CVE-2011-3111 was fixed in libv8 3.8.9.20-2 in Debian - can someone please sync?
-- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1004795 Title: (CVE-2011-3083) <chromium-browser-19.0.1084.52, <libv8-3.9.24.28: multiple vulnerabilities (CVE-2011-{3103,3104,3105,3106,3107,3108,3109,3111,3115}) Status in “chromium-browser” package in Ubuntu: Fix Released Status in “libv8” package in Ubuntu: Confirmed Bug description: The Chrome Stable channel has been updated to 19.0.1084.52 on Windows, Mac, Linux and Chrome Frame. Security fixes and rewards: [117409] High CVE-2011-3103: Crashes in v8 garbage collection. Credit to the Chromium development community (Brett Wilson). [118018] Medium CVE-2011-3104: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno). [$1000] [120912] High CVE-2011-3105: Use-after-free in first-letter handling. Credit to miaubiz. [122654] Critical CVE-2011-3106: Browser memory corruption with websockets over SSL. Credit to the Chromium development community (Dharani Govindan). [124625] High CVE-2011-3107: Crashes in the plug-in JavaScript bindings. Credit to the Chromium development community (Dharani Govindan). [$1337] [125159] Critical CVE-2011-3108: Use-after-free in browser cache. Credit to “efbiaiinzinz”. [Linux only] [$1000] [126296] High CVE-2011-3109: Bad cast in GTK UI. Credit to Micha Bartholomé. [126337] [126343] [126378] [127349] [127819] [127868] High CVE-2011-3110: Out of bounds writes in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team. [$500] [126414] Medium CVE-2011-3111: Invalid read in v8. Credit to Christian Holler. [127331] High CVE-2011-3112: Use-after-free with invalid encrypted PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team. [127883] High CVE-2011-3113: Invalid cast with colorspace handling in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team. [128014] High CVE-2011-3114: Buffer overflows with PDF functions. Credit to Google Chrome Security Team (scarybeasts). [$1000] [128018] High CVE-2011-3115: Type corruption in v8. Credit to Christian Holler. http://googlechromereleases.blogspot.com/2012/05/stable-channel- update_23.html To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1004795/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
