Author: jmm Date: 2012-02-15 20:50:23 +0000 (Wed, 15 Feb 2012) New Revision: 18443 Modified: data/CVE/list Log: fixup vbox additions entry NFUs plenty of chrome issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-02-15 20:38:47 UTC (rev 18442) +++ data/CVE/list 2012-02-15 20:50:23 UTC (rev 18443) @@ -1635,7 +1635,7 @@ CVE-2012-0341 RESERVED CVE-2012-0340 (Cross-site scripting (XSS) vulnerability in the management interface ...) - TODO: check + NOT-FOR-US: Advantech Studio CVE-2012-0339 RESERVED CVE-2012-0338 @@ -2895,6 +2895,7 @@ RESERVED CVE-2012-0105 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...) - virtualbox-guest-additions-iso (bug #659951) + - virtualbox-guest-additions-iso (bug #659951) CVE-2012-0104 (Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 ...) TODO: check CVE-2012-0103 (Unspecified vulnerability in Oracle Solaris 11 Express allows local ...) @@ -5235,13 +5236,13 @@ CVE-2011-4042 RESERVED CVE-2011-4041 (webvrpcs.exe in Advantech/BroadWin WebAccess allows remote attackers ...) - TODO: check + NOT-FOR-US: Advantech WebAccess CVE-2011-4040 (Buffer overflow in MiniSmtp 3.0.11818 in NJStar Communicator allows ...) NOT-FOR-US: NJStar Communicator CVE-2011-4039 (Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in ...) - TODO: check + NOT-FOR-US: Invensys Wonderware HMI Reports CVE-2011-4038 (Cross-site scripting (XSS) vulnerability in Invensys Wonderware HMI ...) - TODO: check + NOT-FOR-US: Invensys Wonderware HMI Reports CVE-2011-4037 (Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog ...) NOT-FOR-US: Sielco Sistemi Winlog PRO CVE-2011-4036 (Directory traversal vulnerability in Schneider Electric Vijeo ...) @@ -5632,45 +5633,64 @@ - ffmpeg <removed> - ffmpeg-debian <end-of-life> CVE-2011-3972 (The shader translator implementation in Google Chrome before ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3971 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3970 (libxslt, as used in Google Chrome before 17.0.963.46, allows remote ...) TODO: check CVE-2011-3969 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3968 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3967 (Unspecified vulnerability in Google Chrome before 17.0.963.46 allows ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3966 (Use-after-free vulnerability in Google Chrome before 17.0.963.46 ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3965 (Google Chrome before 17.0.963.46 does not properly check signatures, ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3964 (Google Chrome before 17.0.963.46 does not properly implement the ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3963 (Google Chrome before 17.0.963.46 does not properly handle PDF FAX ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3962 (Google Chrome before 17.0.963.46 does not properly perform path ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3961 (Race condition in Google Chrome before 17.0.963.46 allows remote ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3960 (Google Chrome before 17.0.963.46 does not properly decode audio data, ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3959 (Buffer overflow in the locale implementation in Google Chrome before ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3958 (Google Chrome before 17.0.963.46 does not properly perform casts of ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3957 (Use-after-free vulnerability in the garbage-collection functionality ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3956 (The extension implementation in Google Chrome before 17.0.963.46 does ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3955 (Google Chrome before 17.0.963.46 allows remote attackers to cause a ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3954 (Google Chrome before 17.0.963.46 allows remote attackers to cause a ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3953 (Google Chrome before 17.0.963.46 does not prevent monitoring of the ...) - TODO: check + - chromium-browser <unfixed> + - webkit <undetermined> CVE-2011-3952 RESERVED CVE-2011-3951 @@ -10461,7 +10481,7 @@ CVE-2011-2301 (Unspecified vulnerability in the Oracle Text component in Oracle ...) NOT-FOR-US: Oracle Database CVE-2011-2300 (Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local ...) - - virtualbox-guest-additions <removed> (bug #635276) + - virtualbox-guest-additions-iso 4.0.10-1 (bug #635276) [squeeze] - virtualbox-guest-additions <no-dsa> (Non-free not supported) CVE-2011-2299 (Unspecified vulnerability in Oracle SPARC Enterprise M3000, M4000, ...) NOT-FOR-US: Oracle SPARC Enterprise