Author: henrich Date: 2011-01-15 17:49:00 +0000 (Sat, 15 Jan 2011) New Revision: 15880 Modified: data/CVE/list Log: update for webkit 1.2.6-1 Modified: data/CVE/list ==================================================================--- data/CVE/list 2011-01-15 14:48:57 UTC (rev 15879) +++ data/CVE/list 2011-01-15 17:49:00 UTC (rev 15880) @@ -2161,7 +2161,7 @@ CVE-2010-4207 (Cross-site scripting (XSS) vulnerability in the Flash component ...) - yui 2.8.2r1~squeeze-1 (bug #603513) CVE-2010-4206 (Google Chrome before 7.0.517.44 accesses memory at an out-of-bounds ...) - - webkit <undetermined> + - webkit 1.2.6-1 - chromium-browser 6.0.472.63~r59945-2 NOTE: http://trac.webkit.org/changeset/70652 CVE-2010-4205 (Google Chrome before 7.0.517.44 does not properly handle the data ...) @@ -2170,7 +2170,7 @@ NOTE: https://bugs.webkit.org/show_bug.cgi?id=48159 NOTE: http://trac.webkit.org/changeset/70550 CVE-2010-4204 (Google Chrome before 7.0.517.44 accesses a frame object after this ...) - - webkit <undetermined> + - webkit 1.2.6-1 - chromium-browser 6.0.472.63~r59945-2 NOTE: https://bugs.webkit.org/show_bug.cgi?id=48281 NOTE: http://trac.webkit.org/changeset/70517 @@ -2190,12 +2190,12 @@ - chromium-browser 6.0.472.63~r59945-2 NOTE: http://trac.webkit.org/changeset/69936 CVE-2010-4198 (Google Chrome before 7.0.517.44 does not properly handle large text ...) - - webkit <undetermined> + - webkit 1.2.6-1 - chromium-browser 6.0.472.63~r59945-2 NOTE: http://trac.webkit.org/changeset/69735 NOTE: style fix change set: http://trac.webkit.org/changeset/69801 CVE-2010-4197 (Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows ...) - - webkit <undetermined> + - webkit 1.2.6-1 - chromium-browser 6.0.472.63~r59945-2 NOTE: http://trac.webkit.org/changeset/70594 CVE-2010-4196 @@ -2557,14 +2557,14 @@ CVE-2010-4043 (Opera before 10.63 does not prevent interpretation of a cross-origin ...) NOT-FOR-US: Opera CVE-2010-4042 (Google Chrome before 7.0.517.41 does not properly handle element maps, ...) - - webkit <undetermined> + - webkit 1.2.6-1 - chromium-browser 6.0.472.63~r59945-1 NOTE: http://trac.webkit.org/changeset/68096 CVE-2010-4041 (The sandbox implementation in Google Chrome before 7.0.517.41 on Linux ...) - webkit <not-affected> (issue with chromium sandbox) - chromium-browser 6.0.472.63~r59945-1 CVE-2010-4040 (Google Chrome before 7.0.517.41 does not properly handle animated GIF ...) - - webkit <unfixed> + - webkit 1.2.6-1 [lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps) - chromium-browser 6.0.472.63~r59945-1 NOTE: http://trac.webkit.org/changeset/68446 @@ -3157,10 +3157,10 @@ CVE-2010-3814 (Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in ...) - freetype 2.4.2-2.1 (bug #602221) CVE-2010-3813 (WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and ...) - - webkit <undetermined> + - webkit 1.2.6-1 - chromium-browser <undetermined> CVE-2010-3812 (Integer overflow in the wholeText method in WebKit in Apple Safari ...) - - webkit <unfixed> + - webkit 1.2.6-1 [lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps) - chromium-browser <undetermined> NOTE: http://www.zerodayinitiative.com/advisories/ZDI-10-257 @@ -4685,7 +4685,7 @@ NOTE: http://trac.webkit.org/changeset/66052 CVE-2010-3254 (The WebSockets implementation in Google Chrome before 6.0.472.53 does ...) - chromium-browser 6.0.472.53~r57914-1 - - webkit <unfixed> + - webkit 1.2.6-1 [lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps) NOTE: http://trac.webkit.org/changeset/65135 CVE-2010-3253 (The implementation of notification permissions in Google Chrome before ...) @@ -8513,7 +8513,7 @@ - chromium-browser 6.0.472.59~r59126-1 NOTE: http://trac.webkit.org/changeset/66847 CVE-2010-1824 (Use-after-free vulnerability in WebKit, as used in Google Chrome ...) - - webkit <unfixed> + - webkit 1.2.6-1 [lenny] - webkit <no-dsa> (Unmaintained in Lenny, only affects fringe apps) - chromium-browser 6.0.472.59~r59126-1 NOTE: http://trac.webkit.org/changeset/66795 @@ -8621,7 +8621,7 @@ NOTE: http://trac.webkit.org/changeset/62386 NOTE: Chromium uses a totally different regexp implementation. CVE-2010-1791 (Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac ...) - - webkit <not-affected> + - webkit 1.2.6-1 - chromium-browser <not-affected> NOTE: this is specific to Safari''s JavaScript engine CVE-2010-1790 (WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ...)