Author: jmm Date: 2012-04-04 16:13:51 +0000 (Wed, 04 Apr 2012) New Revision: 18824 Modified: data/CVE/list Log: chromium fixed drupal non-issue NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-04-04 14:10:29 UTC (rev 18823) +++ data/CVE/list 2012-04-04 16:13:51 UTC (rev 18824) @@ -251,21 +251,21 @@ CVE-2007-6753 (Untrusted search path vulnerability in Shell32.dll in Microsoft ...) NOT-FOR-US: Microsoft Windows CVE-2012-1931 (Opera before 11.62 on UNIX, when used in conjunction with an ...) - TODO: check + NOT-FOR-US: Opera CVE-2012-1930 (Opera before 11.62 on UNIX uses world-readable permissions for ...) - TODO: check + NOT-FOR-US: Opera CVE-2012-1929 (Opera before 11.62 on Mac OS X allows remote attackers to spoof the ...) - TODO: check + NOT-FOR-US: Opera CVE-2012-1928 (Opera before 11.62 allows remote attackers to spoof the address field ...) - TODO: check + NOT-FOR-US: Opera CVE-2012-1927 (Opera before 11.62 allows remote attackers to spoof the address field ...) - TODO: check + NOT-FOR-US: Opera CVE-2012-1926 (Opera before 11.62 allows remote attackers to bypass the Same Origin ...) - TODO: check + NOT-FOR-US: Opera CVE-2012-1925 (Opera before 11.62 does not ensure that a dialog window is placed on ...) - TODO: check + NOT-FOR-US: Opera CVE-2012-1924 (Opera before 11.62 allows user-assisted remote attackers to trick ...) - TODO: check + NOT-FOR-US: Opera CVE-2012-1923 RESERVED CVE-2012-1922 @@ -273,17 +273,17 @@ CVE-2012-1921 RESERVED CVE-2012-1920 (@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows ...) - TODO: check + NOT-FOR-US: AtMail CVE-2012-1919 (CRLF injection vulnerability in mime.php in @Mail WebMail Client in ...) - TODO: check + NOT-FOR-US: AtMail CVE-2012-1918 (Multiple directory traversal vulnerabilities in (1) compose.php and ...) - TODO: check + NOT-FOR-US: AtMail CVE-2012-1917 (compose.php in @Mail WebMail Client in AtMail Open-Source before 1.05 ...) - TODO: check + NOT-FOR-US: AtMail CVE-2012-1916 (@Mail WebMail Client in AtMail Open-Source before 1.05 allows remote ...) - TODO: check + NOT-FOR-US: AtMail CVE-2007-6752 (** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in ...) - TODO: check + - drupal7 <unfixed> (unimportant) CVE-2012-1915 RESERVED CVE-2012-1914 @@ -301,7 +301,7 @@ CVE-2012-1908 RESERVED CVE-2012-1907 (The scanner engine in PrivaWall Antivirus 5.6 and earlier does not ...) - TODO: check + NOT-FOR-US: PrivaWall Antivirus CVE-2012-1906 RESERVED CVE-2012-1905 @@ -792,7 +792,7 @@ CVE-2012-1671 RESERVED CVE-2012-1670 (admin/index.php in PHP Grade Book before 1.9.5 BETA allows remote ...) - TODO: check + NOT-FOR-US: PHP Grade Book CVE-2012-1669 RESERVED CVE-2012-1668 @@ -1142,7 +1142,7 @@ CVE-2012-1516 RESERVED CVE-2012-1515 (VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not ...) - TODO: check + NOT-FOR-US: VMware ESXi CVE-2012-1514 (Cross-site request forgery (CSRF) vulnerability in VMware vShield ...) NOT-FOR-US: VMware vShield Manager CVE-2012-1513 (The Web Configuration tool in VMware vCenter Orchestrator (vCO) 4.0 ...) @@ -1264,9 +1264,9 @@ CVE-2012-1458 (The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus ...) TODO: check CVE-2012-1457 (The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK ...) - TODO: check + NOT-FOR-US: multiple Anti-Virus applications CVE-2012-1456 (The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat ...) - TODO: check + NOT-FOR-US: multiple Anti-Virus applications CVE-2012-1455 (The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus ...) NOT-FOR-US: NOD32 Antivirus, Rising Antivirus CVE-2012-1454 (The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee ...) @@ -10688,21 +10688,21 @@ CVE-2011-3066 RESERVED CVE-2011-3065 (Skia, as used in Google Chrome before 18.0.1025.142, allows remote ...) - - chromium-browser <unfixed> + - chromium-browser 18.0.1025.142~r129054-1 CVE-2011-3064 (Use-after-free vulnerability in Google Chrome before 18.0.1025.142 ...) - - chromium-browser <unfixed> + - chromium-browser 18.0.1025.142~r129054-1 CVE-2011-3063 (Google Chrome before 18.0.1025.142 does not properly validate the ...) - - chromium-browser <unfixed> + - chromium-browser 18.0.1025.142~r129054-1 CVE-2011-3062 (Off-by-one error in the OpenType Sanitizer in Google Chrome before ...) - - chromium-browser <unfixed> + - chromium-browser 18.0.1025.142~r129054-1 CVE-2011-3061 (Google Chrome before 18.0.1025.142 does not properly check X.509 ...) - - chromium-browser <unfixed> + - chromium-browser 18.0.1025.142~r129054-1 CVE-2011-3060 (Google Chrome before 18.0.1025.142 does not properly handle text ...) - - chromium-browser <unfixed> + - chromium-browser 18.0.1025.142~r129054-1 CVE-2011-3059 (Google Chrome before 18.0.1025.142 does not properly handle SVG text ...) - - chromium-browser <unfixed> + - chromium-browser 18.0.1025.142~r129054-1 CVE-2011-3058 (Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP ...) - - chromium-browser <unfixed> + - chromium-browser 18.0.1025.142~r129054-1 CVE-2011-3057 (Google V8, as used in Google Chrome before 17.0.963.83, allows remote ...) - libv8 <unfixed> CVE-2011-3056 (Google Chrome before 17.0.963.83 allows remote attackers to bypass the ...)