On 13/09/2012 23:27, Moritz Muehlenhoff wrote: > Package: libv8 > Severity: grave > Tags: security > > Hi, > please check the status of these security issues in libv8. > They were all fixed in Chrome, but it's not clearly from > which Chrome release the libv8 package in Wheezy was cut: > > http://security-tracker.debian.org/tracker/CVE-2011-3111 > http://security-tracker.debian.org/tracker/CVE-2011-3057 > http://security-tracker.debian.org/tracker/CVE-2011-2881 > http://security-tracker.debian.org/tracker/CVE-2011-3115 > http://security-tracker.debian.org/tracker/CVE-2011-3103 > http://security-tracker.debian.org/tracker/CVE-2011-3092 > http://security-tracker.debian.org/tracker/CVE-2011-2875
Hi, the current status of these CVE in libv8 3.8.9.20-1 is : CVE-2011-3111 Fixed in upstream version libv8 3.8.9.23. Those CVE are fixed or not applicable in libv8 3.8.9.20 : CVE-2011-3057 fixed CVE-2011-2881 fixed CVE-2011-3115 affects libv8 >= 3.9 CVE-2011-3103 affects libv8 >= 3.9 CVE-2011-3092 affects libv8 >= 3.9 CVE-2011-2875 fixed I'm preparing a libv8 3.8.9.20-2 package fixing CVE-2011-3111 (and few other bugs). Regards, Jérémy -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org