** Description changed: - CVE-2012-2842 (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2842) - Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counter handling. + The Stable channel has been updated to 20.0.1132.57 for Windows, Mac, + Linux, and Chrome Frame. Along with below mentioned security fixes, this + build contains an update to Flash player, v8 (3.10.8.20) and couple of + stability/bug fixes. - CVE-2012-2843 (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2843) - Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking. - CVE-2012-2844 (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2844) - The PDF functionality in Google Chrome before 20.0.1132.57 does not properly handle JavaScript code, which allows remote attackers to cause a denial of service (incorrect object access) or possibly have unspecified other impact via a crafted document. + Security fixes and rewards: + + Please see the Chromium security page for more detail. Note that the + referenced bugs may be kept private until a majority of our users are up + to date with the fix. + + [$1000] [129898] High CVE-2012-2842: Use-after-free in counter handling. Credit to miaubiz. + [$1000] [130595] High CVE-2012-2843: Use-after-free in layout height tracking. Credit to miaubiz. + [133450] High CVE-2012-2844: Bad object access with JavaScript in PDF. Credit to Alexey Samsonov of Google. + + http://googlechromereleases.blogspot.com/2012/07/stable-channel- + update.html
** No longer affects: libv8 (Ubuntu) ** Bug watch added: Gentoo Bugzilla #426204 https://bugs.gentoo.org/show_bug.cgi?id=426204 ** Also affects: gentoo via https://bugs.gentoo.org/show_bug.cgi?id=426204 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1025111 Title: (CVE-2012-2842) <chromium-browser-20.0.1132.57 : use-after-free vulnerability (CVE-2012-{2842,2843,2844}) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1025111/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
