Release notes in URL. Not sure about CVE-2012-5127; we use the system libwebp.
Please stabilize on amd64 and x86. There is a unit test failure (bug 442142), but I don't think it should block this. =www-client/chromium-23.0.1271.64 =dev-lang/v8-3.13.7.5
(In reply to comment #0) > Not sure about CVE-2012-5127; we use the system libwebp. We should get system libwebp patched. (In reply to comment #1) > There is a unit test failure (bug 442142), but I don't think it should block > this. That's right, let's stabilize this provided the browser is usable. I'll take a more detailed look at the test failure later, thanks for filing the bug.
(In reply to comment #2) > We should get system libwebp patched. > Based on the NEWS file, I suspect this is fixed in libwebp-0.2.1. http://git.chromium.org/gitweb/?p=webm/libwebp.git;a=blob;f=NEWS;h=0b40d5289782b0eb120991d89ec3be3ec5adabd4;hb=HEAD
x86 and amd64 stable
CVE-2012-5128 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5128): Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, does not properly perform write operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2012-5127 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5127): Integer overflow in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted WebP image. CVE-2012-5126 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5126): Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of plug-in placeholders. CVE-2012-5125 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5125): Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of extension tabs. CVE-2012-5124 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5124): Google Chrome before 23.0.1271.64 does not properly handle textures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. CVE-2012-5123 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5123): Skia, as used in Google Chrome before 23.0.1271.64, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2012-5122 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5122): Google Chrome before 23.0.1271.64 does not properly perform a cast of an unspecified variable during handling of input, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2012-5121 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5121): Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video layout. CVE-2012-5120 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5120): Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to an array. CVE-2012-5119 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5119): Race condition in Pepper, as used in Google Chrome before 23.0.1271.64, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to buffers. CVE-2012-5118 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5118): Google Chrome before 23.0.1271.64 on Mac OS X does not properly validate an integer value during the handling of GPU command buffers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2012-5117 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5117): Google Chrome before 23.0.1271.64 does not properly restrict the loading of an SVG subresource in the context of an IMG element, which has unspecified impact and remote attack vectors. CVE-2012-5116 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5116): Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG filters.
Filed a new GLSA request.
CVE-2012-5127 handled in bug #442152 . CVE-2012-5118 is Mac OS X specific. GLSA draft ready.
This issue was resolved and addressed in GLSA 201309-16 at http://security.gentoo.org/glsa/glsa-201309-16.xml by GLSA coordinator Sean Amoss (ackle).
CVE-2012-5119 marked NFU. See bug 486014.