Author: derevko-guest Date: 2009-08-09 13:04:27 +0000 (Sun, 09 Aug 2009) New Revision: 12527 Modified: data/CVE/list Log: CVE-2009-1725: kde4libs and kdelibs are not affected Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-08-09 11:52:56 UTC (rev 12526) +++ data/CVE/list 2009-08-09 13:04:27 UTC (rev 12527) @@ -2714,8 +2714,9 @@ CVE-2009-1725 (WebKit in Apple Safari before 4.0.2 does not properly handle numeric ...) - webkit <unfixed> (medium; bug #538346) - qt4-x11 <unfixed> (medium; bug #538347) - - kdelibs <unfixed> (medium; bug #538350) - - kde4libs 4:4.3.0-1 (medium; bug #538349) + - kdelibs <not-affected> (medium; bug #538350) + - kde4libs <not-affected> (medium; bug #538349) + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=513813#c18 NOTE: patch http://trac.webkit.org/changeset/44799/ NOTE: PoC https://cevans-app.appspot.com/static/webkitentityoffbyone.html CVE-2009-1724 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)