From e67e68949163e459bb5f2afd4b0c52d4ad4c663b Mon Sep 17 00:00:00 2001 From: rene Date: Tue, 20 May 2014 20:36:39 +0000 Subject: Document new vulnerabilities in www/chromium < 35.0.1916.114 Obtained from: http://googlechromereleases.blogspot.nl/ MFH: 2014Q2 --- security/vuxml/vuln.xml | 51 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 4b38d22d378b..3db7b9a93770 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -57,6 +57,57 @@ Notes: --> + + chromium -- multiple vulnerabilities + + + chromium + 35.0.1916.114 + + + + +

Google Chrome Releases reports:

+
23 security fixes in this release, including:
+
+
[356653] High CVE-2014-1743: Use-after-free in styles. Credit + to cloudfuzzer.
+
[359454] High CVE-2014-1744: Integer overflow in audio. Credit + to Aaron Staple.
+
[346192] High CVE-2014-1745: Use-after-free in SVG. Credit to + Atte Kettunen of OUSPG.
+
[364065] Medium CVE-2014-1746: Out-of-bounds read in media + filters. Credit to Holger Fuhrmannek.
+
[330663] Medium CVE-2014-1747: UXSS with local MHTML file. + Credit to packagesu.
+
[331168] Medium CVE-2014-1748: UI spoofing with scrollbar. + Credit to Jordan Milne.
+
[374649] CVE-2014-1749: Various fixes from internal audits, + fuzzing and other initiatives.
+
[358057] CVE-2014-3152: Integer underflow in V8 fixed in + version 3.25.28.16.
+
+

+ + + + CVE-2014-1743 + CVE-2014-1744 + CVE-2014-1745 + CVE-2014-1746 + CVE-2014-1747 + CVE-2014-1748 + CVE-2014-1749 + CVE-2014-3152 + http://googlechromereleases.blogspot.nl/ + + + 2014-05-20 + 2014-05-20 + + + chromium -- multiple vulnerabilities -- cgit