[Secure-testing-commits] r21579 - data/CVE
Michael Gilbert
mgilbert at alioth.debian.org
Tue Mar 12 01:08:48 UTC 2013
Author: mgilbert
Date: 2013-03-12 01:08:47 +0000 (Tue, 12 Mar 2013)
New Revision: 21579
Modified:
data/CVE/list
Log:
libv8 not-affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-03-11 22:15:16 UTC (rev 21578)
+++ data/CVE/list 2013-03-12 01:08:47 UTC (rev 21579)
@@ -3789,7 +3789,9 @@
CVE-2013-0837 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a ...)
- chromium-browser 24.0.1312.68-1
CVE-2013-0836 (Google V8 before 3.14.5.3, as used in Google Chrome before ...)
- - libv8 <unfixed> (bug #702261)
+ - chromium-browser 24.0.1312.68-1
+ - libv8 <not-affected> (bug #702261; vulnerablility was fixed by reverting to old implementation as found in version 3.8.9.20)
+ TODO: re-check uploads newer than 3.8.9.20
CVE-2013-0835 (Unspecified vulnerability in the Geolocation implementation in Google ...)
- chromium-browser 24.0.1312.68-1
CVE-2013-0834 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a ...)
@@ -9264,8 +9266,9 @@
CVE-2012-5154 (Integer overflow in Google Chrome before 24.0.1312.52 on Windows ...)
- chromium-browser <not-affected> (Only affects Windows)
CVE-2012-5153 (Google V8 before 3.14.5.3, as used in Google Chrome before ...)
- - libv8 <unfixed> (bug #702261)
+ - libv8 <not-affected> (bug #702261; kMinFixedIndex and kMaxFixedIndex are hard-coded to the correct values in 3.8.9.20, a later commit introduced a caclulation that produced incorrect values)
- chromium-browser 24.0.1312.68-1
+ TODO: re-check uploads newer than 3.8.9.20
CVE-2012-5152 (Google Chrome before 24.0.1312.52 allows remote attackers to cause a ...)
- chromium-browser 24.0.1312.68-1
TODO: Might affect ffmpeg/libav
More information about the Secure-testing-commits
mailing list