Author: gilbert-guest Date: 2010-06-29 04:41:12 +0000 (Tue, 29 Jun 2010) New Revision: 14920 Modified: data/CVE/list Log: webkit fixing; new kernel issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-06-28 21:14:20 UTC (rev 14919) +++ data/CVE/list 2010-06-29 04:41:12 UTC (rev 14920) @@ -531,8 +531,9 @@ RESERVED CVE-2010-2249 RESERVED -CVE-2010-2248 +CVE-2010-2248 [os/2 smb issue] RESERVED + - linux-2.6 2.6.32-12 (low) CVE-2010-2247 [makepasswd: insecure passwords generated with default settings] RESERVED - makepasswd 1.10-5 (low; bug #564559) @@ -1694,81 +1695,102 @@ CVE-2010-1775 (Race condition in Passcode Lock in Apple iOS before 4 on the iPhone ...) NOT-FOR-US: Apple iPhone Passcode Lock CVE-2010-1774 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=38261 NOTE: http://trac.webkit.org/changeset/59495 CVE-2010-1773 RESERVED - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=39508 NOTE: http://trac.webkit.org/changeset/59950 CVE-2010-1772 RESERVED - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=39388 NOTE: http://trac.webkit.org/changeset/59859 CVE-2010-1771 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=39453 NOTE: http://trac.webkit.org/changeset/59876 CVE-2010-1770 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=38626 NOTE: http://trac.webkit.org/changeset/59795 CVE-2010-1769 (WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 ...) - webkit <undetermined> + - chromium-browser <undetermined> + TODO: someone with access to the webkit security list please track down commit CVE-2010-1768 RESERVED CVE-2010-1767 RESERVED - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=36843 NOTE: http://trac.webkit.org/changeset/57041 + NOTE: if this is the right commit, then this is a dup of cve-2010-1501 + TODO: request rejection CVE-2010-1766 RESERVED - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=36339 NOTE: http://trac.webkit.org/changeset/56380 CVE-2010-1765 RESERVED - - webkit <undetermined> + - webkit <not-affected> (doesn''t include cf code) + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=37933 NOTE: http://trac.webkit.org/changeset/57995 + TODO: is this commit correct? its labeled as a "build fix" CVE-2010-1764 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=31410 NOTE: http://trac.webkit.org/changeset/55157 CVE-2010-1763 (Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on ...) - - webkit <undetermined> + - webkit <not-affected> (vulnerable code introduced in svn58950, which isn''t included in 1.2.1 yet) + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=39008 NOTE: http://trac.webkit.org/changeset/59486 + TODO: recheck newer webkit uploads CVE-2010-1762 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=38922 NOTE: http://trac.webkit.org/changeset/59241 NOTE: http://trac.webkit.org/changeset/59242 CVE-2010-1761 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=37760 NOTE: http://trac.webkit.org/changeset/59263 CVE-2010-1760 RESERVED - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=37781 NOTE: http://trac.webkit.org/changeset/58409 CVE-2010-1759 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=38583 NOTE: http://trac.webkit.org/changeset/59109 CVE-2010-1758 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=28697 NOTE: http://trac.webkit.org/changeset/59098 CVE-2010-1757 (WebKit in Apple iOS before 4 on the iPhone and iPod touch does not ...) - webkit <undetermined> - chromium-browser <undetermined> - NOTE: is this CVE-2010-2441 a dup of this? - TODO: check + NOTE: is CVE-2010-2441 a dup of this? + TODO: someone with access to the webkit security list please track down the commit CVE-2010-1756 (The Settings application in Apple iOS before 4 on the iPhone and iPod ...) NOT-FOR-US: Apple iPhone CVE-2010-1755 (Safari in Apple iOS before 4 on the iPhone and iPod touch does not ...) @@ -1784,8 +1806,12 @@ NOT-FOR-US: Apple Application Sandbox CVE-2010-1750 (Use-after-free vulnerability in Apple Safari before 5.0 on Windows ...) - webkit <undetermined> + - chromium-browser <undetermined> + NOTE: apple hasn''t disclosed enough info to check + TODO: someone with access to the webkit security list please track down the commit CVE-2010-1749 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=27193 NOTE: https://bugs.webkit.org/show_bug.cgi?id=38625 NOTE: http://trac.webkit.org/changeset/45941 @@ -1982,16 +2008,15 @@ RESERVED CVE-2010-1665 (Google Chrome before 4.1.249.1064 does not properly handle fonts, ...) - chromium-browser 5.0.375.29~r46008-1 - - webkit <unfixed> + - webkit 1.2.1-3 NOTE: http://trac.webkit.org/changeset/58201 CVE-2010-1664 (Google Chrome before 4.1.249.1064 does not properly handle HTML5 ...) - chromium-browser 5.0.375.29~r46008-1 - - webkit <unfixed> + - webkit 1.2.1-3 NOTE: http://trac.webkit.org/changeset/57922 CVE-2010-1663 (The Google URL Parsing Library (aka google-url or GURL) in Google ...) - chromium-browser 5.0.375.29~r46008-1 - - webkit <undetermined> - NOTE: https://bugs.webkit.org/show_bug.cgi?id=37128 but access is restricted + - webkit <not-affected> (issue is in google url; i.e. chromium-specific) CVE-2010-1662 (Cross-site scripting (XSS) vulnerability in acpmoderate.php in ...) NOT-FOR-US: PHP-Quick-Arcade CVE-2010-1661 (Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) ...) @@ -2422,7 +2447,7 @@ - webkit <not-affected> (chromium-specific directory traversal) CVE-2010-1501 (Cross-site request forgery (CSRF) vulnerability in Google Chrome ...) - chromium-browser 5.0.375.29~r46008-1 - - webkit <unfixed> + - webkit 1.2.1-3 [lenny] - webkit <not-affected> (introduced in r47291) - qt4-x11 <undetermined> - kdelibs <undetermined> @@ -2725,21 +2750,25 @@ CVE-2010-1424 (Unspecified vulnerability in JustSystems Ichitaro and Ichitaro ...) NOT-FOR-US: JustSystems Ichitaro and Ichitaro Government CVE-2010-1422 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=26824 NOTE: http://trac.webkit.org/changeset/58829 CVE-2010-1421 (The execCommand JavaScript function in WebKit in Apple Safari before ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=27751 NOTE: http://trac.webkit.org/changeset/58703 CVE-2010-1420 RESERVED CVE-2010-1419 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=37618 NOTE: http://trac.webkit.org/changeset/58616 CVE-2010-1418 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=38260 NOTE: https://bugs.webkit.org/show_bug.cgi?id=36502 NOTE: https://bugs.webkit.org/show_bug.cgi?id=37031 @@ -2747,27 +2776,35 @@ NOTE: http://trac.webkit.org/changeset/56651 NOTE: http://trac.webkit.org/changeset/57627 CVE-2010-1417 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=38001 NOTE: http://trac.webkit.org/changeset/58201 + NOTE: if this commit is correct, this is a dup of cve-2010-1665 + TODO: request rejection CVE-2010-1416 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=36838 NOTE: http://trac.webkit.org/changeset/56810 CVE-2010-1415 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=36000 NOTE: http://trac.webkit.org/changeset/56420 CVE-2010-1414 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=35818 NOTE: http://trac.webkit.org/changeset/55783 CVE-2010-1413 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - - webkit <undetermined> + - webkit <not-affected> (affected cf/iss code is not present) + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=37230 NOTE: http://trac.webkit.org/changeset/57232 CVE-2010-1412 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=29635 NOTE: http://trac.webkit.org/changeset/57759 NOTE: http://trac.webkit.org/changeset/57817 @@ -2775,96 +2812,119 @@ - tiff <undetermined> TODO: check CVE-2010-1410 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=35603 NOTE: http://trac.webkit.org/changeset/55511 CVE-2010-1409 (Incomplete blacklist vulnerability in WebKit in Apple Safari before ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=34451 NOTE: http://trac.webkit.org/changeset/54193 CVE-2010-1408 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=36571 NOTE: http://trac.webkit.org/changeset/56489 NOTE: http://trac.webkit.org/changeset/56492 NOTE: http://trac.webkit.org/changeset/56879 CVE-2010-1407 (WebKit in Apple iOS before 4 on the iPhone and iPod touch does not ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=36435 NOTE: http://trac.webkit.org/changeset/56365 CVE-2010-1406 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=30841 NOTE: http://trac.webkit.org/changeset/50226 NOTE: http://trac.webkit.org/changeset/50240 CVE-2010-1405 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=36198 NOTE: http://trac.webkit.org/changeset/56186 CVE-2010-1404 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=35709 NOTE: http://trac.webkit.org/changeset/53446 CVE-2010-1403 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=35708 NOTE: http://trac.webkit.org/changeset/53446 + TODO: ^ this seems to be the commit for cve-2010-1404. what is the right one? CVE-2010-1402 (Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=35598 NOTE: http://trac.webkit.org/changeset/55182 CVE-2010-1401 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=35353 NOTE: http://trac.webkit.org/changeset/55196 CVE-2010-1400 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=34734 NOTE: http://trac.webkit.org/changeset/54521 CVE-2010-1399 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=35599 NOTE: http://trac.webkit.org/changeset/46437 CVE-2010-1398 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=35305 NOTE: http://trac.webkit.org/changeset/55167 CVE-2010-1397 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=32842 NOTE: http://trac.webkit.org/changeset/52034 NOTE: http://trac.webkit.org/changeset/55114 CVE-2010-1396 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=35621 NOTE: http://trac.webkit.org/changeset/55462 NOTE: http://trac.webkit.org/changeset/55465 CVE-2010-1395 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=26868 NOTE: http://trac.webkit.org/changeset/46068 CVE-2010-1394 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: http://trac.webkit.org/changeset/55203 NOTE: http://trac.webkit.org/changeset/55212 CVE-2010-1393 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=33683 NOTE: http://trac.webkit.org/changeset/53607 CVE-2010-1392 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=34641 NOTE: http://trac.webkit.org/changeset/56297 CVE-2010-1391 (Multiple directory traversal vulnerabilities in the (a) Local Storage ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=36243 NOTE: http://trac.webkit.org/changeset/56139 CVE-2010-1390 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=29078 NOTE: http://trac.webkit.org/changeset/49487 CVE-2010-1389 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=30019 NOTE: https://bugs.webkit.org/show_bug.cgi?id=34148 NOTE: https://bugs.webkit.org/show_bug.cgi?id=33970 @@ -2872,24 +2932,31 @@ NOTE: http://trac.webkit.org/changeset/53835 NOTE: http://trac.webkit.org/changeset/53659 CVE-2010-1388 (WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6, and ...) - - webkit <undetermined> + - webkit <not-affected> (issue in mac-specific code) + - chromium-browser <not-affected> (issue in mac-specific code) NOTE: https://bugs.webkit.org/show_bug.cgi?id=28755 NOTE: http://trac.webkit.org/changeset/47829 CVE-2010-1387 (Use-after-free vulnerability in JavaScriptCore in WebKit in Apple ...) - - webkit <undetermined> + - webkit 1.2.1-2 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=34321 NOTE: http://trac.webkit.org/changeset/54129 NOTE: http://trac.webkit.org/changeset/54141 NOTE: http://trac.webkit.org/changeset/54265 CVE-2010-1386 RESERVED - - webkit <undetermined> + - webkit 1.2.1-3 + - chromium-browser <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=36255 NOTE: http://trac.webkit.org/changeset/56188 CVE-2010-1385 (Use-after-free vulnerability in Apple Safari before 5.0 on Mac OS X ...) - webkit <undetermined> + - chromium-browser <undetermined> + NOTE: not enough info disclosed to be able to check CVE-2010-1384 (Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and ...) - webkit <undetermined> + - chromium-browser <undetermined> + NOTE: not enough info disclosed to be able to check CVE-2010-1383 RESERVED CVE-2010-1382 (Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac ...) @@ -3652,7 +3719,7 @@ CVE-2010-1120 (Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows ...) NOT-FOR-US: Apple Type Services CVE-2010-1119 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - - webkit <undetermined> + - webkit 1.2.1-1 NOTE: https://bugs.webkit.org/show_bug.cgi?id=33850 NOTE: http://trac.webkit.org/changeset/53501 NOTE: http://trac.webkit.org/changeset/53504 @@ -5398,7 +5465,7 @@ CVE-2010-0545 (The Finder in DesktopServices in Apple Mac OS X 10.5.8, and 10.6 ...) NOT-FOR-US: Apple Mac OS X CVE-2010-0544 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...) - - webkit <undetermined> + - webkit 1.2.1-1 NOTE: https://bugs.webkit.org/show_bug.cgi?id=37662 NOTE: http://trac.webkit.org/changeset/58792 NOTE: http://trac.webkit.org/changeset/58796