Author: gilbert-guest Date: 2009-09-17 20:04:36 +0000 (Thu, 17 Sep 2009) New Revision: 12840 Modified: data/CVE/list data/embedded-code-copies Log: webkit stuff Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-09-17 18:56:46 UTC (rev 12839) +++ data/CVE/list 2009-09-17 20:04:36 UTC (rev 12840) @@ -1,3 +1,6 @@ +CVE-2009-XXXX [webkit: potential ssl certificate null character stripping vulnerability] + - webkit <unfixed> (medium; bug #547217) + TODO: asked maintainer to check; follow-up CVE-2009-3234 [Buffer overflow in performance counters] - linux-2.6 <not-affected> (Introduced in 2.6.31) - linux-2.6.24 <removed> @@ -1493,7 +1496,8 @@ CVE-2009-2798 (Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows ...) NOT-FOR-US: Apple QuickTime CVE-2009-2797 (The WebKit component in Safari in Apple iPhone OS before 3.1, and ...) - NOT-FOR-US: Safari in Apple iPhone OS + - webkit <unfixed> (medium) + TODO: someone needs to gain membership to the webkit security list so we can actually check these issues CVE-2009-2796 (The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for ...) NOT-FOR-US: Apple iPhone OS CVE-2009-2795 (Heap-based buffer overflow in the Recovery Mode component in Apple ...) @@ -3494,7 +3498,8 @@ NOTE: http://trac.webkit.org/changeset/44905 NOTE: http://trac.webkit.org/changeset/44909 CVE-2009-2199 (Incomplete blacklist vulnerability in WebKit in Apple Safari before ...) - NOT-FOR-US: Apple Safari + - webkit <unfixed> (medium) + TODO: someone needs to gain membership to the webkit security list so we can actually check these issues CVE-2009-2198 (Apple GarageBand before 5.1 reconfigures Safari to accept all cookies ...) NOT-FOR-US: Apple GarageBand CVE-2009-2197 Modified: data/embedded-code-copies ==================================================================--- data/embedded-code-copies 2009-09-17 18:56:46 UTC (rev 12839) +++ data/embedded-code-copies 2009-09-17 20:04:36 UTC (rev 12840) @@ -932,3 +932,6 @@ pidgin - gaim <old-version> + +icu + - webkit <unfixed> (embed; bug #547214) [./WebCore/icu/*]