Your submission was sent successfully! Close

CVE-2012-2893

Published: 26 September 2012

Double free vulnerability in libxslt, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms.

Priority

Medium

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (3.0.1271.97-0ubuntu0.10.04.1)
natty Ignored
(reached end-of-life)
oneiric
Released (3.0.1271.97-0ubuntu0.11.10.1)
precise
Released (3.0.1271.97-0ubuntu0.12.04.1)
quantal
Released (3.0.1271.97-0ubuntu0.12.10.1)
upstream
Released (22.0.1229.79)
libxslt
Launchpad, Ubuntu, Debian
hardy
Released (1.1.22-1ubuntu1.3)
lucid
Released (1.1.26-1ubuntu1.1)
natty
Released (1.1.26-6ubuntu0.1)
oneiric
Released (1.1.26-7ubuntu0.1)
precise
Released (1.1.26-8ubuntu1.2)
quantal Not vulnerable
(1.1.26-14)
upstream Needs triage

Patches:
upstream: http://git.gnome.org/browse/libxslt/commit/?id=54977ed7966847e305a2008cb18892df26eeb065