1
PublicDateAtUSN: 2013-07-10
2
Candidate: CVE-2013-2877
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877
6
https://code.google.com/p/chromium/issues/detail?id=229019
7
http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html
8
http://git.chromium.org/gitweb/?p=chromium/chromium.git;a=commit;h=e5d7f7e5dc21d3ae7be3cbb949ac4d8701e06de1
9
https://usn.ubuntu.com/usn/usn-1904-1
10
https://usn.ubuntu.com/usn/usn-1904-2
12
parser.c in libxml2 before 2.9.0, as used in Google Chrome before
13
28.0.1500.71 and other products, allows remote attackers to cause a denial
14
of service (out-of-bounds read) via a document that ends abruptly, related
15
to the lack of certain checks for the XML_PARSER_EOF state.
18
jdstrand> Mitre description uses the wrong version. Fix not until 2.9.1
20
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=715531
21
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1199644
22
https://bugs.launchpad.net/ubuntu/+source/libxml2/+bug/1201849 (regression)
27
Patches_chromium-browser:
28
upstream_chromium-browser: released (28.0.1500.71)
29
lucid_chromium-browser: ignored (reached end-of-life)
30
precise_chromium-browser: released (28.0.1500.71-0ubuntu1.12.04.1)
31
quantal_chromium-browser: released (28.0.1500.71-0ubuntu1.12.10.1)
32
raring_chromium-browser: released (28.0.1500.71-0ubuntu1.13.04.1)
33
devel_chromium-browser: released (28.0.1500.71-0ubuntu1.13.10.1)
36
upstream: https://git.gnome.org/browse/libxml2/commit/?id=48b4cdde3483e054af8ea02e0cd7ee467b0e9a50 (backport)
37
upstream: https://git.gnome.org/browse/libxml2/commit/?id=e50ba8164eee06461c73cd8abb9b46aa0be81869
38
upstream: https://git.gnome.org/browse/libxml2/commit/?id=9ca816b3a64e7b1bada7baa2cbc09e8937b38215
39
upstream_libxml2: released (2.9.1+dfsg1-2)
40
lucid_libxml2: released (2.7.6.dfsg-1ubuntu1.9)
41
precise_libxml2: released (2.7.8.dfsg-5.1ubuntu4.5)
42
quantal_libxml2: released (2.8.0+dfsg1-5ubuntu2.3)
43
raring_libxml2: released (2.9.0+dfsg1-4ubuntu4.2)
44
devel_libxml2: released (2.9.1+dfsg1-2ubuntu1)