Author: jmm-guest Date: 2010-06-17 09:46:36 +0000 (Thu, 17 Jun 2010) New Revision: 14881 Modified: data/CVE/list Log: webkit refs Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-06-17 09:19:29 UTC (rev 14880) +++ data/CVE/list 2010-06-17 09:46:36 UTC (rev 14881) @@ -55,7 +55,7 @@ CVE-2010-2277 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus ...) NOT-FOR-US: IBM Lotus Connections CVE-2010-2276 (The default configuration of the build process in Dojo 0.4.x before ...) - - dojo 1.4.2+dfsg-1 + - dojo <not-affected> (Doesn''t affect the Debian packaging) CVE-2010-2275 (Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js ...) - dojo 1.4.2+dfsg-1 CVE-2010-2274 (Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, ...) @@ -1293,38 +1293,76 @@ RESERVED CVE-2010-1774 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=38261 + NOTE: http://trac.webkit.org/changeset/59495 CVE-2010-1773 RESERVED + - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=39508 + NOTE: http://trac.webkit.org/changeset/59950 CVE-2010-1772 RESERVED + - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=39388 + NOTE: http://trac.webkit.org/changeset/59859 CVE-2010-1771 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=39453 + NOTE: http://trac.webkit.org/changeset/59876 CVE-2010-1770 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=38626 + NOTE: http://trac.webkit.org/changeset/59795 CVE-2010-1769 RESERVED CVE-2010-1768 RESERVED CVE-2010-1767 RESERVED + - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=36843 + NOTE: http://trac.webkit.org/changeset/57041 CVE-2010-1766 RESERVED + - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=36339 + NOTE: http://trac.webkit.org/changeset/56380 CVE-2010-1765 RESERVED + - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=37933 + NOTE: http://trac.webkit.org/changeset/57995 CVE-2010-1764 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=31410 + NOTE: http://trac.webkit.org/changeset/55157 CVE-2010-1763 RESERVED + - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=39008 + NOTE: http://trac.webkit.org/changeset/59486 CVE-2010-1762 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=38922 + NOTE: http://trac.webkit.org/changeset/59241 + NOTE: http://trac.webkit.org/changeset/59242 CVE-2010-1761 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=37760 + NOTE: http://trac.webkit.org/changeset/59263 CVE-2010-1760 RESERVED + - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=37781 + NOTE: http://trac.webkit.org/changeset/58409 CVE-2010-1759 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=38583 + NOTE: http://trac.webkit.org/changeset/59109 CVE-2010-1758 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=28697 + NOTE: http://trac.webkit.org/changeset/59098 CVE-2010-1757 RESERVED CVE-2010-1756 @@ -1343,6 +1381,9 @@ - webkit <undetermined> CVE-2010-1749 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=27193 + NOTE: https://bugs.webkit.org/show_bug.cgi?id=38625 + NOTE: http://trac.webkit.org/changeset/45941 CVE-2010-1748 RESERVED CVE-2010-1747 @@ -2269,80 +2310,169 @@ NOT-FOR-US: JustSystems Ichitaro and Ichitaro Government CVE-2010-1422 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=26824 + NOTE: http://trac.webkit.org/changeset/58829 CVE-2010-1421 (The execCommand JavaScript function in WebKit in Apple Safari before ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=27751 + NOTE: http://trac.webkit.org/changeset/58703 CVE-2010-1420 RESERVED CVE-2010-1419 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=37618 + NOTE: http://trac.webkit.org/changeset/58616 CVE-2010-1418 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=38260 + NOTE: https://bugs.webkit.org/show_bug.cgi?id=36502 + NOTE: https://bugs.webkit.org/show_bug.cgi?id=37031 + NOTE: http://trac.webkit.org/changeset/58844 + NOTE: http://trac.webkit.org/changeset/56651 + NOTE: http://trac.webkit.org/changeset/57627 CVE-2010-1417 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=38001 + NOTE: http://trac.webkit.org/changeset/58201 CVE-2010-1416 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=36838 + NOTE: http://trac.webkit.org/changeset/56810 CVE-2010-1415 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=36000 + NOTE: http://trac.webkit.org/changeset/56420 CVE-2010-1414 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=35818 + NOTE: http://trac.webkit.org/changeset/55783 CVE-2010-1413 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=37230 + NOTE: http://trac.webkit.org/changeset/57232 CVE-2010-1412 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=29635 + NOTE: http://trac.webkit.org/changeset/57759 + NOTE: http://trac.webkit.org/changeset/57817 CVE-2010-1411 [tiff heap overflow] RESERVED - tiff <undetermined> TODO: check CVE-2010-1410 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=35603 + NOTE: http://trac.webkit.org/changeset/55511 CVE-2010-1409 (Incomplete blacklist vulnerability in WebKit in Apple Safari before ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=34451 + NOTE: http://trac.webkit.org/changeset/54193 CVE-2010-1408 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=36571 + NOTE: http://trac.webkit.org/changeset/56489 + NOTE: http://trac.webkit.org/changeset/56492 + NOTE: http://trac.webkit.org/changeset/56879 CVE-2010-1407 RESERVED + - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=36435 + NOTE: http://trac.webkit.org/changeset/56365 CVE-2010-1406 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=30841 + NOTE: http://trac.webkit.org/changeset/50226 + NOTE: http://trac.webkit.org/changeset/50240 CVE-2010-1405 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=36198 + NOTE: http://trac.webkit.org/changeset/56186 CVE-2010-1404 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=35709 + NOTE: http://trac.webkit.org/changeset/53446 CVE-2010-1403 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=35708 + NOTE: http://trac.webkit.org/changeset/53446 CVE-2010-1402 (Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=35598 + NOTE: http://trac.webkit.org/changeset/55182 CVE-2010-1401 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=35353 + NOTE: http://trac.webkit.org/changeset/55196 CVE-2010-1400 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=34734 + NOTE: http://trac.webkit.org/changeset/54521 CVE-2010-1399 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=35599 + NOTE: http://trac.webkit.org/changeset/46437 CVE-2010-1398 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=35305 + NOTE: http://trac.webkit.org/changeset/55167 CVE-2010-1397 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=32842 + NOTE: http://trac.webkit.org/changeset/52034 + NOTE: http://trac.webkit.org/changeset/55114 CVE-2010-1396 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=35621 + NOTE: http://trac.webkit.org/changeset/55462 + NOTE: http://trac.webkit.org/changeset/55465 CVE-2010-1395 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=26868 + NOTE: http://trac.webkit.org/changeset/46068 CVE-2010-1394 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - webkit <undetermined> + NOTE: http://trac.webkit.org/changeset/55203 + NOTE: http://trac.webkit.org/changeset/55212 CVE-2010-1393 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=33683 + NOTE: http://trac.webkit.org/changeset/53607 CVE-2010-1392 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=34641 + NOTE: http://trac.webkit.org/changeset/56297 CVE-2010-1391 (Multiple directory traversal vulnerabilities in the (a) Local Storage ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=36243 + NOTE: http://trac.webkit.org/changeset/56139 CVE-2010-1390 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=29078 + NOTE: http://trac.webkit.org/changeset/49487 CVE-2010-1389 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=30019 + NOTE: https://bugs.webkit.org/show_bug.cgi?id=34148 + NOTE: https://bugs.webkit.org/show_bug.cgi?id=33970 + NOTE: http://trac.webkit.org/changeset/53442 + NOTE: http://trac.webkit.org/changeset/53835 + NOTE: http://trac.webkit.org/changeset/53659 CVE-2010-1388 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6, and ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=28755 + NOTE: http://trac.webkit.org/changeset/47829 CVE-2010-1387 RESERVED + - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=34321 + NOTE: http://trac.webkit.org/changeset/54129 + NOTE: http://trac.webkit.org/changeset/54141 + NOTE: http://trac.webkit.org/changeset/54265 CVE-2010-1386 RESERVED + - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=36255 + NOTE: http://trac.webkit.org/changeset/56188 CVE-2010-1385 (Use-after-free vulnerability in Apple Safari before 5.0 on Mac OS X ...) - webkit <undetermined> CVE-2010-1384 (Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and ...) @@ -3090,7 +3220,10 @@ CVE-2010-1120 (Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows ...) NOT-FOR-US: Apple Type Services CVE-2010-1119 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - TODO: check webkit once details are disclosed + - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=33850 + NOTE: http://trac.webkit.org/changeset/53501 + NOTE: http://trac.webkit.org/changeset/53504 CVE-2010-1118 (Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows ...) NOT-FOR-US: Internet Explorer CVE-2010-1117 (Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows ...) @@ -4819,6 +4952,9 @@ RESERVED CVE-2010-0544 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - webkit <undetermined> + NOTE: https://bugs.webkit.org/show_bug.cgi?id=37662 + NOTE: http://trac.webkit.org/changeset/58792 + NOTE: http://trac.webkit.org/changeset/58796 CVE-2010-0543 RESERVED CVE-2010-0542