Candidate: CVE-2014-8154
PublicDate: 2015-01-27 20:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8154
 https://bugzilla.gnome.org/show_bug.cgi?id=678663
Description:
 The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect buffer
 length declaration for the Gstreamer bindings, which allows
 context-dependent attackers to cause a denial of service (crash) or
 possibly execute arbitrary code via unspecified vectors, which trigger a
 heap-based buffer overflow.
Ubuntu-Description:
Notes:
 mdeslaur> introduced by:
 mdeslaur> https://git.gnome.org/browse/vala/commit/vapi/gstreamer-1.0.vapi?id=c4bf7f02c51d84a91768652a490d2389e2e00092
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_vala-0.16:
upstream_vala-0.16: needs-triage
lucid_vala-0.16: DNE
precise_vala-0.16: not-affected (code-not-present)
trusty_vala-0.16: not-affected (code-not-present)
trusty/esm_vala-0.16: DNE (trusty was not-affected [code-not-present])
utopic_vala-0.16: not-affected (code-not-present)
devel_vala-0.16: not-affected (code-not-present)

Patches_vala:
upstream_vala: needs-triage
lucid_vala: ignored (reached end-of-life)
precise_vala: not-affected (code-not-present)
trusty_vala: DNE
trusty/esm_vala: DNE
utopic_vala: DNE
devel_vala: DNE

Patches_vala-0.14:
upstream_vala-0.14: needs-triage
lucid_vala-0.14: DNE
precise_vala-0.14: not-affected (code-not-present)
trusty_vala-0.14: not-affected (code-not-present)
trusty/esm_vala-0.14: DNE (trusty was not-affected [code-not-present])
utopic_vala-0.14: not-affected (code-not-present)
devel_vala-0.14: DNE

Patches_vala-0.26:
 upstream: https://git.gnome.org/browse/vala/commit/?id=3092537db65887e24a3d3e87a27caf9c5295e4f7
upstream_vala-0.26: released (0.26.2)
lucid_vala-0.26: DNE
precise_vala-0.26: DNE
trusty_vala-0.26: DNE
trusty/esm_vala-0.26: DNE
utopic_vala-0.26: DNE
devel_vala-0.26: not-affected (0.26.2-1)

Patches_vala-0.18:
upstream_vala-0.18: needs-triage
lucid_vala-0.18: DNE
precise_vala-0.18: DNE
trusty_vala-0.18: not-affected
trusty/esm_vala-0.18: DNE (trusty was not-affected)
utopic_vala-0.18: not-affected
devel_vala-0.18: not-affected

Patches_vala-0.20:
upstream_vala-0.20: needs-triage
lucid_vala-0.20: DNE
precise_vala-0.20: DNE
trusty_vala-0.20: not-affected
trusty/esm_vala-0.20: DNE (trusty was not-affected)
utopic_vala-0.20: not-affected
devel_vala-0.20: not-affected

Patches_vala-0.22:
upstream_vala-0.22: needs-triage
lucid_vala-0.22: DNE
precise_vala-0.22: DNE
trusty_vala-0.22: not-affected
trusty/esm_vala-0.22: DNE (trusty was not-affected)
utopic_vala-0.22: DNE
devel_vala-0.22: DNE