Bug#687574: marked as done (Multiple security issues)

Fri, 28 Sep 2012 17:06:15 -0700 

Your message dated Sat, 29 Sep 2012 00:02:36 +0000
with message-id <[email protected]>
and subject line Bug#687574: fixed in libv8 3.8.9.20-2
has caused the Debian Bug report #687574,
regarding Multiple security issues
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
687574: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687574
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: libv8
Severity: grave
Tags: security

Hi,
please check the status of these security issues in libv8.
They were all fixed in Chrome, but it's not clearly from
which Chrome release the libv8 package in Wheezy was cut:

http://security-tracker.debian.org/tracker/CVE-2011-3111
http://security-tracker.debian.org/tracker/CVE-2011-3057
http://security-tracker.debian.org/tracker/CVE-2011-2881
http://security-tracker.debian.org/tracker/CVE-2011-3115
http://security-tracker.debian.org/tracker/CVE-2011-3103
http://security-tracker.debian.org/tracker/CVE-2011-3092
http://security-tracker.debian.org/tracker/CVE-2011-2875

Cheers,
        Moritz

--- End Message ---
--- Begin Message --- 
Source: libv8
Source-Version: 3.8.9.20-2

We believe that the bug you reported is fixed in the latest version of
libv8, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jérémy Lal <[email protected]> (supplier of updated libv8 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 29 Sep 2012 01:04:06 +0200
Source: libv8
Binary: libv8-dev libv8-3.8.9.20 libv8-dbg
Architecture: source amd64
Version: 3.8.9.20-2
Distribution: unstable
Urgency: low
Maintainer: Debian Javascript Maintainers 
<[email protected]>
Changed-By: Jérémy Lal <[email protected]>
Description: 
 libv8-3.8.9.20 - v8 JavaScript engine - runtime library
 libv8-dbg  - v8 JavaScript engine - debugging symbols
 libv8-dev  - v8 JavaScript engine - development files
Closes: 687574
Changes: 
 libv8 (3.8.9.20-2) unstable; urgency=low
 .
   * Cherry-picked four upstream patches from 3.8.9.29:
     + r11654.patch: fix CVE-2011-3111, closes:bug#687574.
     + r12161.patch: Fix ICs for slow objects with native accessor.
     + r12336.patch: Fix bug in compare IC.
     + r12460.patch: Fix some corner cases in skipping native methods
                     using caller. Fix binding in new Function().
Checksums-Sha1: 
 95ad70ce030f225a64f838b840a358f228bd3257 1494 libv8_3.8.9.20-2.dsc
 f81eb0041fd7fe2d21642ec4b8cb4717021981d4 26810 libv8_3.8.9.20-2.debian.tar.gz
 9e32f1620097819d6556e3cb27bcc370770113df 102308 libv8-dev_3.8.9.20-2_amd64.deb
 c65852a81c7246e9afed72002bb775166b703d73 1421448 
libv8-3.8.9.20_3.8.9.20-2_amd64.deb
 a3b5796b5a8b61455736d9736a2ed481e3670ba7 24919168 
libv8-dbg_3.8.9.20-2_amd64.deb
Checksums-Sha256: 
 addeefb6977cd6e87ef42acf33850916b333e145ae44cae4677132f49cd7bcc2 1494 
libv8_3.8.9.20-2.dsc
 bcc101262c8774e72684202e5a2819c2addf3eb5301c007fa55563999be0b771 26810 
libv8_3.8.9.20-2.debian.tar.gz
 6bf7a001a3d3b32d7195f361bb27dd673761d49e1ca8ab3752eee45b2f0a0fd6 102308 
libv8-dev_3.8.9.20-2_amd64.deb
 d1becaab21163c1634092a57a021751f9a66b14502799e80618d886385b96f0d 1421448 
libv8-3.8.9.20_3.8.9.20-2_amd64.deb
 cee53bb6df6cd8e632e83181549784e4597f231a2117780940ca63fe178e6603 24919168 
libv8-dbg_3.8.9.20-2_amd64.deb
Files: 
 81f4b85b1f83292a02204543a6e2decd 1494 libs optional libv8_3.8.9.20-2.dsc
 facc48a76ca2ecf664aca1563da72658 26810 libs optional 
libv8_3.8.9.20-2.debian.tar.gz
 d3d494d82986d7f48883a98fb2ef56f9 102308 libdevel optional 
libv8-dev_3.8.9.20-2_amd64.deb
 760d50a395350f0c2ed6a4acc67d54e1 1421448 libs optional 
libv8-3.8.9.20_3.8.9.20-2_amd64.deb
 3ab4965f3c7514c2dfa3b75349be1fca 24919168 debug extra 
libv8-dbg_3.8.9.20-2_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlBmMlEACgkQDMRIEQdBQdwEcgCgrTABJOVPL+OTlTval4wzkBZE
c80AoJl/c6k6GB1A1FNPMPYAnEyraIqV
=ueES
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to