← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140

Candidate: CVE-2013-2838
PublicDate: 2013-05-22
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2838
 https://code.google.com/p/chromium/issues/detail?id=235311
 http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2836
 https://code.google.com/p/chromium/issues/detail?id=241595
 https://code.google.com/p/chromium/issues/detail?id=236631
 https://code.google.com/p/chromium/issues/detail?id=232865
 https://code.google.com/p/chromium/issues/detail?id=232532
 https://code.google.com/p/chromium/issues/detail?id=232389
 https://code.google.com/p/chromium/issues/detail?id=231725
 https://code.google.com/p/chromium/issues/detail?id=229402
 https://code.google.com/p/chromium/issues/detail?id=227390
 https://code.google.com/p/chromium/issues/detail?id=226659
 https://code.google.com/p/chromium/issues/detail?id=226090
 https://code.google.com/p/chromium/issues/detail?id=226012
 https://code.google.com/p/chromium/issues/detail?id=225979
 https://code.google.com/p/chromium/issues/detail?id=225403
 https://code.google.com/p/chromium/issues/detail?id=224920
 https://code.google.com/p/chromium/issues/detail?id=223145
 https://code.google.com/p/chromium/issues/detail?id=223125
 https://code.google.com/p/chromium/issues/detail?id=223034
 https://code.google.com/p/chromium/issues/detail?id=222770
 https://code.google.com/p/chromium/issues/detail?id=222754
 https://code.google.com/p/chromium/issues/detail?id=222036
 https://code.google.com/p/chromium/issues/detail?id=196648
 https://code.google.com/p/chromium/issues/detail?id=196575
 https://code.google.com/p/chromium/issues/detail?id=196571
 https://code.google.com/p/chromium/issues/detail?id=181438
 https://code.google.com/p/chromium/issues/detail?id=181375
 https://code.google.com/p/chromium/issues/detail?id=180920
 https://code.google.com/p/chromium/issues/detail?id=180058
 https://code.google.com/p/chromium/issues/detail?id=179580
 https://code.google.com/p/chromium/issues/detail?id=178761
 https://code.google.com/p/chromium/issues/detail?id=178581
 https://code.google.com/p/chromium/issues/detail?id=178269
 https://code.google.com/p/chromium/issues/detail?id=178130
 https://code.google.com/p/chromium/issues/detail?id=177815
 https://code.google.com/p/chromium/issues/detail?id=176719
 https://code.google.com/p/chromium/issues/detail?id=174920
 https://code.google.com/p/chromium/issues/detail?id=173672
 https://code.google.com/p/chromium/issues/detail?id=173397
 https://code.google.com/p/chromium/issues/detail?id=170715
 https://code.google.com/p/chromium/issues/detail?id=168050
 https://code.google.com/p/chromium/issues/detail?id=162896
 http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html
Description:
 Google V8, as used in Google Chrome before 27.0.1453.93, allows remote
 attackers to cause a denial of service (out-of-bounds read) via unspecified
 vectors.
Ubuntu-Description:
Notes:
 jdstrand> qtjsbackend-opensource-src contains an embedded libv8, however
  applications using qtjsbackend-opensource-src should not process untrusted
  javascript and therefore Ubuntu will not process updates for libv8 in this
  package. (See LP: #1157732 for details)
 sarnold> I didn't find any information on this from libv8 upstream
Bugs:
Priority: medium
Discovered-by: Christian Holler
Assigned-to: chad

Patches_chromium-browser:
upstream_chromium-browser: released (27.0.1453.93)
lucid_chromium-browser: ignored (reached end-of-life)
precise_chromium-browser: released (28.0.1500.52-0ubuntu1.12.04.2)
precise/esm_chromium-browser: DNE (precise was released [28.0.1500.52-0ubuntu1.12.04.2])
quantal_chromium-browser: released (28.0.1500.52-0ubuntu1.12.10.3)
raring_chromium-browser: released (28.0.1500.52-0ubuntu1.13.04.3)
saucy_chromium-browser: released (28.0.1500.52-0ubuntu2)
trusty_chromium-browser: released (28.0.1500.52-0ubuntu2)
utopic_chromium-browser: released (28.0.1500.52-0ubuntu2)
vivid_chromium-browser: released (28.0.1500.52-0ubuntu2)
vivid/stable-phone-overlay_chromium-browser: DNE
vivid/ubuntu-core_chromium-browser: DNE
wily_chromium-browser: released (28.0.1500.52-0ubuntu2)
xenial_chromium-browser: released (28.0.1500.52-0ubuntu2)
yakkety_chromium-browser: released (28.0.1500.52-0ubuntu2)
zesty_chromium-browser: released (28.0.1500.52-0ubuntu2)
devel_chromium-browser: released (28.0.1500.52-0ubuntu2)

Patches_libv8:
upstream_libv8: needed
lucid_libv8: ignored (reached end-of-life)
precise_libv8: ignored (reached end-of-life)
precise/esm_libv8: DNE (precise was needed)
quantal_libv8: ignored (reached end-of-life)
raring_libv8: ignored (reached end-of-life)
saucy_libv8: ignored (reached end-of-life)
trusty_libv8: DNE
utopic_libv8: DNE
vivid_libv8: DNE
vivid/stable-phone-overlay_libv8: DNE
vivid/ubuntu-core_libv8: DNE
wily_libv8: DNE
xenial_libv8: DNE
yakkety_libv8: DNE
zesty_libv8: DNE
devel_libv8: DNE

Patches_libv8-3.14:
upstream_libv8-3.14: needed
lucid_libv8-3.14: DNE
precise_libv8-3.14: DNE
precise/esm_libv8-3.14: DNE
quantal_libv8-3.14: DNE
raring_libv8-3.14: DNE
saucy_libv8-3.14: ignored (reached end-of-life)
trusty_libv8-3.14: needed
utopic_libv8-3.14: ignored (reached end-of-life)
vivid_libv8-3.14: ignored (reached end-of-life)
vivid/stable-phone-overlay_libv8-3.14: DNE
vivid/ubuntu-core_libv8-3.14: DNE
wily_libv8-3.14: ignored (reached end-of-life)
xenial_libv8-3.14: needed
yakkety_libv8-3.14: ignored (reached end-of-life)
zesty_libv8-3.14: needed
devel_libv8-3.14: needed

Patches_qtjsbackend-opensource-src:
upstream_qtjsbackend-opensource-src: needs-triage
lucid_qtjsbackend-opensource-src: DNE
precise_qtjsbackend-opensource-src: DNE
precise/esm_qtjsbackend-opensource-src: DNE
quantal_qtjsbackend-opensource-src: DNE
raring_qtjsbackend-opensource-src: ignored (see note)
saucy_qtjsbackend-opensource-src: ignored (see note)
trusty_qtjsbackend-opensource-src: DNE
utopic_qtjsbackend-opensource-src: DNE
vivid_qtjsbackend-opensource-src: DNE
vivid/stable-phone-overlay_qtjsbackend-opensource-src: DNE
vivid/ubuntu-core_qtjsbackend-opensource-src: DNE
wily_qtjsbackend-opensource-src: DNE
xenial_qtjsbackend-opensource-src: DNE
yakkety_qtjsbackend-opensource-src: DNE
zesty_qtjsbackend-opensource-src: DNE
devel_qtjsbackend-opensource-src: DNE