1
PublicDateAtUSN: 2015-05-20
2
Candidate: CVE-2015-1258
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1258
6
https://codereview.chromium.org/1106303002
7
https://code.google.com/p/chromium/issues/detail?id=450939
8
http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html
9
https://usn.ubuntu.com/usn/usn-2610-1
11
Google Chrome before 43.0.2357.65 relies on libvpx code that was not built
12
with an appropriate --size-limit value, which allows remote attackers to
13
trigger a negative value for a size field, and consequently cause a denial
14
of service or possibly have unspecified other impact, via a crafted frame
15
size in VP9 video data.
18
mdeslaur> build parameter is specific for chrome build
24
Patches_chromium-browser:
25
upstream_chromium-browser: released (43.0.2357.65)
26
precise_chromium-browser: ignored
27
trusty_chromium-browser: released (43.0.2357.81-0ubuntu0.14.04.1.1089)
28
utopic_chromium-browser: released (43.0.2357.81-0ubuntu0.14.10.1.1131)
29
vivid_chromium-browser: released (43.0.2357.81-0ubuntu0.15.04.1.1170)
30
wily_chromium-browser: released (43.0.2357.81-0ubuntu1.1179)
31
devel_chromium-browser: released (43.0.2357.81-0ubuntu1.1179)
34
upstream_oxide-qt: released (1.7.8)
36
trusty_oxide-qt: released (1.7.8-0ubuntu0.14.04.1)
37
utopic_oxide-qt: released (1.7.8-0ubuntu0.14.10.1)
38
vivid_oxide-qt: released (1.7.8-0ubuntu0.15.04.1)
39
wily_oxide-qt: released (1.7.8-0ubuntu1)
40
devel_oxide-qt: released (1.7.8-0ubuntu1)
43
upstream: https://github.com/webmproject/libvpx/commit/943e43273b0a7369d07714e7fd2e19fecfb11c7c
44
upstream_libvpx: not-affected
45
precise_libvpx: not-affected
46
trusty_libvpx: not-affected
47
utopic_libvpx: not-affected
48
vivid_libvpx: not-affected
49
wily_libvpx: not-affected
50
devel_libvpx: not-affected