Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

May 2019 Security Update #6122

Merged
merged 13 commits into from
May 14, 2019
Merged

May 2019 Security Update #6122

merged 13 commits into from
May 14, 2019

Conversation

MikeHolman
Copy link
Contributor

Meghana Gupta and others added 12 commits May 13, 2019 10:59
@MikeHolman
[CVE-2019-0922] Type confusion in Edge - Individual
a9ab1aa
@pleath @MikeHolman
[CVE-2019-0924]
6615113
@pleath @MikeHolman
[CVE-2019-0925]
32ca10f
@MikeHolman
[CVE-2019-0911]
a2deba5
@MikeHolman
[CVE-2019-0912]
936a5af
@MikeHolman
[CVE-2019-0927]
87ac2b5
@MikeHolman
[CVE-2019-0933]
1a550c6
@MikeHolman
[CVE-2019-0913][CVE-2019-0914][CVE-2019-0915][CVE-2019-0916]
d85b502
@akroshg @MikeHolman
[CVE-2019-0923] Scripting Engine Memory Corruption - Individual
9725847 
After reparsing the coroutines (generator/async functions) the register which holds yield data has changed.
This is due to scoping structure for debugger.
In order to fix that allow the same scoping numbering for coroutine as well.
Also added a failfast to see if the yield register information is the same before and after reparsing.
@pleath @MikeHolman
[CVE-2019-0917]
b5f8fad
@pleath @MikeHolman
[CVE-2019-0937]
7827e11
@MikeHolman
update chakracore version to 1.11.9
00ff32c
@MikeHolman MikeHolman requested review from pleath and akroshg May 14, 2019 17:20
@akroshg
Copy link
Contributor

akroshg commented May 14, 2019

LGTM

@chakrabot chakrabot merged commit 4594e34 into release/1.11 May 14, 2019
chakrabot pushed a commit that referenced this pull request May 14, 2019
@MikeHolman
[MERGE #6122 @MikeHolman] May 2019 Security Update
d797e3f 
Merge pull request #6122 from pr/MikeHolman/servicing/1905

May 2019 Security Update that addresses the following issues in ChakraCore:

CVE-2019-0911
CVE-2019-0912
CVE-2019-0913
CVE-2019-0914
CVE-2019-0915
CVE-2019-0916
CVE-2019-0917
CVE-2019-0922
CVE-2019-0923
CVE-2019-0924
CVE-2019-0925
CVE-2019-0927
CVE-2019-0933
CVE-2019-0937
chakrabot pushed a commit that referenced this pull request May 14, 2019
@MikeHolman
[1.11>master] [MERGE #6122 @MikeHolman] May 2019 Security Update
1c75087 
Merge pull request #6122 from pr/MikeHolman/servicing/1905

May 2019 Security Update that addresses the following issues in ChakraCore:

CVE-2019-0911
CVE-2019-0912
CVE-2019-0913
CVE-2019-0914
CVE-2019-0915
CVE-2019-0916
CVE-2019-0917
CVE-2019-0922
CVE-2019-0923
CVE-2019-0924
CVE-2019-0925
CVE-2019-0927
CVE-2019-0933
CVE-2019-0937
@MikeHolman MikeHolman deleted the pr/MikeHolman/servicing/1905 branch May 15, 2019 00:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pleath pleath pleath approved these changes

@akroshg akroshg Awaiting requested review from akroshg

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@MikeHolman @akroshg @pleath @chakrabot