From f8d7fdb243627ea52760df7aa7c476d9fcba9f8a Mon Sep 17 00:00:00 2001 From: rene Date: Wed, 30 Apr 2014 06:42:33 +0000 Subject: Document new vulnerabilities in www/chromium < 34.0.1847.132 Obtained from: http://googlechromereleases.blogspot.nl/ --- security/vuxml/vuln.xml | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 36c96c658355..e11f15302001 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -51,6 +51,54 @@ Note: Please add new entries to the beginning of this file. --> + + chromium -- multiple vulnerabilities + + + chromium + 34.0.1847.132 + + + + +

Google Chrome Releases reports (belatedly):

+
+

9 security fixes in this release, including:

+
    +
  • [354967] High CVE-2014-1730: Type confusion in V8. Credit to + Anonymous.
    • +
  • [349903] High CVE-2014-1731: Type confusion in DOM. Credit to + John Butler.
    • +
  • [359802] High CVE-2014-1736: Integer overflow in V8. Credit to + SkyLined working with HP's Zero Day Initiative.
    • +
  • [352851] Medium CVE-2014-1732: Use-after-free in Speech + Recognition. Credit to Khalil Zhani.
    • +
  • [351103] Medium CVE-2014-1733: Compiler bug in Seccomp-BPF. + Credit to Jed Davis.
    • +
  • [367314] CVE-2014-1734: Various fixes from internal audits, + fuzzing and other initiatives.
    • +
  • [359130, 359525, 360429] CVE-2014-1735: Multiple + vulnerabilities in V8 fixed in version 3.24.35.33.
    • +
+
+ + + + CVE-2014-1730 + CVE-2014-1731 + CVE-2014-1732 + CVE-2014-1733 + CVE-2014-1734 + CVE-2014-1735 + CVE-2014-1736 + http://googlechromereleases.blogspot.nl/ + + + 2014-04-24 + 2014-04-30 + + + mozilla -- multiple vulnerabilities -- cgit