thr3ads.net - Secure testing commits - [Secure-testing-commits] r16358

If this information is useful, please help other people find it:
Share via:
Giuseppe Iuculano
2011-Mar-10 19:22 UTC
[Secure-testing-commits] r16358 - in data: CVE DSA

Author: iuculano
Date: 2011-03-10 19:22:09 +0000 (Thu, 10 Mar 2011)
New Revision: 16358

Modified:
   data/CVE/list
   data/DSA/list
Log:
got CVE id from chromium sec team

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-03-10 17:50:26 UTC (rev 16357)
+++ data/CVE/list	2011-03-10 19:22:09 UTC (rev 16358)
@@ -6,13 +6,6 @@
 	[lenny] - unixodbc <no-dsa> (Minor issue)
 	[squeeze] - unixodbc <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/oss-sec/2011/q1/446
-CVE-2011-XXXX [xslt memory leak]
-	- libxslt <unfixed> (bug #617413)
-	NOTE:
http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html
-	[squeeze] - libxslt <no-dsa> (minor issue)
-	[lenny] - libxslt <no-dsa> (minor issue)
-CVE-2011-XXXX [v8 issues]
-	- libv8 <unfixed> (bug #617418)
 CVE-2011-1322 (The SOAP with Attachments API for Java (SAAJ) implementation in
the ...)
 	TODO: check
 CVE-2011-1321 (The AuthCache purge implementation in the Security component in
IBM ...)
@@ -89,8 +82,10 @@
 	RESERVED
 CVE-2011-1286
 	RESERVED
+	- libv8 <unfixed> (bug #617418)
 CVE-2011-1285
 	RESERVED
+	- libv8 <unfixed> (bug #617418)
 CVE-2011-1284
 	RESERVED
 CVE-2011-1283
@@ -257,44 +252,109 @@
 	RESERVED
 CVE-2011-1204
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	[squeeze] - chromium-browser <no-dsa> (hard merge)
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/79810
 CVE-2011-1203
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/79476
 CVE-2011-1202
 	RESERVED
+	- libxslt <unfixed> (bug #617413)
+	NOTE:
http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html
+	[squeeze] - libxslt <no-dsa> (minor issue)
+	[lenny] - libxslt <no-dsa> (minor issue)
 CVE-2011-1201
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	[squeeze] - chromium-browser <not-affected>
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/78921
 CVE-2011-1200
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	[squeeze] - chromium-browser <not-affected>
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/78744
 CVE-2011-1199
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	[squeeze] - chromium-browser <not-affected>
+	- webkit <undetermined>
+	NOTE: https://trac.webkit.org/changeset/78738
 CVE-2011-1198
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	[squeeze] - chromium-browser <not-affected>
+	- ffmpeg <undetermined>
 CVE-2011-1197
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/79734
 CVE-2011-1196
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	[squeeze] - chromium-browser <not-affected>
+	- ffmpeg <undetermined>
 CVE-2011-1195
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	[squeeze] - chromium-browser <not-affected>
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/78147
 CVE-2011-1194
 	RESERVED
+	- chromium-browser (unimportant)
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/77049
http://trac.webkit.org/changeset/77329
 CVE-2011-1193
 	RESERVED
+	- libv8 <unfixed> (bug #617418)
 CVE-2011-1192
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	[squeeze] - chromium-browser <not-affected>
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/76732
 CVE-2011-1191
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	[squeeze] - chromium-browser <not-affected>
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/76652
 CVE-2011-1190
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/77563
 CVE-2011-1189
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/79689
 CVE-2011-1188
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/77142
 CVE-2011-1187
 	RESERVED
+	- libv8 <unfixed> (bug #617418)
 CVE-2011-1186
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	[squeeze] - chromium-browser <not-affected>
+	- webkit <not-affected> (chromium specific)
 CVE-2011-1185
 	RESERVED
+	- chromium-browser 10.0.648.127~r76697-1
+	[squeeze] - chromium-browser <no-dsa> (minor issue)
+	- webkit <undetermined>
+	NOTE: http://trac.webkit.org/changeset/74853
 CVE-2011-1184
 	RESERVED
 CVE-2011-1183
@@ -412,14 +472,17 @@
 	NOT-FOR-US: FreeBSD/NetBSD libc
 CVE-2011-1125 (Google Chrome before 9.0.597.107 does not properly perform
layout, ...)
 	- chromium-browser 9.0.597.107~r75357-1
+	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (vulnerable code introduced in commit 75823)
 	TODO: recheck once webkit 1.3 enters unstable
 	NOTE: http://trac.webkit.org/changeset/78775
 CVE-2011-1124 (Use-after-free vulnerability in Google Chrome before 9.0.597.107
...)
 	- chromium-browser 9.0.597.107~r75357-1
+	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (Chromium specific)
 CVE-2011-1123 (Google Chrome before 9.0.597.107 does not properly restrict
access to ...)
 	- chromium-browser 9.0.597.107~r75357-1
+	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
 CVE-2011-1122 (The WebGL implementation in Google Chrome before 9.0.597.107
allows ...)
 	- chromium-browser 9.0.597.107~r75357-1
@@ -433,24 +496,29 @@
 	NOTE: http://trac.webkit.org/changeset/77565
 CVE-2011-1120 (The WebGL implementation in Google Chrome before 9.0.597.107
allows ...)
 	- chromium-browser 9.0.597.107~r75357-1
+	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (webgl support not present in 1.2)
 	TODO: recheck webkit 1.3 once its uploaded to unstable
 	NOTE: http://trac.webkit.org/changeset/77956
 CVE-2011-1119 (Google Chrome before 9.0.597.107 does not properly determine
device ...)
 	- chromium-browser 9.0.597.107~r75357-1
+	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (device orientation code/support not present in
1.2)
 	TODO: recheck webkit 1.3 once its uploaded to unstable
 	NOTE: http://trac.webkit.org/changeset/77418
 CVE-2011-1118 (Google Chrome before 9.0.597.107 does not properly handle
TEXTAREA ...)
 	- chromium-browser 9.0.597.107~r75357-1
+	[squeeze] - chromium-browser <not-affected>
 	- webkit <unfixed>
 	NOTE: http://trac.webkit.org/changeset/77144
 CVE-2011-1117 (Google Chrome before 9.0.597.107 does not properly handle XHTML
...)
 	- chromium-browser 9.0.597.107~r75357-1
+	[squeeze] - chromium-browser <not-affected>
 	- webkit <unfixed>
 	NOTE: http://trac.webkit.org/changeset/77262
 CVE-2011-1116 (Google Chrome before 9.0.597.107 does not properly handle SVG
...)
 	- chromium-browser 9.0.597.107~r75357-1
+	[squeeze] - chromium-browser <not-affected>
 	- webkit <unfixed>
 	NOTE: http://trac.webkit.org/changeset/77548
 CVE-2011-1115 (Google Chrome before 9.0.597.107 does not properly render
tables, ...)
@@ -467,14 +535,17 @@
 	- webkit <not-affected> (chromium specific)
 CVE-2011-1112 (Google Chrome before 9.0.597.107 does not properly perform SVG
...)
 	- chromium-browser 9.0.597.107~r75357-1
+	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (Chromium specific)
 CVE-2011-1111 (Google Chrome before 9.0.597.107 does not properly implement
forms ...)
 	- chromium-browser 9.0.597.107~r75357-1
+	[squeeze] - chromium-browser <not-affected>
 	- webkit <unfixed>
 	NOTE: needs port (s/FormAssociatedElement/HTMLFormElement)
 	NOTE: http://trac.webkit.org/changeset/77114
 CVE-2011-1110 (Google Chrome before 9.0.597.107 does not properly implement key
frame ...)
 	- chromium-browser 9.0.597.107~r75357-1
+	[squeeze] - chromium-browser <not-affected>
 	- webkit <not-affected> (vulnerable code not present in 1.2)
 	TODO: check webkit 1.3 once it gets uploaded to unstable
 	NOTE: http://trac.webkit.org/changeset/76828

Modified: data/DSA/list
==================================================================---
data/DSA/list	2011-03-10 17:50:26 UTC (rev 16357)
+++ data/DSA/list	2011-03-10 19:22:09 UTC (rev 16358)
@@ -1,5 +1,5 @@
 [10 Mar 2011] DSA-2189-1 chromium-browser - several
-	{CVE-2011-1108 CVE-2011-1109 CVE-2011-1113 CVE-2011-1114 CVE-2011-1115
CVE-2011-1121 CVE-2011-1122}
+	{CVE-2011-1108 CVE-2011-1109 CVE-2011-1113 CVE-2011-1114 CVE-2011-1115
CVE-2011-1121 CVE-2011-1122 CVE-2011-1188 CVE-2011-1189 CVE-2011-1190
CVE-2011-1197 CVE-2011-1203}
 	[squeeze] - chromium-browser 6.0.472.63~r59945-5+squeeze3
 [10 Mar 2011] DSA-2188-1 webkit - several
 	{CVE-2010-1783 CVE-2010-2901 CVE-2010-4199 CVE-2010-4040 CVE-2010-4492
CVE-2010-4493 CVE-2010-4577 CVE-2010-4578 CVE-2010-0474 CVE-2011-0482
CVE-2011-0778}
Secure testing commits - Mar 2011 - r16358 - in data: CVE DSA

[Secure-testing-commits] r16358 - in data: CVE DSA
