From 47da555d5f5a0911f40d6a5300adda47689c4aed Mon Sep 17 00:00:00 2001 From: rene Date: Wed, 13 Aug 2014 06:43:35 +0000 Subject: Document new vulnerabilities in www/chromium < 36.0.1985.143 Submitted by: Carlos Jacobo Puga Media Obtained from: http://googlechromereleases.blogspot.nl/ MFH: 2014Q3 --- security/vuxml/vuln.xml | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 0fc5db83e4e0..e849ef90d943 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -57,6 +57,42 @@ Notes: --> + + chromium -- multiple vulnerabilities + + + chromium + 36.0.1985.143 + + + + +

Google Chrome Releases reports:

+
12 security fixes in this release, including
+
+
[390174] High CVE-2014-3165: Use-after-free in web sockets. + Credit to Collin Payne.
+
[398925] High CVE-2014-3166: Information disclosure in SPDY. + Credit to Antoine Delignat-Lavaud.
+
[400950] CVE-2014-3167: Various fixes from internal audits, + fuzzing and other initiatives.
+
+

+ + + + CVE-2014-3165 + CVE-2014-3166 + CVE-2014-3167 + http://googlechromereleases.blogspot.nl + + + 2014-08-12 + 2014-08-13 + + + serf -- SSL Certificate Null Byte Poisoning -- cgit