Your message dated Fri, 16 Aug 2019 17:27:43 +0000
with message-id <[email protected]>
and subject line Bug#934734: Removed package(s) from unstable
has caused the Debian Bug report #773671,
regarding libv8-3.14: multiple security issues
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
773671: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773671
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
package: src:libv8-3.14
severity: grave
tags: security
Hi,
the following vulnerabilities were published for libv8-3.14.
CVE-2013-2632[0]:
| Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3,
| allows remote attackers to cause a denial of service (application
| crash) or possibly have unspecified other impact via crafted
| JavaScript code, as demonstrated by the Bejeweled game.
CVE-2013-2838[1]:
| Google V8, as used in Google Chrome before 27.0.1453.93, allows remote
| attackers to cause a denial of service (out-of-bounds read) via
| unspecified vectors.
CVE-2013-2882[2]:
| Google V8, as used in Google Chrome before 28.0.1500.95, allows remote
| attackers to cause a denial of service or possibly have unspecified
| other impact via vectors that leverage "type confusion."
CVE-2013-2919[3]:
| Google V8, as used in Google Chrome before 30.0.1599.66, allows remote
| attackers to cause a denial of service (memory corruption) or possibly
| have unspecified other impact via unknown vectors.
CVE-2013-6638[4]:
| Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7,
| as used in Google Chrome before 31.0.1650.63, allow remote attackers
| to cause a denial of service or possibly have unspecified other impact
| via vectors that trigger a large typed array, related to the (1)
| Runtime_TypedArrayInitialize and (2)
| Runtime_TypedArrayInitializeFromArrayLike functions.
CVE-2013-6639[5]:
| The DehoistArrayIndex function in hydrogen-dehoist.cc (aka
| hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome
| before 31.0.1650.63, allows remote attackers to cause a denial of
| service (out-of-bounds write) or possibly have unspecified other
| impact via JavaScript code that sets the value of an array element
| with a crafted index.
CVE-2013-6640[6]:
| The DehoistArrayIndex function in hydrogen-dehoist.cc (aka
| hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome
| before 31.0.1650.63, allows remote attackers to cause a denial of
| service (out-of-bounds read) via JavaScript code that sets a variable
| to the value of an array element with a crafted index.
CVE-2013-6649[7]:
| Use-after-free vulnerability in the RenderSVGImage::paint function in
| core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google
| Chrome before 32.0.1700.102, allows remote attackers to cause a denial
| of service or possibly have unspecified other impact via vectors
| involving a zero-size SVG image.
CVE-2013-6650[8]:
| The StoreBuffer::ExemptPopularPages function in store-buffer.cc in
| Google V8 before 3.22.24.16, as used in Google Chrome before
| 32.0.1700.102, allows remote attackers to cause a denial of service
| (memory corruption) or possibly have unspecified other impact via
| vectors that trigger incorrect handling of "popular pages."
CVE-2013-6668[9]:
| Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10,
| as used in Google Chrome before 33.0.1750.146, allow attackers to
| cause a denial of service or possibly have other impact via unknown
| vectors.
CVE-2014-1704[10]:
| Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18,
| as used in Google Chrome before 33.0.1750.149, allow attackers to
| cause a denial of service or possibly have other impact via unknown
| vectors.
CVE-2014-1705[11]:
| Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and
| Linux and before 33.0.1750.154 on Windows, allows remote attackers to
| cause a denial of service (memory corruption) or possibly have
| unspecified other impact via unknown vectors.
CVE-2014-1716[12]:
| Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype
| function in runtime.cc in Google V8, as used in Google Chrome before
| 34.0.1847.116, allows remote attackers to inject arbitrary web script
| or HTML via unspecified vectors, aka "Universal XSS (UXSS)."
CVE-2014-1717[13]:
| Google V8, as used in Google Chrome before 34.0.1847.116, does not
| properly use numeric casts during handling of typed arrays, which
| allows remote attackers to cause a denial of service (out-of-bounds
| array access) or possibly have unspecified other impact via crafted
| JavaScript code.
CVE-2014-1717[14]:
| Google V8, as used in Google Chrome before 34.0.1847.116, does not
| properly use numeric casts during handling of typed arrays, which
| allows remote attackers to cause a denial of service (out-of-bounds
| array access) or possibly have unspecified other impact via crafted
| JavaScript code.
CVE-2014-1729[15]:
| Multiple unspecified vulnerabilities in Google V8 before 3.24.35.22,
| as used in Google Chrome before 34.0.1847.116, allow attackers to
| cause a denial of service or possibly have other impact via unknown
| vectors.
CVE-2014-1730[16]:
| Google V8, as used in Google Chrome before 34.0.1847.131 on Windows
| and OS X and before 34.0.1847.132 on Linux, does not properly store
| internationalization metadata, which allows remote attackers to bypass
| intended access restrictions by leveraging "type confusion" and
| reading property values, related to i18n.js and runtime.cc.
CVE-2014-1735[17]:
| Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33,
| as used in Google Chrome before 34.0.1847.131 on Windows and OS X and
| before 34.0.1847.132 on Linux, allow attackers to cause a denial of
| service or possibly have other impact via unknown vectors.
CVE-2014-1736[18]:
| Integer overflow in api.cc in Google V8, as used in Google Chrome
| before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on
| Linux, allows remote attackers to cause a denial of service or
| possibly have unspecified other impact via a large length value.
CVE-2014-3152[19]:
| Integer underflow in the LCodeGen::PrepareKeyedOperand function in
| arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in
| Google Chrome before 35.0.1916.114, allows remote attackers to cause a
| denial of service or possibly have unspecified other impact via
| vectors that trigger a negative key value.
CVE-2014-3188[20]:
| Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101
| do not properly handle the interaction of IPC and Google V8, which
| allows remote attackers to execute arbitrary code via vectors
| involving JSON data, related to improper parsing of an escaped index
| by ParseJsonObject in json-parser.h.
CVE-2014-3195[21]:
| Google V8, as used in Google Chrome before 38.0.2125.101, does not
| properly track JavaScript heap-memory allocations as allocations of
| uninitialized memory and does not properly concatenate arrays of
| double-precision floating-point numbers, which allows remote attackers
| to obtain sensitive information via crafted JavaScript code, related
| to the PagedSpace::AllocateRaw and NewSpace::AllocateRaw functions in
| heap/spaces-inl.h, the LargeObjectSpace::AllocateRaw function in
| heap/spaces.cc, and the Runtime_ArrayConcat function in runtime.cc.
CVE-2014-3199[22]:
| The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the
| V8 bindings in Blink, as used in Google Chrome before 38.0.2125.101,
| has an erroneous fallback outcome for wrapper-selection failures,
| which allows remote attackers to cause a denial of service via vectors
| that trigger stopping a worker process that had been handling an Event
| object.
CVE-2014-7967[23]:
| Multiple unspecified vulnerabilities in Google V8 before 3.28.71.15,
| as used in Google Chrome before 38.0.2125.101, allow attackers to
| cause a denial of service or possibly have other impact via unknown
| vectors.
These are basically untriaged since libv8 hasn't had security support
in the past. It's up to you to get them triaged and fixed for that to
start.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2013-2632
[1] https://security-tracker.debian.org/tracker/CVE-2013-2838
[2] https://security-tracker.debian.org/tracker/CVE-2013-2882
[3] https://security-tracker.debian.org/tracker/CVE-2013-2919
[4] https://security-tracker.debian.org/tracker/CVE-2013-6638
[5] https://security-tracker.debian.org/tracker/CVE-2013-6639
[6] https://security-tracker.debian.org/tracker/CVE-2013-6640
[7] https://security-tracker.debian.org/tracker/CVE-2013-6649
[8] https://security-tracker.debian.org/tracker/CVE-2013-6650
[9] https://security-tracker.debian.org/tracker/CVE-2013-6668
[10] https://security-tracker.debian.org/tracker/CVE-2014-1704
[11] https://security-tracker.debian.org/tracker/CVE-2014-1705
[12] https://security-tracker.debian.org/tracker/CVE-2014-1716
[13] https://security-tracker.debian.org/tracker/CVE-2014-1717
[14] https://security-tracker.debian.org/tracker/CVE-2014-1717
[15] https://security-tracker.debian.org/tracker/CVE-2014-1729
[16] https://security-tracker.debian.org/tracker/CVE-2014-1730
[17] https://security-tracker.debian.org/tracker/CVE-2014-1735
[18] https://security-tracker.debian.org/tracker/CVE-2014-1736
[19] https://security-tracker.debian.org/tracker/CVE-2014-3152
[20] https://security-tracker.debian.org/tracker/CVE-2014-3188
[21] https://security-tracker.debian.org/tracker/CVE-2014-3195
[22] https://security-tracker.debian.org/tracker/CVE-2014-3199
[23] https://security-tracker.debian.org/tracker/CVE-2014-7967
Please adjust the affected versions in the BTS as needed.
--- End Message ---
--- Begin Message ---
Version: 3.14.5.8-11+rm
Dear submitter,
as the package libv8-3.14 has just been removed from the Debian archive
unstable we hereby close the associated bug reports. We are sorry
that we couldn't deal with your issue properly.
For details on the removal, please see https://bugs.debian.org/934734
The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.
This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
[email protected].
Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)
--- End Message ---
--
Pkg-javascript-devel mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-javascript-devel
