Author: gilbert-guest Date: 2011-10-25 00:44:06 +0000 (Tue, 25 Oct 2011) New Revision: 17495 Modified: data/CVE/list Log: libv8 issues fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-10-25 00:18:43 UTC (rev 17494) +++ data/CVE/list 2011-10-25 00:44:06 UTC (rev 17495) @@ -3642,7 +3642,7 @@ [squeeze] - chromium-browser <not-affected> - webkit <not-affected> CVE-2011-2834 (Double free vulnerability in libxml2, as used in Google Chrome before ...) - - libxml2 2.7.8.dfsg-5 (bug #643648) + - libxml2 2.7.8.dfsg-5 (low; bug #643648) [squeeze] - libxml2 <no-dsa> (denial-of-service only issue) CVE-2011-2833 RESERVED @@ -3692,7 +3692,7 @@ - chromium-browser 13.0.782.215~r97094-1 [squeeze] - chromium-browser <not-affected> - webkit <not-affected> (chromium specific) - - libxml2 2.7.8.dfsg-5 (bug #643648) + - libxml2 2.7.8.dfsg-5 (low; bug #643648) [squeeze] - libxml2 <no-dsa> (denial-of-service only issue) CVE-2011-2820 (WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle ...) [squeeze] - chromium-browser <not-affected> @@ -8011,9 +8011,9 @@ CVE-2011-1287 RESERVED CVE-2011-1286 (Google V8, as used in Google Chrome before 10.0.648.127, allows remote ...) - - libv8 <unfixed> (bug #617418) + - libv8 3.1.8.10-1 (bug #617418) CVE-2011-1285 (The regular-expression functionality in Google Chrome before ...) - - libv8 <unfixed> (bug #617418) + - libv8 3.1.8.10-1 (bug #617418) CVE-2011-1284 (Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) ...) NOT-FOR-US: MS Windows CVE-2011-1283 (The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 ...) @@ -8254,7 +8254,7 @@ NOTE: http://trac.webkit.org/changeset/77329 NOTE: popup blocker bypass not treated as a security issue CVE-2011-1193 (Google V8, as used in Google Chrome before 10.0.648.127, allows remote ...) - - libv8 <unfixed> (bug #617418) + - libv8 3.1.8.10-1 (bug #617418) CVE-2011-1192 (Google Chrome before 10.0.648.127 on Linux does not properly handle ...) - chromium-browser 10.0.648.127~r76697-1 [squeeze] - chromium-browser <not-affected> @@ -8288,7 +8288,7 @@ NOTE: http://trac.webkit.org/changeset/77142 TODO: ^ this commit only contains tests for the issue, need commit # for fix CVE-2011-1187 (Google Chrome before 10.0.648.127 allows remote attackers to bypass ...) - - libv8 <unfixed> (bug #617418) + - libv8 3.1.8.10-1 (bug #617418) CVE-2011-1186 (Google Chrome before 10.0.648.127 on Linux does not properly handle ...) - chromium-browser 10.0.648.127~r76697-1 [squeeze] - chromium-browser <not-affected>