Secure testing commits - Feb 2011 - r16169 - data/CVE

Author: iuculano
Date: 2011-02-16 15:01:18 +0000 (Wed, 16 Feb 2011)
New Revision: 16169

Modified:
   data/CVE/list
Log:
Chromium/webkit issues

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-02-16 13:57:41 UTC (rev 16168)
+++ data/CVE/list	2011-02-16 15:01:18 UTC (rev 16169)
@@ -139,15 +139,25 @@
 	- phpmyadmin 4:3.3.9.2-1 (unimportant)
 	NOTE: Path disclosure; paths in Debian are public info already
 CVE-2011-0985 (Google Chrome before 9.0.597.94 does not properly perform
process ...)
-	TODO: check
+	- chromium-browser 9.0.597.98~r74359-1
+	- webkit <not-affected> (Chromium specific)
 CVE-2011-0984 (Google Chrome before 9.0.597.94 does not properly handle
plug-ins, ...)
-	TODO: check
+	- chromium-browser 9.0.597.98~r74359-1
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/76264
 CVE-2011-0983 (Google Chrome before 9.0.597.94 does not properly handle
anonymous ...)
-	TODO: check
+	- chromium-browser 9.0.597.98~r74359-1
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/75810
 CVE-2011-0982 (Use-after-free vulnerability in Google Chrome before 9.0.597.94
allows ...)
-	TODO: check
+	- chromium-browser 9.0.597.98~r74359-1
+	[squeeze] - chromium-browser <not-affected>
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/76990
 CVE-2011-0981 (Google Chrome before 9.0.597.94 does not properly perform event
...)
-	TODO: check
+	- chromium-browser 9.0.597.98~r74359-1
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/76708
 CVE-2011-0980 (Microsoft Office Excel 2003 does not properly parse Office Art
...)
 	NOT-FOR-US: Microsoft Office Excel 2003
 CVE-2011-0979 (Microsoft Office Excel does not properly handle errors during
the ...)
@@ -545,23 +555,35 @@
 CVE-2011-0785
 	RESERVED
 CVE-2011-0784 (Race condition in Google Chrome before 9.0.597.84 allows remote
...)
-	TODO: check
+	- chromium-browser 9.0.597.84~r72991-1
+	[squeeze] - chromium-browser <not-affected>
+	- webkit <not-affected> (chromium specific)
 CVE-2011-0783 (Unspecified vulnerability in Google Chrome before 9.0.597.84
allows ...)
-	TODO: check
+	- chromium-browser 9.0.597.84~r72991-1
+	- webkit <not-affected> (chromium specific)
 CVE-2011-0782 (Google Chrome before 9.0.597.84 on Mac OS X does not properly
mitigate ...)
-	TODO: check
+	- chromium-browser <not-affected> (mac only)
+	- webkit <not-affected> (chromium specific)
 CVE-2011-0781 (Google Chrome before 9.0.597.84 does not properly handle
autofill ...)
-	TODO: check
+	- chromium-browser 9.0.597.84~r72991-1 (unimportant)
+	- webkit <not-affected> (chromium specific)
 CVE-2011-0780 (The PDF event handler in Google Chrome before 9.0.597.84 does
not ...)
-	TODO: check
+	- chromium-browser <not-affected> (Chrome pdf plugin)
+	- webkit <not-affected> (chromium specific)
 CVE-2011-0779 (Google Chrome before 9.0.597.84 does not properly handle a
missing key ...)
+	- chromium-browser 9.0.597.84~r72991-1
 	TODO: check
 CVE-2011-0778 (Google Chrome before 9.0.597.84 does not properly restrict drag
and ...)
-	TODO: check
+	- chromium-browser 9.0.597.84~r72991-1
+	- webkit <undetermined> 
+	NOTE: http://trac.webkit.org/changeset/71925
 CVE-2011-0777 (Use-after-free vulnerability in Google Chrome before 9.0.597.84
allows ...)
-	TODO: check
+	- chromium-browser 9.0.597.84~r72991-1
+	- webkit <undetermined> 
+	NOTE: http://trac.webkit.org/changeset/72230
 CVE-2011-0776 (The sandbox implementation in Google Chrome before 9.0.597.84 on
Mac ...)
-	TODO: check
+	- chromium-browser 9.0.597.84~r72991-1
+	- webkit <not-affected> (chromium specific)
 CVE-2010-4729 (Zikula before 1.2.3 does not use the authid protection mechanism
for ...)
 	NOT-FOR-US: zikula
 CVE-2010-4728 (Zikula before 1.3.1 uses the rand and srand PHP functions for
random ...)