diff options
| author | rene <rene@FreeBSD.org> | 2013-06-05 06:30:28 +0800 |
|---|---|---|
| committer | rene <rene@FreeBSD.org> | 2013-06-05 06:30:28 +0800 |
| commit | 2a7ad563b1da63fae503d42d1b7ece68552e9ff4 (patch) | |
| tree | 1dd7b05ed4532047ecb03bc8f3b2034e3cde23dc /security/vuxml | |
| parent | d8fd601899c6c5ac6d158cd304073bc602e2ad9e (diff) | |
| download | freebsd-ports-gnome-2a7ad563b1da63fae503d42d1b7ece68552e9ff4.tar.gz freebsd-ports-gnome-2a7ad563b1da63fae503d42d1b7ece68552e9ff4.tar.zst freebsd-ports-gnome-2a7ad563b1da63fae503d42d1b7ece68552e9ff4.zip | |
Document vulnerabilities in www/chromium < 27.0.1453.110
Obtained from: http://googlechromereleases.blogspot.nl/
Diffstat (limited to 'security/vuxml')
| -rw-r--r-- | security/vuxml/vuln.xml | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 65f1becdc807..8a8b0b195def 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -51,6 +51,65 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="4865d189-cd62-11e2-ae11-00262d5ed8ee"> + <topic>chromium -- multiple vulnerabilities</topic> + <affects> + <package> + <name>chromium</name> + <range><lt>27.0.1453.110</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Google Chrome Releases reports:</p> + <blockquote cite="http://googlechromereleases.blogspot.nl/"> + <p>[242322] Medium CVE-2013-2855: Memory corruption in dev tools API. + Credit to "daniel.zulla".</p> + <p>[242224] High CVE-2013-2856: Use-after-free in input handling. + Credit to miaubiz.</p> + <p>[240124] High CVE-2013-2857: Use-after-free in image handling. + Credit to miaubiz.</p> + <p>[239897] High CVE-2013-2858: Use-after-free in HTML5 Audio. Credit + to "cdel921".</p> + <p>[237022] High CVE-2013-2859: Cross-origin namespace pollution. + to "bobbyholley".</p> + <p>[225546] High CVE-2013-2860: Use-after-free with workers accessing + database APIs. Credit to Collin Payne.</p> + <p>[209604] High CVE-2013-2861: Use-after-free with SVG. Credit to + miaubiz.</p> + <p>[161077] High CVE-2013-2862: Memory corruption in Skia GPU + handling. Credit to Atte Kettunen of OUSPG.</p> + <p>[232633] Critical CVE-2013-2863: Memory corruption in SSL socket + handling. Credit to Sebastian Marchand of the Chromium development + community.</p> + <p>[239134] High CVE-2013-2864: Bad free in PDF viewer. Credit to + Mateusz Jurczyk, with contributions by Gynvael Coldwind, both from + Google Security Team.</p> + <p>[246389] High CVE-2013-2865: Various fixes from internal audits, + fuzzing and other initiatives.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2013-2855</cvename> + <cvename>CVE-2013-2856</cvename> + <cvename>CVE-2013-2857</cvename> + <cvename>CVE-2013-2858</cvename> + <cvename>CVE-2013-2859</cvename> + <cvename>CVE-2013-2860</cvename> + <cvename>CVE-2013-2861</cvename> + <cvename>CVE-2013-2862</cvename> + <cvename>CVE-2013-2863</cvename> + <cvename>CVE-2013-2864</cvename> + <cvename>CVE-2013-2865</cvename> + <url>http://googlechromereleases.blogspot.nl/</url> + </references> + <dates> + <discovery>2013-06-04</discovery> + <entry>2013-06-04</entry> + </dates> + </vuln> + <vuln vid="2eebebff-cd3b-11e2-8f09-001b38c3836c"> <topic>xorg -- protocol handling issues in X Window System client libraries</topic> <affects> |