CVE-2014-7923

Published: 22 January 2015

The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.

Priority

Status

Package	Release	Status
chromium-browser Launchpad, Ubuntu, Debian	lucid	Ignored (reached end-of-life)
	precise	Ignored
	trusty	Does not exist (trusty was released [40.0.2214.94-0ubuntu0.14.04.1.1068])
	upstream	Released (40.0.2214.91)
	utopic	Released (40.0.2214.94-0ubuntu0.14.10.1.1110)
	vivid	Released (40.0.2214.94-0ubuntu1.1120)
	wily	Released (40.0.2214.94-0ubuntu1.1120)
icu Launchpad, Ubuntu, Debian	lucid	Ignored (reached end-of-life)
	precise	Released (4.8.1.1-3ubuntu0.3)
	trusty	Released (52.1-3ubuntu0.2)
	upstream	Released (52.1-7.1)
	utopic	Released (52.1-6ubuntu0.2)
	vivid	Not vulnerable (52.1-7.1)
	wily	Not vulnerable (52.1-7.1)
	Patches: upstream: http://bugs.icu-project.org/trac/changeset/36724
oxide-qt Launchpad, Ubuntu, Debian	lucid	Does not exist
	precise	Does not exist
	trusty	Does not exist (trusty was released [1.4.2-0ubuntu0.14.04.1])
	upstream	Released (1.4.2)
	utopic	Released (1.4.2-0ubuntu0.14.10.1)
	vivid	Released (1.4.2-0ubuntu1)
	wily	Released (1.4.2-0ubuntu1)

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›