diff options
| author | rene <rene@FreeBSD.org> | 2013-08-21 17:29:44 +0800 |
|---|---|---|
| committer | rene <rene@FreeBSD.org> | 2013-08-21 17:29:44 +0800 |
| commit | 0c151a93bf173f30198429f49b0a5d9708551050 (patch) | |
| tree | 767fd10589477ae5a75befb9b7b98c6e84d3a807 /security/vuxml | |
| parent | 4639a580da013b2668f0fb8997d088c1fb204881 (diff) | |
| download | freebsd-ports-gnome-0c151a93bf173f30198429f49b0a5d9708551050.tar.gz freebsd-ports-gnome-0c151a93bf173f30198429f49b0a5d9708551050.tar.zst freebsd-ports-gnome-0c151a93bf173f30198429f49b0a5d9708551050.zip | |
Document new vulnerabilities in www/chromium < 29.0.1547.57
Obtained from: http://googlechromereleases.blogspot.nl/
Diffstat (limited to 'security/vuxml')
| -rw-r--r-- | security/vuxml/vuln.xml | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index b718a3d89ed9..c0bb073f2916 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -51,6 +51,55 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="ae651a4b-0a42-11e3-ba52-00262d5ed8ee"> + <topic>chromium -- multiple vulnerabilities</topic> + <affects> + <package> + <name>chromium</name> + <range><lt>29.0.1547.57</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Google Chrome Releases reports:</p> + <blockquote cite="http://googlechromereleases.blogspot.nl/"> + <p>25 security fixes in this release, including:</p> + <ul> + <li>[181617] High CVE-2013-2900: Incomplete path sanitization in + file handling. Credit to Krystian Bigaj.</li> + <li> [254159] Low CVE-2013-2905: Information leak via overly broad + permissions on shared memory files. Credit to Christian + Jaeger.</li> + <li>[257363] High CVE-2013-2901: Integer overflow in ANGLE. Credit + to Alex Chapman.</li> + <li>[260105] High CVE-2013-2902: Use after free in XSLT. Credit to + cloudfuzzer.</li> + <li>[260156] High CVE-2013-2903: Use after free in media element. + Credit to cloudfuzzer.</li> + <li>[260428] High CVE-2013-2904: Use after free in document + parsing. Credit to cloudfuzzer.</li> + <li>[274602] CVE-2013-2887: Various fixes from internal audits, + fuzzing and other initiatives (Chrome 29).</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2013-2887</cvename> + <cvename>CVE-2013-2900</cvename> + <cvename>CVE-2013-2901</cvename> + <cvename>CVE-2013-2902</cvename> + <cvename>CVE-2013-2903</cvename> + <cvename>CVE-2013-2904</cvename> + <cvename>CVE-2013-2905</cvename> + <url>http://googlechromereleases.blogspot.nl/</url> + </references> + <dates> + <discovery>2013-08-20</discovery> + <entry>2013-08-21</entry> + </dates> + </vuln> + <vuln vid="4d087b35-0990-11e3-a9f4-bcaec565249c"> <topic>gstreamer-ffmpeg -- Multiple vulnerabilities in bundled libav</topic> <affects> |