Candidate: CVE-2015-1290
PublicDate: 2018-01-09 16:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1290
 http://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.5.1
 http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
 http://lists.opensuse.org/opensuse-updates/2015-12/msg00116.html
 http://www.nsfocus.net/index.php?act=advisory&do=view&adv_id=80
 https://bugs.chromium.org/p/chromium/issues/detail?id=505374
 https://codereview.chromium.org/1233453004
Description:
 The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and
 QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a
 denial of service (memory corruption) or execute arbitrary code via a
 crafted web site.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH]

Patches_chromium-browser:
upstream_chromium-browser: released (44.0.2403.89)
precise/esm_chromium-browser: DNE
trusty_chromium-browser: not-affected (65.0.3325.181-0ubuntu0.14.04.1)
trusty/esm_chromium-browser: DNE (trusty was not-affected [65.0.3325.181-0ubuntu0.14.04.1])
xenial_chromium-browser: not-affected (65.0.3325.181-0ubuntu0.16.04.1)
zesty_chromium-browser: ignored (reached end-of-life)
artful_chromium-browser: not-affected (65.0.3325.181-0ubuntu0.17.10.1)
bionic_chromium-browser: not-affected (65.0.3325.181-0ubuntu1)
cosmic_chromium-browser: not-affected (65.0.3325.181-0ubuntu1)
devel_chromium-browser: not-affected (65.0.3325.181-0ubuntu1)

Patches_oxide-qt:
upstream_oxide-qt: needs-triage
precise/esm_oxide-qt: DNE
trusty_oxide-qt: ignored (Ubuntu touch end-of-life)
trusty/esm_oxide-qt: DNE (trusty was ignored [Ubuntu touch end-of-life])
xenial_oxide-qt: ignored (Ubuntu touch end-of-life)
esm-infra/xenial_oxide-qt: ignored (Ubuntu touch end-of-life)
zesty_oxide-qt: ignored (reached end-of-life)
artful_oxide-qt: ignored (reached end-of-life)
bionic_oxide-qt: DNE
cosmic_oxide-qt: DNE
devel_oxide-qt: DNE