1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
|
Candidate: CVE-2013-2838
PublicDate: 2013-05-22
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2838
https://code.google.com/p/chromium/issues/detail?id=235311
http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2836
https://code.google.com/p/chromium/issues/detail?id=241595
https://code.google.com/p/chromium/issues/detail?id=236631
https://code.google.com/p/chromium/issues/detail?id=232865
https://code.google.com/p/chromium/issues/detail?id=232532
https://code.google.com/p/chromium/issues/detail?id=232389
https://code.google.com/p/chromium/issues/detail?id=231725
https://code.google.com/p/chromium/issues/detail?id=229402
https://code.google.com/p/chromium/issues/detail?id=227390
https://code.google.com/p/chromium/issues/detail?id=226659
https://code.google.com/p/chromium/issues/detail?id=226090
https://code.google.com/p/chromium/issues/detail?id=226012
https://code.google.com/p/chromium/issues/detail?id=225979
https://code.google.com/p/chromium/issues/detail?id=225403
https://code.google.com/p/chromium/issues/detail?id=224920
https://code.google.com/p/chromium/issues/detail?id=223145
https://code.google.com/p/chromium/issues/detail?id=223125
https://code.google.com/p/chromium/issues/detail?id=223034
https://code.google.com/p/chromium/issues/detail?id=222770
https://code.google.com/p/chromium/issues/detail?id=222754
https://code.google.com/p/chromium/issues/detail?id=222036
https://code.google.com/p/chromium/issues/detail?id=196648
https://code.google.com/p/chromium/issues/detail?id=196575
https://code.google.com/p/chromium/issues/detail?id=196571
https://code.google.com/p/chromium/issues/detail?id=181438
https://code.google.com/p/chromium/issues/detail?id=181375
https://code.google.com/p/chromium/issues/detail?id=180920
https://code.google.com/p/chromium/issues/detail?id=180058
https://code.google.com/p/chromium/issues/detail?id=179580
https://code.google.com/p/chromium/issues/detail?id=178761
https://code.google.com/p/chromium/issues/detail?id=178581
https://code.google.com/p/chromium/issues/detail?id=178269
https://code.google.com/p/chromium/issues/detail?id=178130
https://code.google.com/p/chromium/issues/detail?id=177815
https://code.google.com/p/chromium/issues/detail?id=176719
https://code.google.com/p/chromium/issues/detail?id=174920
https://code.google.com/p/chromium/issues/detail?id=173672
https://code.google.com/p/chromium/issues/detail?id=173397
https://code.google.com/p/chromium/issues/detail?id=170715
https://code.google.com/p/chromium/issues/detail?id=168050
https://code.google.com/p/chromium/issues/detail?id=162896
http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html
Description:
Google V8, as used in Google Chrome before 27.0.1453.93, allows remote
attackers to cause a denial of service (out-of-bounds read) via unspecified
vectors.
Ubuntu-Description:
Notes:
jdstrand> qtjsbackend-opensource-src contains an embedded libv8, however
applications using qtjsbackend-opensource-src should not process untrusted
javascript and therefore Ubuntu will not process updates for libv8 in this
package. (See LP: #1157732 for details)
sarnold> I didn't find any information on this from libv8 upstream
Bugs:
Priority: medium
Discovered-by: Christian Holler
Assigned-to: chad
Patches_chromium-browser:
upstream_chromium-browser: released (27.0.1453.93)
lucid_chromium-browser: ignored (reached end-of-life)
precise_chromium-browser: released (28.0.1500.52-0ubuntu1.12.04.2)
precise/esm_chromium-browser: DNE (precise was released [28.0.1500.52-0ubuntu1.12.04.2])
quantal_chromium-browser: released (28.0.1500.52-0ubuntu1.12.10.3)
raring_chromium-browser: released (28.0.1500.52-0ubuntu1.13.04.3)
saucy_chromium-browser: released (28.0.1500.52-0ubuntu2)
trusty_chromium-browser: released (28.0.1500.52-0ubuntu2)
utopic_chromium-browser: released (28.0.1500.52-0ubuntu2)
vivid_chromium-browser: released (28.0.1500.52-0ubuntu2)
vivid/stable-phone-overlay_chromium-browser: DNE
vivid/ubuntu-core_chromium-browser: DNE
wily_chromium-browser: released (28.0.1500.52-0ubuntu2)
xenial_chromium-browser: released (28.0.1500.52-0ubuntu2)
yakkety_chromium-browser: released (28.0.1500.52-0ubuntu2)
zesty_chromium-browser: released (28.0.1500.52-0ubuntu2)
devel_chromium-browser: released (28.0.1500.52-0ubuntu2)
Patches_libv8:
upstream_libv8: needed
lucid_libv8: ignored (reached end-of-life)
precise_libv8: ignored (reached end-of-life)
precise/esm_libv8: DNE (precise was needed)
quantal_libv8: ignored (reached end-of-life)
raring_libv8: ignored (reached end-of-life)
saucy_libv8: ignored (reached end-of-life)
trusty_libv8: DNE
utopic_libv8: DNE
vivid_libv8: DNE
vivid/stable-phone-overlay_libv8: DNE
vivid/ubuntu-core_libv8: DNE
wily_libv8: DNE
xenial_libv8: DNE
yakkety_libv8: DNE
zesty_libv8: DNE
devel_libv8: DNE
Patches_libv8-3.14:
upstream_libv8-3.14: needed
lucid_libv8-3.14: DNE
precise_libv8-3.14: DNE
precise/esm_libv8-3.14: DNE
quantal_libv8-3.14: DNE
raring_libv8-3.14: DNE
saucy_libv8-3.14: ignored (reached end-of-life)
trusty_libv8-3.14: needed
utopic_libv8-3.14: ignored (reached end-of-life)
vivid_libv8-3.14: ignored (reached end-of-life)
vivid/stable-phone-overlay_libv8-3.14: DNE
vivid/ubuntu-core_libv8-3.14: DNE
wily_libv8-3.14: ignored (reached end-of-life)
xenial_libv8-3.14: needed
yakkety_libv8-3.14: ignored (reached end-of-life)
zesty_libv8-3.14: needed
devel_libv8-3.14: needed
Patches_qtjsbackend-opensource-src:
upstream_qtjsbackend-opensource-src: needs-triage
lucid_qtjsbackend-opensource-src: DNE
precise_qtjsbackend-opensource-src: DNE
precise/esm_qtjsbackend-opensource-src: DNE
quantal_qtjsbackend-opensource-src: DNE
raring_qtjsbackend-opensource-src: ignored (see note)
saucy_qtjsbackend-opensource-src: ignored (see note)
trusty_qtjsbackend-opensource-src: DNE
utopic_qtjsbackend-opensource-src: DNE
vivid_qtjsbackend-opensource-src: DNE
vivid/stable-phone-overlay_qtjsbackend-opensource-src: DNE
vivid/ubuntu-core_qtjsbackend-opensource-src: DNE
wily_qtjsbackend-opensource-src: DNE
xenial_qtjsbackend-opensource-src: DNE
yakkety_qtjsbackend-opensource-src: DNE
zesty_qtjsbackend-opensource-src: DNE
devel_qtjsbackend-opensource-src: DNE
|