From ${URL} : Common Vulnerabilities and Exposures assigned an identifier CVE-2013-2632 to the following vulnerability: Name: CVE-2013-2632 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2632 Assigned: 20130321 Reference: http://code.google.com/p/v8/source/browse/trunk/ChangeLog Reference: http://googlechromereleases.blogspot.com/2013/03/dev-channel-update_18.html Reference: https://code.google.com/p/chromium/issues/detail?id=194749 Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by the Bejeweled game.
This is a hard masked v8 versions, and old versions of v8 seem unaffected. My recommendation for the Security Team is to close this bug.
(In reply to comment #1) > This is a hard masked v8 versions, and old versions of v8 seem unaffected. > > My recommendation for the Security Team is to close this bug. According to the CVE description, this affects <dev-lang/v8-3.17.15.3 which does not appear to be hard masked. Can this be stabilized?
(In reply to comment #2) > According to the CVE description, this affects <dev-lang/v8-3.17.15.3 which > does not appear to be hard masked. Can this be stabilized? Per comment 1, versions of v8 before the 3.17 series are not affected.
CVE-2013-2632 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2632): Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by the Bejeweled game.
If this only affected hardmasked versions, then nothing left. Closing noglsa.
