1
PublicDateAtUSN: 2014-10-08
2
Candidate: CVE-2014-3188
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3188
6
https://crbug.com/416449
7
https://code.google.com/p/v8/source/detail?r=24125
8
http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html
9
http://googlechromereleases.blogspot.com/2014/10/stable-channel-update-for-chrome-os.html
10
https://usn.ubuntu.com/usn/usn-2345-1
12
Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do
13
not properly handle the interaction of IPC and Google V8, which allows
14
remote attackers to execute arbitrary code via vectors involving JSON data,
15
related to improper parsing of an escaped index by ParseJsonObject in
19
sarnold> I didn't find a json-parser.h or ParseJsonObject via codesearch
25
Patches_chromium-browser:
26
upstream_chromium-browser: released (38.0.2125.101)
27
lucid_chromium-browser: ignored (reached end-of-life)
28
precise_chromium-browser: ignored
29
precise/esm_chromium-browser: DNE (precise was ignored)
30
trusty_chromium-browser: released (38.0.2125.111-0ubuntu0.14.04.1.1061)
31
utopic_chromium-browser: released (38.0.2125.111-0ubuntu0.14.10.1.1103)
32
vivid_chromium-browser: released (38.0.2125.111-0ubuntu1.1103)
33
vivid/stable-phone-overlay_chromium-browser: DNE
34
vivid/ubuntu-core_chromium-browser: DNE
35
wily_chromium-browser: released (38.0.2125.111-0ubuntu1.1103)
36
xenial_chromium-browser: released (38.0.2125.111-0ubuntu1.1103)
37
yakkety_chromium-browser: released (38.0.2125.111-0ubuntu1.1103)
38
zesty_chromium-browser: released (38.0.2125.111-0ubuntu1.1103)
39
artful_chromium-browser: released (38.0.2125.111-0ubuntu1.1103)
40
bionic_chromium-browser: released (38.0.2125.111-0ubuntu1.1103)
41
devel_chromium-browser: released (38.0.2125.111-0ubuntu1.1103)
44
upstream_oxide-qt: released (1.2.5)
47
precise/esm_oxide-qt: DNE
48
trusty_oxide-qt: released (1.2.5-0ubuntu0.14.10.1)
49
utopic_oxide-qt: released (1.2.5-0ubuntu1)
50
vivid_oxide-qt: released (1.2.5-0ubuntu1)
51
vivid/stable-phone-overlay_oxide-qt: released (1.2.5-0ubuntu1)
52
vivid/ubuntu-core_oxide-qt: DNE
53
wily_oxide-qt: released (1.2.5-0ubuntu1)
54
xenial_oxide-qt: released (1.2.5-0ubuntu1)
55
yakkety_oxide-qt: released (1.2.5-0ubuntu1)
56
zesty_oxide-qt: released (1.2.5-0ubuntu1)
57
artful_oxide-qt: released (1.2.5-0ubuntu1)
62
upstream_libv8: needed
63
lucid_libv8: ignored (reached end-of-life)
64
precise_libv8: ignored (reached end-of-life)
65
precise/esm_libv8: DNE (precise was needed)
69
vivid/stable-phone-overlay_libv8: DNE
70
vivid/ubuntu-core_libv8: DNE
80
upstream_libv8-3.14: needed
82
precise_libv8-3.14: DNE
83
precise/esm_libv8-3.14: DNE
84
trusty_libv8-3.14: needed
85
utopic_libv8-3.14: ignored (reached end-of-life)
86
vivid_libv8-3.14: ignored (reached end-of-life)
87
vivid/stable-phone-overlay_libv8-3.14: DNE
88
vivid/ubuntu-core_libv8-3.14: DNE
89
wily_libv8-3.14: ignored (reached end-of-life)
90
xenial_libv8-3.14: needed
91
yakkety_libv8-3.14: ignored (reached end-of-life)
92
zesty_libv8-3.14: ignored (reached end-of-life)
93
artful_libv8-3.14: needed
94
bionic_libv8-3.14: needed
95
devel_libv8-3.14: needed