Secure testing commits - Mar 2010 - r14334 - data/CVE

Author: gilbert-guest
Date: 2010-03-27 16:29:06 +0000 (Sat, 27 Mar 2010)
New Revision: 14334

Modified:
   data/CVE/list
Log:
webkit triage

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-03-27 09:14:33 UTC (rev 14333)
+++ data/CVE/list	2010-03-27 16:29:06 UTC (rev 14334)
@@ -1317,6 +1317,7 @@
 	- qt4-x11 <undetermined> (low)
 	- kdelibs <undetermined> (low)
 	- kde4libs <undetermined> (low)
+	NOTE: http://trac.webkit.org/changeset/52784
 CVE-2010-0650 (WebKit, as used in Google Chrome before 4.0.249.78 and Apple
Safari, ...)
 	- chromium-browser <itp> (bug #520334)
 	- webkit 1.1.21-1 (unimportant)
@@ -3607,50 +3608,63 @@
 	- xar <removed> (bug #572556)
 	[lenny] - xar <no-dsa> (Minor issue)
 CVE-2010-0054 (Use-after-free vulnerability in WebKit in Apple Safari before
4.0.5 ...)
-	- webkit <undetermined> (bug #574064)
+	- webkit 1.1.90-1 (bug #574064)
 	- kde4libs <undetermined>
 	- kdelibs <undetermined>
 	- qt4-x11 <undetermined>
+	NOTE: http://trac.webkit.org/changeset/53812
+	NOTE: http://trac.webkit.org/changeset/53813
+	NOTE: http://trac.webkit.org/changeset/54242
 CVE-2010-0053 (Use-after-free vulnerability in WebKit in Apple Safari before
4.0.5 ...)
-	- webkit <undetermined> (bug #574064)
+	- webkit 1.1.90-1 (bug #574064)
 	- kde4libs <undetermined>
 	- kdelibs <undetermined>
 	- qt4-x11 <undetermined>
+	NOTE: http://trac.webkit.org/changeset/50466
 CVE-2010-0052 (Use-after-free vulnerability in WebKit in Apple Safari before
4.0.5 ...)
-	- webkit <undetermined> (bug #574064)
+	- webkit 1.1.90-1 (bug #574064)
 	- kde4libs <undetermined>
 	- kdelibs <undetermined>
 	- qt4-x11 <undetermined>
+	NOTE: http://trac.webkit.org/changeset/51877
 CVE-2010-0051 (WebKit in Apple Safari before 4.0.5 does not properly validate
the ...)
-	- webkit <undetermined> (bug #574064)
+	- webkit 1.1.21-1 (bug #574064)
 	- kde4libs <undetermined>
 	- kdelibs <undetermined>
 	- qt4-x11 <undetermined>
+	NOTE: http://trac.webkit.org/changeset/52784
+	NOTE: duplicate of CVE-2010-0651
+	TODO: reqest rejection for this CVE
 CVE-2010-0050 (Use-after-free vulnerability in WebKit in Apple Safari before
4.0.5 ...)
-	- webkit <undetermined> (bug #574064)
+	- webkit 1.1.90-1 (bug #574064)
 	- kde4libs <undetermined>
 	- kdelibs <undetermined>
 	- qt4-x11 <undetermined>
+	NOTE: http://trac.webkit.org/changeset/52073
 CVE-2010-0049 (Use-after-free vulnerability in WebKit in Apple Safari before
4.0.5 ...)
-	- webkit <undetermined> (bug #574064)
+	- webkit 1.1.90-1 (bug #574064)
 	- kde4libs <undetermined>
 	- kdelibs <undetermined>
 	- qt4-x11 <undetermined>
+	NOTE: http://trac.webkit.org/changeset/52527
 CVE-2010-0048 (Use-after-free vulnerability in WebKit in Apple Safari before
4.0.5 ...)
-	- webkit <undetermined> (bug #574064)
+	- webkit 1.1.90-1 (bug #574064)
 	- kde4libs <undetermined>
 	- kdelibs <undetermined>
 	- qt4-x11 <undetermined>
+	NOTE: http://trac.webkit.org/changeset/51962
 CVE-2010-0047 (Use-after-free vulnerability in WebKit in Apple Safari before
4.0.5 ...)
-	- webkit <undetermined> (bug #574064)
+	- webkit 1.1.90-1 (bug #574064)
 	- kde4libs <undetermined>
 	- kdelibs <undetermined>
 	- qt4-x11 <undetermined>
+	NOTE: http://trac.webkit.org/changeset/50698
 CVE-2010-0046 (The Cascading Style Sheets (CSS) implementation in WebKit in
Apple ...)
-	- webkit <undetermined> (bug #574064)
+	- webkit 1.1.90-1 (bug #574064)
 	- kde4libs <undetermined>
 	- kdelibs <undetermined>
 	- qt4-x11 <undetermined>
+	NOTE: http://trac.webkit.org/changeset/51727
 CVE-2010-0045 (Apple Safari before 4.0.5 on Windows does not properly validate
...)
 	NOT-FOR-US: Apple Safari
 CVE-2010-0044 (PubSub in Apple Safari before 4.0.5 does not properly implement
use of ...)