Author: gilbert-guest Date: 2010-11-09 03:49:27 +0000 (Tue, 09 Nov 2010) New Revision: 15572 Modified: data/CVE/list Log: more webkit triage Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-11-08 13:59:22 UTC (rev 15571) +++ data/CVE/list 2010-11-09 03:49:27 UTC (rev 15572) @@ -249,16 +249,17 @@ - webkit <undetermined> - chromium-browser <undetermined> CVE-2010-4041 (The sandbox implementation in Google Chrome before 7.0.517.41 on Linux ...) - - webkit <undetermined> + - webkit <not-affected> (issue with chromium sandbox) - chromium-browser <undetermined> CVE-2010-4040 (Google Chrome before 7.0.517.41 does not properly handle animated GIF ...) - - webkit <undetermined> + - webkit <unfixed> - chromium-browser <undetermined> + NOTE: http://trac.webkit.org/changeset/68446 CVE-2010-4039 (Google Chrome before 7.0.517.41 on Linux does not properly set the ...) - - webkit <undetermined> + - webkit <not-affected> (chromium-specifc LD_LIBRARY_PATH issue) - chromium-browser <undetermined> CVE-2010-4038 (The Web Sockets implementation in Google Chrome before 7.0.517.41 does ...) - - webkit <undetermined> + - webkit <not-affected> (issue in chromium code base) - chromium-browser <undetermined> CVE-2010-4037 (Unspecified vulnerability in Google Chrome before 7.0.517.41 allows ...) - webkit <undetermined> @@ -267,14 +268,16 @@ - webkit <undetermined> - chromium-browser <undetermined> CVE-2010-4035 (Google Chrome before 7.0.517.41 does not properly perform autofill ...) - - webkit <undetermined> + - webkit <not-affected> (issue in chromium code base) - chromium-browser <undetermined> CVE-2010-4034 (Google Chrome before 7.0.517.41 does not properly handle forms, which ...) - - webkit <undetermined> + - webkit <not-affected> (issue in chromium code base) - chromium-browser <undetermined> CVE-2010-4033 (Google Chrome before 7.0.517.41 does not properly implement the ...) - - webkit <undetermined> + - webkit <not-affected> (issue in gestures, which resides in the webkit codebase, but is only used by chromium right now) - chromium-browser <undetermined> + NOTE: http://trac.webkit.org/changeset/63786 + NOTE: http://trac.webkit.org/changeset/67240 CVE-2010-4032 NOT-FOR-US: HP Insight Control Performance Management CVE-2010-4031 @@ -988,8 +991,9 @@ CVE-2010-3731 (Buffer overflow in the Administration Server component in IBM DB2 UDB ...) NOT-FOR-US: IBM DB2 UDB 9.5 CVE-2010-3730 (Google Chrome before 6.0.472.62 does not properly use information ...) - - webkit <undetermined> + - webkit <not-affected> (issue in libv8) - chromium-browser 6.0.472.62~r59676-1 + - libv8 <undetermined> NOTE: https://bugs.webkit.org/show_bug.cgi?id=45700 NOTE: http://trac.webkit.org/changeset/67509 CVE-2010-3729 (The SPDY protocol implementation in Google Chrome before 6.0.472.62 ...) @@ -1834,12 +1838,12 @@ - webkit <not-affected> (chromium specific) - chromium-browser 6.0.472.59~r59126-1 CVE-2010-3416 (Google Chrome before 6.0.472.59 on Linux does not properly implement ...) - - webkit <undetermined> + - webkit <not-affected> (issue in chromium-specific code) - chromium-browser 6.0.472.59~r59126-1 NOTE: https://bugs.webkit.org/show_bug.cgi?id=44960 NOTE: http://trac.webkit.org/changeset/66689 CVE-2010-3415 (Google Chrome before 6.0.472.59 does not properly implement ...) - - webkit <undetermined> + - webkit <not-affected> (issue in chromium-specific code) - chromium-browser 6.0.472.59~r59126-1 NOTE: https://bugs.webkit.org/show_bug.cgi?id=45112 NOTE: http://trac.webkit.org/changeset/66837 @@ -2228,11 +2232,12 @@ NOTE: chromium specific CVE-2010-3255 (Google Chrome before 6.0.472.53 does not properly handle counter ...) - chromium-browser 6.0.472.53~r57914-1 - - webkit <undetermined> - NOTE: https://bugs.webkit.org/show_bug.cgi?id=43812 http://trac.webkit.org/changeset/66052 + - webkit 1.2.5-1 + NOTE: https://bugs.webkit.org/show_bug.cgi?id=43812 + NOTE: http://trac.webkit.org/changeset/66052 CVE-2010-3254 (The WebSockets implementation in Google Chrome before 6.0.472.53 does ...) - chromium-browser 6.0.472.53~r57914-1 - - webkit <undetermined> + - webkit <unfixed> NOTE: http://trac.webkit.org/changeset/65135 CVE-2010-3253 (The implementation of notification permissions in Google Chrome before ...) - chromium-browser 6.0.472.53~r57914-1 @@ -2254,11 +2259,11 @@ NOTE: chromium specific CVE-2010-3249 (Google Chrome before 6.0.472.53 does not properly implement SVG ...) - chromium-browser 6.0.472.53~r57914-1 - - webkit <undetermined> + - webkit <unfixed> NOTE: http://trac.webkit.org/changeset/60541 CVE-2010-3248 (Google Chrome before 6.0.472.53 does not properly restrict copying to ...) - chromium-browser 6.0.472.53~r57914-1 - - webkit <undetermined> + - webkit 1.2.5-1 NOTE: http://trac.webkit.org/changeset/58703 CVE-2010-3247 (Google Chrome before 6.0.472.53 does not properly restrict the ...) - chromium-browser 6.0.472.53~r57914-1 @@ -2266,7 +2271,7 @@ NOTE: chromium specific CVE-2010-3246 (Google Chrome before 6.0.472.53 does not properly handle the _blank ...) - chromium-browser 6.0.472.53~r57914-1 - - webkit <undetermined> + - webkit <not-affected> (vulnerable code not present in 1.2.x series) NOTE: https://bugs.webkit.org/show_bug.cgi?id=34541 https://bugs.webkit.org/show_bug.cgi?id=44969 NOTE: http://trac.webkit.org/changeset/66742 CVE-2010-3245 (The automated-backup functionality in Blackboard Transact Suite ...) @@ -3197,7 +3202,6 @@ - chromium-browser 5.0.375.125~r53311-1 NOTE: https://bugs.webkit.org/show_bug.cgi?id=38977 NOTE: http://trac.webkit.org/changeset/62134 - NOTE: duplicate of cve-2010-1783 CVE-2010-2898 (Google Chrome before 5.0.375.125 does not properly mitigate an ...) - webkit <not-affected> (chromium specific issue) - chromium-browser 5.0.375.125~r53311-1 @@ -6023,11 +6027,11 @@ CVE-2010-1826 RESERVED CVE-2010-1825 (Use-after-free vulnerability in WebKit, as used in Google Chrome ...) - - webkit <undetermined> + - webkit <unfixed> - chromium-browser 6.0.472.59~r59126-1 NOTE: http://trac.webkit.org/changeset/66847 CVE-2010-1824 (Use-after-free vulnerability in WebKit, as used in Google Chrome ...) - - webkit <undetermined> + - webkit <unfixed> - chromium-browser 6.0.472.59~r59126-1 NOTE: http://trac.webkit.org/changeset/66795 CVE-2010-1823 (Use-after-free vulnerability in WebKit before r65958, as used in ...) @@ -6036,7 +6040,7 @@ NOTE: http://trac.webkit.org/changeset/65958 TODO: recheck chromium, was wrong commit CVE-2010-1822 (WebKit, as used in Google Chrome before 6.0.472.62, does not properly ...) - - webkit <undetermined> + - webkit <not-affected> (rendererIsNeeded function not present in 1.2.x series) - chromium-browser 6.0.472.62~r59676-1 CVE-2010-1821 RESERVED @@ -6086,6 +6090,8 @@ CVE-2010-1806 (Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x ...) - webkit <undetermined> - chromium-browser 5.0.375.127~r55887-1 + NOTE: http://trac.webkit.org/changeset/63772 + NOTE: duplicate of cve-2010-1782 CVE-2010-1805 (Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 ...) - webkit <not-affected> (windows-specific issue) - chromium-browser <not-affected> (windows-specific issue) @@ -6165,7 +6171,6 @@ CVE-2010-1783 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...) - webkit <undetermined> - chromium-browser 5.0.375.127~r55887-1 - NOTE: duplicated as cve-2010-2899 NOTE: (Chromium Sec) This seems a duplicate of CVE-2010-3114 CVE-2010-1782 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...) - webkit 1.2.4-1 @@ -6299,11 +6304,7 @@ CVE-2010-1751 (Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch ...) NOT-FOR-US: Apple Application Sandbox CVE-2010-1750 (Use-after-free vulnerability in Apple Safari before 5.0 on Windows ...) - - webkit <undetermined> - - chromium-browser <undetermined> - NOTE: apple hasn''t disclosed enough info to check - NOTE: From Apple''s advisory: "This issue does not affect Mac OS X systems." Implies it may be outside of WebKit - NOTE: chromium-sec don''t have info + NOT-FOR-US: Apple Safari CVE-2010-1749 (Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on ...) - webkit 1.2.1-2 - chromium-browser 5.0.342.9~r43360-1