Author: gilbert-guest Date: 2010-04-11 20:22:48 +0000 (Sun, 11 Apr 2010) New Revision: 14454 Modified: data/CVE/list Log: bug submitted for webkit issue (and lenny has the vuln code); webkit is affected by gif issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-04-11 18:37:58 UTC (rev 14453) +++ data/CVE/list 2010-04-11 20:22:48 UTC (rev 14454) @@ -262,13 +262,13 @@ NOTE: http://trac.webkit.org/changeset/55511 NOTE: evidence of memory corruption http://code.google.com/p/chromium/issues/detail?id=37061 CVE-2010-1236 (Google Chrome before 4.1.249.1036 does not properly restrict ...) - - webkit <unfixed> - [lenny] - webkit <not-affected> (Vulnerable code not present) + - webkit <unfixed> (bug #577457) - kdelibs <undetermined> - kde4libs <undetermined> - qt4-x11 <undetermined> - chromium-browser <itp> (bug #520324) NOTE: http://trac.webkit.org/changeset/55822 + NOTE: vulnerable code is in KURL.cpp even though the changeset says it is in KURLGoogle.cpp CVE-2010-1235 (Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows ...) - chromium-browser <itp> (bug #520324) NOTE: issue in chrome-specific download dialog @@ -1911,7 +1911,10 @@ - chromium-browser <itp> (bug #520334) CVE-2010-0659 (The image decoder in WebKit before r52833, as used in Google Chrome ...) - chromium-browser <itp> (bug #520334) - - webkit <not-affected> (Chrome-specific vulnerability) + - webkit 1.1.21-1 (low) + - qt4-x11 <undetermined> (low) + - kdelibs <undetermined> (low) + - kde4libs <undetermined> (low) CVE-2010-0658 (Multiple integer overflows in Skia, as used in Google Chrome before ...) - chromium-browser <itp> (bug #520334) CVE-2010-0657 (Google Chrome before 4.0.249.78 on Windows does not perform the ...)