Author: derevko-guest Date: 2010-05-14 13:11:05 +0000 (Fri, 14 May 2010) New Revision: 14693 Modified: data/CVE/list Log: CVE-2010-1152 fixed in memcached 1.4.5-1 chromium-browser triage Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-05-13 23:53:46 UTC (rev 14692) +++ data/CVE/list 2010-05-14 13:11:05 UTC (rev 14693) @@ -482,9 +482,10 @@ CVE-2010-1732 (Cross-site request forgery (CSRF) vulnerability in the users module in ...) NOT-FOR-US: Zikula Application Framework CVE-2010-1731 (Google Chrome on the HTC Hero allows remote attackers to cause a ...) - - chromium-browser <unfixed> + - chromium-browser <unfixed> (unimportant) NOTE: various crashes on window close after opening the file on chromium (including sometimes segfaults) NOTE: CVE-2010-1729/1730/1731 are the same issue but with different effects + NOTE: Browser DoS not treated as security issues CVE-2010-1730 (Dolphin Browser 2.5.0 on the HTC Hero allows remote attackers to cause ...) - kdelibs <undetermined> - kde4libs <undetermined> @@ -636,14 +637,11 @@ CVE-2010-1666 RESERVED CVE-2010-1665 (Google Chrome before 4.1.249.1064 does not properly handle fonts, ...) - - chromium-browser <undetermined> - TODO: check + - chromium-browser 5.0.375.29~r46008-1 CVE-2010-1664 (Google Chrome before 4.1.249.1064 does not properly handle HTML5 ...) - - chromium-browser <undetermined> - TODO: check + - chromium-browser 5.0.375.29~r46008-1 CVE-2010-1663 (The Google URL Parsing Library (aka google-url or GURL) in Google ...) - - chromium-browser <undetermined> - TODO: check + - chromium-browser 5.0.375.29~r46008-1 CVE-2010-1662 (Cross-site scripting (XSS) vulnerability in acpmoderate.php in ...) NOT-FOR-US: PHP-Quick-Arcade CVE-2010-1661 (Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) ...) @@ -2012,7 +2010,7 @@ - typo3-src 4.3.3-1 (bug #577993) [lenny] - typo3-src <not-affected> (Only affects 4.3.x) CVE-2010-1152 (memcached.c in memcached before 1.4.3 allows remote attackers to cause ...) - - memcached <unfixed> (medium; bug #579913) + - memcached 1.4.5-1 (medium; bug #579913) CVE-2010-1151 (Race condition in the mod_auth_shadow module for the Apache HTTP ...) - libapache2-mod-auth-shadow <itp> (bug #503184) CVE-2010-1150 (MediaWiki before 1.15.3, and 1.6.x before 1.16.0beta2, does not ...) @@ -2335,8 +2333,7 @@ NOT-FOR-US: HP-UX CVE-2010-1029 (Stack consumption vulnerability in the WebCore::CSSSelector function ...) - webkit <not-affected> (proof-of-concept not effective) - - chromium-browser <undetermined> - TODO: check + - chromium-browser 5.0.375.29~r46008-1 CVE-2010-1027 (SQL injection vulnerability in the Meet Travelmates (travelmate) ...) NOT-FOR-US: travelmate extension for typo3 CVE-2010-1026 (SQL injection vulnerability in the CleanDB - DBAL (tmsw_cleandb) ...) @@ -14877,7 +14874,7 @@ CVE-2009-1516 (Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX ...) NOT-FOR-US: ActiveX CVE-2009-1514 (Google Chrome 1.0.154.53 allows remote attackers to cause a denial of ...) - - chromium-browser <unfixed> (low) + - chromium-browser 5.0.375.38~r46659-1 (low) - webkit <unfixed> (bug #578982) - qt4-x11 <undetermined> - kdebase <undetermined>