Author: gilbert-guest
Date: 2011-03-17 01:34:28 +0000 (Thu, 17 Mar 2011)
New Revision: 16392
Modified:
data/CVE/list
Log:
triage more incoming webkit issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-03-16 22:07:42 UTC (rev 16391)
+++ data/CVE/list 2011-03-17 01:34:28 UTC (rev 16392)
@@ -259,7 +259,8 @@
RESERVED
{DSA-2192-1}
- chromium-browser 10.0.648.133~r77742-1
- - webkit <undetermined>
+ - webkit <unfixed>
+ NOTE: needs port
NOTE: http://trac.webkit.org/changeset/80787
CVE-2011-1289
RESERVED
@@ -438,12 +439,12 @@
CVE-2011-1204 (Google Chrome before 10.0.648.127 does not properly handle
attributes, ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <no-dsa> (hard merge)
- - webkit <undetermined>
+ - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/79810
CVE-2011-1203 (Google Chrome before 10.0.648.127 does not properly handle SVG
...)
{DSA-2189-1}
- chromium-browser 10.0.648.127~r76697-1
- - webkit <undetermined>
+ - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/79476
CVE-2011-1202 (Unspecified vulnerability in the XSLT implementation in Google
Chrome ...)
- libxslt <unfixed> (bug #617413)
@@ -453,67 +454,76 @@
CVE-2011-1201 (The context implementation in WebKit, as used in Google Chrome
before ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
- - webkit <undetermined>
+ - webkit <not-affected> (losecontext not present in 1.2)
+ TODO: recheck webkit 1.3
NOTE: http://trac.webkit.org/changeset/78921
CVE-2011-1200 (Google Chrome before 10.0.648.127 does not properly perform a
cast of ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
- - webkit <undetermined>
+ - webkit <not-affected> (vulnerable code not present)
+ TODO: recheck webkit 1.3
NOTE: http://trac.webkit.org/changeset/78744
CVE-2011-1199 (Google Chrome before 10.0.648.127 does not properly handle
DataView ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
- - webkit <undetermined>
+ - webkit <not-affected> (issue in libv8 bindings)
NOTE: https://trac.webkit.org/changeset/78738
CVE-2011-1198 (The video functionality in Google Chrome before 10.0.648.127
allows ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
- ffmpeg <undetermined>
+ TODO: need info on ffmpeg
CVE-2011-1197 (Google Chrome before 10.0.648.127 does not properly perform
table ...)
{DSA-2189-1}
- chromium-browser 10.0.648.127~r76697-1
- - webkit <undetermined>
+ - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/79734
CVE-2011-1196 (The OGG container implementation in Google Chrome before
10.0.648.127 ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
- ffmpeg <undetermined>
+ TODO: need info on ffmpeg
CVE-2011-1195 (Use-after-free vulnerability in Google Chrome before
10.0.648.127 ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
- - webkit <undetermined>
+ - webkit <not-affected> (vulnerable code not present)
+ TODO: recheck webkit 1.3
NOTE: http://trac.webkit.org/changeset/78147
CVE-2011-1194 (Multiple unspecified vulnerabilities in Google Chrome before
...)
- - chromium-browser (unimportant)
- - webkit <undetermined>
- NOTE: http://trac.webkit.org/changeset/77049
http://trac.webkit.org/changeset/77329
+ - chromium-browser <unfixed> (unimportant)
+ - webkit <undetermined> (unimportant)
+ NOTE: http://trac.webkit.org/changeset/77049
+ NOTE: http://trac.webkit.org/changeset/77329
+ NOTE: popup blocker bypass not treated as a security issue
CVE-2011-1193 (Google V8, as used in Google Chrome before 10.0.648.127, allows
remote ...)
- libv8 <unfixed> (bug #617418)
CVE-2011-1192 (Google Chrome before 10.0.648.127 on Linux does not properly
handle ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
- - webkit <undetermined>
+ - webkit <not-affected> (issue in chromium-specific code)
NOTE: http://trac.webkit.org/changeset/76732
CVE-2011-1191 (Use-after-free vulnerability in Google Chrome before
10.0.648.127 ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <not-affected>
- - webkit <undetermined>
+ - webkit <not-affected> (vulnerable code not yet present)
+ TODO: recheck webkit 1.3
NOTE: http://trac.webkit.org/changeset/76652
CVE-2011-1190 (The Web Workers implementation in Google Chrome before
10.0.648.127 ...)
{DSA-2189-1}
- chromium-browser 10.0.648.127~r76697-1
- - webkit <undetermined>
+ - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/77563
CVE-2011-1189 (Google Chrome before 10.0.648.127 does not properly perform box
...)
{DSA-2189-1}
- chromium-browser 10.0.648.127~r76697-1
- - webkit <undetermined>
+ - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/79689
CVE-2011-1188 (Google Chrome before 10.0.648.127 does not properly handle
counter ...)
{DSA-2189-1}
- chromium-browser 10.0.648.127~r76697-1
- webkit <undetermined>
NOTE: http://trac.webkit.org/changeset/77142
+ TODO: ^ this commit only contains tests for the issue, need commit #
for fix
CVE-2011-1187 (Google Chrome before 10.0.648.127 allows remote attackers to
bypass ...)
- libv8 <unfixed> (bug #617418)
CVE-2011-1186 (Google Chrome before 10.0.648.127 on Linux does not properly
handle ...)
@@ -523,7 +533,7 @@
CVE-2011-1185 (Google Chrome before 10.0.648.127 does not prevent (1)
navigation and ...)
- chromium-browser 10.0.648.127~r76697-1
[squeeze] - chromium-browser <no-dsa> (minor issue)
- - webkit <undetermined>
+ - webkit <unfixed>
NOTE: http://trac.webkit.org/changeset/74853
CVE-2011-1184
RESERVED