Author: jmm Date: 2012-08-31 10:13:16 +0000 (Fri, 31 Aug 2012) New Revision: 20064 Modified: data/CVE/list Log: new chromium issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-08-31 09:09:11 UTC (rev 20063) +++ data/CVE/list 2012-08-31 10:13:16 UTC (rev 20064) @@ -4277,20 +4277,28 @@ RESERVED CVE-2012-2872 RESERVED + - chromium-browser <unfixed> CVE-2012-2871 RESERVED + - chromium-browser <unfixed> CVE-2012-2870 RESERVED + - chromium-browser <unfixed> CVE-2012-2869 RESERVED + - chromium-browser <unfixed> CVE-2012-2868 RESERVED + - chromium-browser <unfixed> CVE-2012-2867 RESERVED + - chromium-browser <unfixed> CVE-2012-2866 RESERVED + - chromium-browser <unfixed> CVE-2012-2865 RESERVED + - chromium-browser <unfixed> CVE-2012-2864 (Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, ...) - mesa 8.0.4-2 (bug #685667) [squeeze] - mesa <not-affected> (Vulnerable code not present) @@ -10034,9 +10042,8 @@ NOT-FOR-US: Oracle SPARC Enterprise M Series Servers XCP 1110 CVE-2012-0547 RESERVED - - openjdk-7 <unfixed> - - openjdk-6 <unfixed> - TODO: check + - openjdk-7 <unfixed> (low) + - openjdk-6 <unfixed> (low) CVE-2012-0546 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...) NOT-FOR-US: Oracle Financial Services Software CVE-2012-0545 (Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking ...) @@ -12361,7 +12368,7 @@ NOTE: http://vcs.openttd.org/svn/changeset/23764 NOTE: http://security.openttd.org/en/CVE-2012-0049 CVE-2012-0048 (OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial ...) - TODO: contacted MITRE, seems like a typo + TODO: contacted MITRE, will be rejected CVE-2012-0047 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...) NOT-FOR-US: Apache Wicket CVE-2012-0046 [mediawiki info leak]