CVE-2012-2825

Published: 27 June 2012

The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors.

Priority

Status

Package	Release	Status
libxslt Launchpad, Ubuntu, Debian	hardy	Released (1.1.22-1ubuntu1.3)
	lucid	Released (1.1.26-1ubuntu1.1)
	natty	Released (1.1.26-6ubuntu0.1)
	oneiric	Released (1.1.26-7ubuntu0.1)
	precise	Released (1.1.26-8ubuntu1.2)
	upstream	Released (1.1.26-13)
	Patches: vendor: http://git.chromium.org/gitweb/?p=chromium/src.git;a=patch;h=bb7bfb81c158268fb242292b7e0fbd2d3b933d09 upstream: http://git.gnome.org/browse/libxslt/commit/libxslt/xsltutils.h?id=e6a0bc8081271f33b9899eb78e1da1a2a0428419

References

http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
https://rhn.redhat.com/errata/RHSA-2012-1265.html
https://ubuntu.com/security/notices/USN-1595-1
https://www.cve.org/CVERecord?id=CVE-2012-2825
NVD
Launchpad
Debian

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=679283
http://code.google.com/p/chromium/issues/detail?id=127417
https://launchpad.net/bugs/1018204

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›