[Git][security-tracker-team/security-tracker][master] libv8-3.14 removed from unstable
Salvatore Bonaccorso
carnil at debian.org
Fri Aug 16 20:26:19 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5fdacde0 by Salvatore Bonaccorso at 2019-08-16T19:24:33Z
libv8-3.14 removed from unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -184095,7 +184095,7 @@ CVE-2015-6775 (fpdfsdk/src/jsapi/fxjs_v8.cpp in PDFium, as used in Google Chrome
[squeeze] - chromium-browser <end-of-life>
CVE-2015-6774 (Use-after-free vulnerability in the GetLoadTimes function in renderer/ ...)
{DSA-3415-1}
- - libv8-3.14 <unfixed> (unimportant)
+ - libv8-3.14 <removed> (unimportant)
NOTE: libv8 not covered by security support
- chromium-browser 47.0.2526.73-1
[wheezy] - chromium-browser <end-of-life>
@@ -184112,7 +184112,7 @@ CVE-2015-6772 (The DOM implementation in Blink, as used in Google Chrome before
[squeeze] - chromium-browser <end-of-life>
CVE-2015-6771 (js/array.js in Google V8, as used in Google Chrome before 47.0.2526.73 ...)
{DSA-3415-1}
- - libv8-3.14 <unfixed> (unimportant)
+ - libv8-3.14 <removed> (unimportant)
NOTE: libv8 not covered by security support
- chromium-browser 47.0.2526.73-1
[wheezy] - chromium-browser <end-of-life>
@@ -184149,7 +184149,7 @@ CVE-2015-6765 (Use-after-free vulnerability in content/browser/appcache/appcache
[squeeze] - chromium-browser <end-of-life>
CVE-2015-6764 (The BasicJsonStringifier::SerializeJSArray function in json-stringifie ...)
{DSA-3415-1}
- - libv8-3.14 <unfixed> (unimportant)
+ - libv8-3.14 <removed> (unimportant)
NOTE: libv8 not covered by security support
- nodejs 4.2.3~dfsg-1 (bug #806385)
[jessie] - nodejs <not-affected> (0.10 series not affected)
@@ -193524,7 +193524,7 @@ CVE-2015-3336 (Google Chrome before 42.0.2311.90 does not always ask the user be
- chromium-browser 42.0.2311.90-1
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
- - libv8-3.14 <unfixed> (unimportant)
+ - libv8-3.14 <removed> (unimportant)
NOTE: libv8 not covered by security support
CVE-2015-3335 (The NaClSandbox::InitializeLayerTwoSandbox function in components/nacl ...)
- chromium-browser <not-affected> (native client support not built)
@@ -193538,7 +193538,7 @@ CVE-2015-3333 (Multiple unspecified vulnerabilities in Google V8 before 4.2.77.1
- chromium-browser 42.0.2311.90-1
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
- - libv8-3.14 <unfixed> (unimportant)
+ - libv8-3.14 <removed> (unimportant)
NOTE: libv8 not covered by security support
CVE-2015-3340 (Xen 4.2.x through 4.5.x does not initialize certain fields, which allo ...)
{DSA-3414-1}
@@ -197178,7 +197178,7 @@ CVE-2015-2238 (Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21
- chromium-browser 41.0.2272.76-1
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
- - libv8-3.14 <unfixed> (unimportant)
+ - libv8-3.14 <removed> (unimportant)
NOTE: libv8 not covered by security support
CVE-2015-2237 (Multiple SQL injection vulnerabilities in Betster (aka PHP Betoffice) ...)
NOT-FOR-US: Betster
@@ -200161,7 +200161,7 @@ CVE-2015-1304 (object-observe.js in Google V8, as used in Google Chrome before 4
[jessie] - chromium-browser <no-dsa> (minor issue)
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
- - libv8-3.14 <unfixed> (unimportant)
+ - libv8-3.14 <removed> (unimportant)
NOTE: libv8 not covered by security support
CVE-2015-1303 (bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome bef ...)
{DSA-3376-1}
@@ -200233,7 +200233,7 @@ CVE-2015-1291 (The ContainerNode::parserRemoveChild function in core/dom/Contain
CVE-2015-1290 (The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and ...)
- chromium-browser 44.0.2403.89-1
[wheezy] - chromium-browser <end-of-life>
- - libv8-3.14 <unfixed> (unimportant)
+ - libv8-3.14 <removed> (unimportant)
NOTE: libv8 not covered by security support
CVE-2015-1289 (Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403 ...)
{DSA-3315-1}
@@ -200546,7 +200546,7 @@ CVE-2015-1230 (The getHiddenProperty function in bindings/core/v8/V8EventListene
- chromium-browser 41.0.2272.76-1
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
- - libv8-3.14 <unfixed> (unimportant)
+ - libv8-3.14 <removed> (unimportant)
NOTE: libv8 not covered by security support
CVE-2015-1229 (net/http/proxy_client_socket.cc in Google Chrome before 41.0.2272.76 d ...)
- chromium-browser 41.0.2272.76-1
@@ -200792,7 +200792,7 @@ CVE-2015-1346 (Multiple unspecified vulnerabilities in Google V8 before 3.30.33.
- chromium-browser 40.0.2214.91-1
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2015-1345 (The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows ...)
- grep 2.20-4.1 (low; bug #776039)
@@ -208916,7 +208916,7 @@ CVE-2014-7939 (Google Chrome before 40.0.2214.91, when the Harmony proxy in Goog
- chromium-browser 40.0.2214.91-1
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2014-7938 (The Fonts implementation in Google Chrome before 40.0.2214.91 allows r ...)
- chromium-browser 40.0.2214.91-1
@@ -208962,7 +208962,7 @@ CVE-2014-7931 (factory.cc in Google V8, as used in Google Chrome before 40.0.221
- chromium-browser 40.0.2214.91-1
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2014-7930 (Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp ...)
- chromium-browser 40.0.2214.91-1
@@ -208976,13 +208976,13 @@ CVE-2014-7928 (hydrogen.cc in Google V8, as used Google Chrome before 40.0.2214.
- chromium-browser 40.0.2214.91-1
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2014-7927 (The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-l ...)
- chromium-browser 40.0.2214.91-1
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2014-7926 (The Regular Expressions package in International Components for Unicod ...)
{DSA-3187-1 DLA-219-1}
@@ -209190,7 +209190,7 @@ CVE-2014-7967 (Multiple unspecified vulnerabilities in Google V8 before 3.28.71.
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
- chromium-browser 38.0.2125.101-1
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
@@ -210745,7 +210745,7 @@ CVE-2014-7192 (Eval injection vulnerability in index.js in the syntax-error pack
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773623)
+ - libv8-3.14 <removed> (unimportant; bug #773623)
NOTE: libv8 not covered by security support
CVE-2014-7191 (The qs module before 1.0.0 in Node.js does not call the compact functi ...)
- node-qs 2.2.4-1
@@ -220734,7 +220734,7 @@ CVE-2014-3199 (The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
- chromium-browser 38.0.2125.101-1
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
@@ -220753,7 +220753,7 @@ CVE-2014-3195 (Google V8, as used in Google Chrome before 38.0.2125.101, does no
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
- chromium-browser 38.0.2125.101-1
[wheezy] - chromium-browser <end-of-life>
[squeeze] - chromium-browser <end-of-life>
@@ -220789,7 +220789,7 @@ CVE-2014-3188 (Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2014-3187 (Google Chrome before 37.0.2062.60 and 38.x before 38.0.2125.59 on iOS ...)
- chromium-browser <not-affected> (only affects versions supporting Apple's facetime)
@@ -220944,7 +220944,7 @@ CVE-2014-3152 (Integer underflow in the LCodeGen::PrepareKeyedOperand function i
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2014-3151
RESERVED
@@ -224798,7 +224798,7 @@ CVE-2014-1736 (Integer overflow in api.cc in Google V8, as used in Google Chrome
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2014-1735 (Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33, a ...)
{DSA-2920-1}
@@ -224807,7 +224807,7 @@ CVE-2014-1735 (Multiple unspecified vulnerabilities in Google V8 before 3.24.35.
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2014-1734 (Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847 ...)
{DSA-2920-1}
@@ -224832,7 +224832,7 @@ CVE-2014-1730 (Google V8, as used in Google Chrome before 34.0.1847.131 on Windo
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2014-1729 (Multiple unspecified vulnerabilities in Google V8 before 3.24.35.22, a ...)
{DSA-2905-1}
@@ -224841,7 +224841,7 @@ CVE-2014-1729 (Multiple unspecified vulnerabilities in Google V8 before 3.24.35.
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2014-1728 (Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847 ...)
{DSA-2905-1}
@@ -224898,7 +224898,7 @@ CVE-2014-1717 (Google V8, as used in Google Chrome before 34.0.1847.116, does no
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2014-1716 (Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype f ...)
{DSA-2905-1}
@@ -224907,7 +224907,7 @@ CVE-2014-1716 (Cross-site scripting (XSS) vulnerability in the Runtime_SetProtot
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2014-1715 (Directory traversal vulnerability in Google Chrome before 33.0.1750.15 ...)
{DSA-2883-1}
@@ -224940,7 +224940,7 @@ CVE-2014-1705 (Google V8, as used in Google Chrome before 33.0.1750.152 on OS X
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
- libv8 <removed>
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2014-1704 (Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, a ...)
{DSA-2883-1}
@@ -224949,7 +224949,7 @@ CVE-2014-1704 (Multiple unspecified vulnerabilities in Google V8 before 3.23.17.
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2014-1703 (Use-after-free vulnerability in the WebSocketDispatcherHost::SendOrDro ...)
{DSA-2883-1}
@@ -230848,7 +230848,7 @@ CVE-2013-6668 (Multiple unspecified vulnerabilities in Google V8 before 3.24.35.
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2013-6667 (Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750 ...)
{DSA-2883-1}
@@ -230919,7 +230919,7 @@ CVE-2013-6650 (The StoreBuffer::ExemptPopularPages function in store-buffer.cc i
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2013-6649 (Use-after-free vulnerability in the RenderSVGImage::paint function in ...)
{DSA-2862-1}
@@ -230928,7 +230928,7 @@ CVE-2013-6649 (Use-after-free vulnerability in the RenderSVGImage::paint functio
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2013-6648 (SkRegion::setPath in Skia allows remote attackers to cause a denial of ...)
- skia <itp> (bug #818180)
@@ -230977,7 +230977,7 @@ CVE-2013-6638 (Multiple buffer overflows in runtime.cc in Google V8 before 3.22.
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
- chromium-browser 31.0.1650.63-1
[squeeze] - chromium-browser <end-of-life>
NOTE: libv8 not covered by security support
@@ -240609,7 +240609,7 @@ CVE-2013-2919 (Google V8, as used in Google Chrome before 30.0.1599.66, allows r
- libv8 <unfixed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2013-2918 (Use-after-free vulnerability in the RenderBlock::collapseAnonymousBloc ...)
{DSA-2785-1}
@@ -240764,7 +240764,7 @@ CVE-2013-2882 (Google V8, as used in Google Chrome before 28.0.1500.95, allows r
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2013-2881 (Google Chrome before 28.0.1500.95 does not properly handle frames, whi ...)
{DSA-2732-1}
@@ -240937,7 +240937,7 @@ CVE-2013-2838 (Google V8, as used in Google Chrome before 27.0.1453.93, allows r
- libv8 <removed>
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2013-2837 (Use-after-free vulnerability in the SVG implementation in Google Chrom ...)
{DSA-2695-1}
@@ -241386,7 +241386,7 @@ CVE-2013-2632 (Google V8 before 3.17.13, as used in Google Chrome before 27.0.14
- libv8 <removed>
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
- - libv8-3.14 <unfixed> (unimportant; bug #773671)
+ - libv8-3.14 <removed> (unimportant; bug #773671)
NOTE: libv8 not covered by security support
CVE-2013-2631
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5fdacde010227e2a6ab264a7feb7f92361c1b89e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5fdacde010227e2a6ab264a7feb7f92361c1b89e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190816/040f1b82/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list