Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2014-7948

Published: 22 January 2015

The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcache_update_job.cc in Google Chrome before 40.0.2214.91 proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error, which allows man-in-the-middle attackers to spoof HTML5 application content via a crafted certificate.

Priority

Medium

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
lucid Ignored
(end of life)
precise Ignored

trusty
Released (40.0.2214.94-0ubuntu0.14.04.1.1068)
upstream
Released (40.0.2214.91)
utopic
Released (40.0.2214.94-0ubuntu0.14.10.1.1110)
vivid
Released (40.0.2214.94-0ubuntu1.1120)
wily
Released (40.0.2214.94-0ubuntu1.1120)
oxide-qt
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

trusty
Released (1.4.2-0ubuntu0.14.04.1)
upstream
Released (1.4.2)
utopic
Released (1.4.2-0ubuntu0.14.10.1)
vivid
Released (1.4.2-0ubuntu1)
wily
Released (1.4.2-0ubuntu1)