Author: gilbert-guest Date: 2011-10-26 23:33:22 +0000 (Wed, 26 Oct 2011) New Revision: 17503 Modified: data/CVE/list Log: track chromium pkcs.txt issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-10-26 21:14:19 UTC (rev 17502) +++ data/CVE/list 2011-10-26 23:33:22 UTC (rev 17503) @@ -89,9 +89,13 @@ CVE-2011-4152 RESERVED CVE-2011-XXXX [nss: Did honour /pkcs11.txt and /secmod.db files by initializatio] - - nss <unfixed> + - nss <unfixed> (low) [lenny] - nss <no-dsa> (Minor issue) [squeeze] - nss <no-dsa> (Minor issue) + - chromium-browser <unfixed> (low) + [lenny] - chromium-browser <no-dsa> (attacker needs to get malicious file into cwd first) + [squeeze] - chromium-browser <no-dsa> (attacker needs to get malicious file into cwd first) + NOTE: http://seclists.org/fulldisclosure/2011/Oct/734 CVE-2011-4151 (The krb5_db2_lockout_audit function in the Key Distribution Center ...) - krb5 <unfixed> (low; bug #646367) [lenny] - krb5 <not-affected> (introduced in 1.8)