (Google Chrome before 14.0.835.163 does not properly perform garbage ...) - - chromium-browser <undetermined> - - webkit <undetermined> + - chromium-browser <not-affected> (pdf plugin) + - webkit <not-affected> CVE-2011-2840 (Google Chrome before 14.0.835.163 allows user-assisted remote ...) - chromium-browser 14.0.835.163~r101024-1 + [squeeze] - chromium-browser <not-affected> - webkit <undetermined> + NOTE: http://trac.webkit.org/changeset/90164 CVE-2011-2839 (The PDF implementation in Google Chrome before 13.0.782.215 on Linux ...) - chromium-browser <not-affected> (Pdf plugin) CVE-2011-2838 (Google Chrome before 14.0.835.163 does not properly consider the MIME ...) - chromium-browser 14.0.835.163~r101024-1 - - webkit <undetermined> + [squeeze] - chromium-browser <not-affected> + - webkit <not-affected> (chromium specific) CVE-2011-2837 (Google Chrome before 14.0.835.163 on Linux does not use the PIC and ...) - chromium-browser 14.0.835.163~r101024-1 - - webkit <undetermined> + [squeeze] - chromium-browser <not-affected> + - webkit <not-affected> (chromium specific) CVE-2011-2836 (Google Chrome before 14.0.835.163 does not require Infobar interaction ...) - - chromium-browser 14.0.835.163~r101024-1 - - webkit <undetermined> + - chromium-browser 14.0.835.163~r101024-1 (unimportant) + - webkit <not-affected> (chromium specific) CVE-2011-2835 (Race condition in Google Chrome before 14.0.835.163 allows attackers ...) - chromium-browser 14.0.835.163~r101024-1 - - webkit <undetermined> + [squeeze] - chromium-browser <not-affected> + - webkit <not-affected> CVE-2011-2834 (Double free vulnerability in libxml2, as used in Google Chrome before ...) - libxml2 2.7.8.dfsg-5 (bug #643648) CVE-2011-2833