(CVE-2012-2842) <chromium-browser-20.0.1132.57 : use-after-free vulnerability (CVE-2012-{2842,2843,2844})
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Gentoo Linux |
Fix Released
|
Medium
|
|||
chromium-browser (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
The Stable channel has been updated to 20.0.1132.57 for Windows, Mac, Linux, and Chrome Frame. Along with below mentioned security fixes, this build contains an update to Flash player, v8 (3.10.8.20) and couple of stability/bug fixes.
Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
[$1000] [129898] High CVE-2012-2842: Use-after-free in counter handling. Credit to miaubiz.
[$1000] [130595] High CVE-2012-2843: Use-after-free in layout height tracking. Credit to miaubiz.
[133450] High CVE-2012-2844: Bad object access with JavaScript in PDF. Credit to Alexey Samsonov of Google.
http://
summary: |
(CVE-2012-2842) <www-client/chromium-20.0.1132.57 : use-after-free - vulnerability (CVE-2012-{2842,2843}) + vulnerability (CVE-2012-{2842,2843,2844}) |
description: | updated |
visibility: | private → public |
summary: |
- (CVE-2012-2842) <www-client/chromium-20.0.1132.57 : use-after-free + (CVE-2012-2842) <chromium-browser-20.0.1132.57 : use-after-free vulnerability (CVE-2012-{2842,2843,2844}) |
description: | updated |
no longer affects: | libv8 (Ubuntu) |
Changed in gentoo: | |
importance: | Unknown → Medium |
Changed in chromium-browser (Ubuntu): | |
status: | Incomplete → Confirmed |
Changed in gentoo: | |
status: | Unknown → Fix Released |
Release notes in URL.