thr3ads.net - Secure testing commits - [Secure-testing-commits] r12139

If this information is useful, please help other people find it:
Share via:

Joey Hess

2009-Jun-16 21:14 UTC

[Secure-testing-commits] r12139 - data/CVE

Author: joeyh
Date: 2009-06-16 21:14:13 +0000 (Tue, 16 Jun 2009)
New Revision: 12139

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-06-16 20:14:23 UTC (rev 12138)
+++ data/CVE/list	2009-06-16 21:14:13 UTC (rev 12139)
@@ -1,3 +1,37 @@
+CVE-2009-2073 (Cross-site request forgery (CSRF) vulnerability in Linksys
WRT160N ...)
+	TODO: check
+CVE-2009-2072 (Apple Safari does not require a cached certificate before
displaying a ...)
+	TODO: check
+CVE-2009-2071 (Google Chrome before 1.0.154.53 displays a cached certificate
for a ...)
+	TODO: check
+CVE-2009-2070 (Opera displays a cached certificate for a (1) 4xx or (2) 5xx
CONNECT ...)
+	TODO: check
+CVE-2009-2069 (Microsoft Internet Explorer before 8 displays a cached
certificate for ...)
+	TODO: check
+CVE-2009-2068 (Google Chrome detects http content in https web pages only when
the ...)
+	TODO: check
+CVE-2009-2067 (Opera detects http content in https web pages only when the
top-level ...)
+	TODO: check
+CVE-2009-2066 (Apple Safari detects http content in https web pages only when
the ...)
+	TODO: check
+CVE-2009-2065 (Mozilla Firefox 3.0.10, and possibly other versions, detects
http ...)
+	TODO: check
+CVE-2009-2064 (Microsoft Internet Explorer 8, and possibly other versions,
detects ...)
+	TODO: check
+CVE-2009-2063 (Opera, possibly before 9.25, processes a 3xx HTTP CONNECT
response ...)
+	TODO: check
+CVE-2009-2062 (Apple Safari before 3.2.2 processes a 3xx HTTP CONNECT response
before ...)
+	TODO: check
+CVE-2009-2061 (Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT
response ...)
+	TODO: check
+CVE-2009-2060 (src/net/http/http_transaction_winhttp.cc in Google Chrome before
...)
+	TODO: check
+CVE-2009-2059 (Opera, possibly before 9.25, uses the HTTP Host header to
determine ...)
+	TODO: check
+CVE-2009-2058 (Apple Safari before 3.2.2 uses the HTTP Host header to determine
the ...)
+	TODO: check
+CVE-2009-2057 (Microsoft Internet Explorer before 8 uses the HTTP Host header
to ...)
+	TODO: check
 CVE-2009-2056
 	RESERVED
 CVE-2009-2055
@@ -2637,6 +2671,7 @@
 CVE-2009-1196 (The directory-services functionality in the scheduler in CUPS
1.1.17 ...)
 	TODO: check
 CVE-2009-1195 (The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not
...)
+	{DSA-1816-1}
 	- apache2 2.2.11-6 (low; bug #530834)
 	- apache2-mpm-itk
 	NOTE: apache2-mpm-itk is vulnerable due to static linking

Secure testing commits - Jun 2009 - r12139 - data/CVE

[Secure-testing-commits] r12139 - data/CVE