From nobody Wed Oct 12 10:23:35 2022 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4MnTJR4Csxz4f020; Wed, 12 Oct 2022 10:23:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4MnTJR3Zl7z3mJB; Wed, 12 Oct 2022 10:23:35 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1665570215; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wivQPmozzlDY2+6o5DsyG01QgtTopyFQ3gDtyenB7h4=; b=sgau4mzfrwguSs1gK3dU2nwaOWqf7Bgk/VpLLyGcrJO7R8h740tSZQNlCOcnPj55/peZAj OylKCT+EUVcErfJ1nrTiy/IAXFOUexisPGbVwhH5z1RMY4PGQyFobI0O47+3nd94YTonT+ 20kTQToJfFE6xFiufMOqXx4/PnFjYmGHsZYfKbbnPtzYJsVRmcZDyEfe0FWXyIy2aG/5C/ Pv0JJGwfxBd7v3oeifPmM15eoCxBnjjJ7R6mNLVbyD/cSFO2ToJ07fSjzJURZQYFHO3hUj OBErdPTGM5+nY11TLwR3l2AhBt9w6SghEHhWF0B58fxs1SidabB6HWfE6RCpig== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4MnTJR2bQRz1H41; Wed, 12 Oct 2022 10:23:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 29CANZRn032800; Wed, 12 Oct 2022 10:23:35 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 29CANZ3b032799; Wed, 12 Oct 2022 10:23:35 GMT (envelope-from git) Date: Wed, 12 Oct 2022 10:23:35 GMT Message-Id: <202210121023.29CANZ3b032799@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Rene Ladan Subject: git: 4bead3ae04aa - main - security/vuxml: add www/*chromium < 106.0.5249.119 List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: rene X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 4bead3ae04aa04a1b829854d948b0eac1f23dc73 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1665570215; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wivQPmozzlDY2+6o5DsyG01QgtTopyFQ3gDtyenB7h4=; b=iPu0S6gi7fLrtjamX58zxDnQWE57PvqGpiQB0WRyFreZyUB+p3Jyu38ZFdSLQ5Po484SzF 5A2s66Jb+eZ2ecrbuqk6nGlkuc8PyTRrT+aMIUj8bjrwMRKRmu04so8lYDlpkT3j207yMl pzUAUH0ZF38uWEyFaQeObfMuL+QhaibW+kUUJUoc54rYj6LKC007oWQinOBQiodkHXjOmt 24F8YiOMy4qVefqjgL5iLzMVLT/r8zolpCKgVPXr/o1Sibs8j+PCd5aKfTAFpJ53zjurEF dlIgk9MLEWdlLm8FAyHLn4IMreO7KpLIt0ExL84kOtnYfV8v89mGYAHMT1OhFw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1665570215; a=rsa-sha256; cv=none; b=dsXbhdh+GVfqg6nnjkJTxPhIDJlGkUTs+Yr5O0fkDBAJd3u7oti3sauTE8LQv9HJgHqn8i 3TNS6eHNsCgC8tBMtPt12und9ULFR66h5ILcRvN7ZXrd/xOJFLEHrrZ2u2Ab45V05KS7P1 l2+38zSe9aLlL9550dPdt1CesPPH4MfwTiwgVILfUXann8NLQXlFT2APYHG4883aw6aIVx qQx13msQopoGyaEoGecccCa7HIZBtK5SOq287JBZmrXQkX7/nHttdN2PyKBhw0+HGjdGz7 xFAxQSnwfkJNHytA3oPb3epUchyk6emmv9JMtAaAEmo6qe3Oq+SovDRdXeUL/A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by rene: URL: https://cgit.FreeBSD.org/ports/commit/?id=4bead3ae04aa04a1b829854d948b0eac1f23dc73 commit 4bead3ae04aa04a1b829854d948b0eac1f23dc73 Author: Rene Ladan AuthorDate: 2022-10-12 10:22:22 +0000 Commit: Rene Ladan CommitDate: 2022-10-12 10:23:11 +0000 security/vuxml: add www/*chromium < 106.0.5249.119 Obtained from: https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_11.html --- security/vuxml/vuln-2022.xml | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml index b95b7613d895..c1f2644974d7 100644 --- a/security/vuxml/vuln-2022.xml +++ b/security/vuxml/vuln-2022.xml @@ -1,3 +1,46 @@ + + chromium -- mulitple vulnerabilities + + + chromium + 106.0.5249.119 + + + ungoogled-chromium + 106.0.5249.119 + + + + +

Chrome Releases reports:

+
+

This release contains 6 security fixes:

+
    +
  • [1364604] High CVE-2022-3445: Use after free in Skia. Reported by Nan Wang (@eternalsakura13) and Yong Liu of 360 Vulnerability Research Institute on 2022-09-16
  • +
  • [1368076] High CVE-2022-3446: Heap buffer overflow in WebSQL. Reported by Kaijie Xu (@kaijieguigui) on 2022-09-26
  • +
  • [1366582] High CVE-2022-3447: Inappropriate implementation in Custom Tabs. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2022-09-22
  • +
  • [1363040] High CVE-2022-3448: Use after free in Permissions API. Reported by raven at KunLun lab on 2022-09-13
  • +
  • [1364662] High CVE-2022-3449: Use after free in Safe Browsing. Reported by asnine on 2022-09-17
  • +
  • [1369882] High CVE-2022-3450: Use after free in Peer Connection. Reported by Anonymous on 2022-09-30
  • +
+
+ +
+ + CVE-2022-3445 + CVE-2022-3446 + CVE-2022-3447 + CVE-2022-3448 + CVE-2022-3449 + CVE-2022-3450 + https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_11.html + + + 2022-10-11 + 2022-10-12 + +
+ samba -- Multiple vulnerabilities