** Also affects: thunderbird (Ubuntu)
Importance: Undecided
Status: New
** Also affects: firefox (Ubuntu)
Importance: Undecided
Status: New
** Also affects: firefox-esr (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libwebp in Ubuntu.
https://bugs.launchpad.net/bugs/2035220
Title:
cve-2023-4863
Status in chromium-browser package in Ubuntu:
In Progress
Status in firefox package in Ubuntu:
New
Status in firefox-esr package in Ubuntu:
New
Status in libwebp package in Ubuntu:
New
Status in thunderbird package in Ubuntu:
New
Status in chromium package in Debian:
New
Status in libwebp package in Debian:
New
Bug description:
[$NA][1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP. Reported
by Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at
The University of Torontoʼs Munk School on 2023-09-06
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html
high profile remote vulnerability
themusicgod1@eva1:~$ apt-cache policy chromium-browser
chromium-browser:
Installed: 1:85.0.4183.83-0ubuntu2.22.04.1
Candidate: 1:85.0.4183.83-0ubuntu2.22.04.1
Version table:
current available snap:
chromium 116.0.5845.179
fix is in:
chromium 116.0.5845.187
ubuntu: 22.04.3 LTS jammy
ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: chromium-browser 1:85.0.4183.83-0ubuntu2.22.04.1
ProcVersionSignature: Ubuntu 6.2.0-26.26~22.04.1-generic 6.2.13
Uname: Linux 6.2.0-26-generic x86_64
ApportVersion: 2.20.11-0ubuntu82.5
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: ubuntu:GNOME
Date: Tue Sep 12 08:38:06 2023
DiskUsage:
Filesystem Type Size Used Avail Use% Mounted on
/dev/sda2 ext4 228G 162G 55G 75% /
tmpfs tmpfs 3.9G 66M 3.8G 2% /dev/shm
/dev/sda2 ext4 228G 162G 55G 75% /
InstallationDate: Installed on 2017-04-18 (2337 days ago)
InstallationMedia: Ubuntu 17.04 "Zesty Zapus" - Release amd64 (20170412)
MachineType: MSI MS-7994
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-6.2.0-26-generic
root=UUID=333c5e4f-3f61-4abf-b950-f19431c843d6 ro text
Snap.Changes: no changes found
Snap.ChromeDriverVersion: ChromeDriver 116.0.5845.179
(17ff023f3eb4f6883321db9399bfc65560ef84a9-refs/branch-heads/5845@{#1745})
Snap.ChromiumVersion: Chromium 116.0.5845.179 snap
SourcePackage: chromium-browser
UpgradeStatus: Upgraded to jammy on 2023-06-14 (89 days ago)
dmi.bios.date: 12/16/2016
dmi.bios.release: 5.12
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 5.80
dmi.board.asset.tag: Default string
dmi.board.name: H110M GAMING (MS-7994)
dmi.board.vendor: MSI
dmi.board.version: 1.0
dmi.chassis.asset.tag: Default string
dmi.chassis.type: 3
dmi.chassis.vendor: MSI
dmi.chassis.version: 1.0
dmi.modalias:
dmi:bvnAmericanMegatrendsInc.:bvr5.80:bd12/16/2016:br5.12:svnMSI:pnMS-7994:pvr1.0:rvnMSI:rnH110MGAMING(MS-7994):rvr1.0:cvnMSI:ct3:cvr1.0:skuDefaultstring:
dmi.product.family: Default string
dmi.product.name: MS-7994
dmi.product.sku: Default string
dmi.product.version: 1.0
dmi.sys.vendor: MSI
mtime.conffile..etc.apport.crashdb.conf: 2020-06-07T21:16:26.397404
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/2035220/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
