git: 80f064bd900d - main - security/vuxml: Add www/*chromium < 107.0.5304.68
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 25 Oct 2022 20:07:08 UTC
The branch main has been updated by rene:
URL: https://cgit.FreeBSD.org/ports/commit/?id=80f064bd900db48898935bf7decfa6fec2267865
commit 80f064bd900db48898935bf7decfa6fec2267865
Author: Rene Ladan <rene@FreeBSD.org>
AuthorDate: 2022-10-25 20:05:50 +0000
Commit: Rene Ladan <rene@FreeBSD.org>
CommitDate: 2022-10-25 20:05:50 +0000
security/vuxml: Add www/*chromium < 107.0.5304.68
Obtained from: https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html
---
security/vuxml/vuln-2022.xml | 51 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 51 insertions(+)
diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml
index 98df01f0925d..96268541954f 100644
--- a/security/vuxml/vuln-2022.xml
+++ b/security/vuxml/vuln-2022.xml
@@ -1,3 +1,54 @@
+ <vuln vid="b4ef02f4-549f-11ed-8ad9-3065ec8fd3ec">
+ <topic>chromium -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>chromium</name>
+ <range><lt>107.0.5304.68</lt></range>
+ </package>
+ <package>
+ <name>ungoogled-chromium</name>
+ <range><lt>107.0.5304.68</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Chrome Releases reports:</p>
+ <blockquote cite="https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html">
+ <p>This release contains 14 security fixes, including:</p>
+ <ul>
+ <li>[1369871] High CVE-2022-3652: Type Confusion in V8. Reported by srodulv and ZNMchtss at S.S.L Team on 2022-09-30</li>
+ <li>[1354271] High CVE-2022-3653: Heap buffer overflow in Vulkan. Reported by SeongHwan Park (SeHwa) on 2022-08-19</li>
+ <li>[1365330] High CVE-2022-3654: Use after free in Layout. Reported by Sergei Glazunov of Google Project Zero on 2022-09-19</li>
+ <li>[1343384] Medium CVE-2022-3655: Heap buffer overflow in Media Galleries. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-07-11</li>
+ <li>[1345275] Medium CVE-2022-3656: Insufficient data validation in File System. Reported by Ron Masas, Imperva on 2022-07-18</li>
+ <li>[1351177] Medium CVE-2022-3657: Use after free in Extensions. Reported by Omri Bushari, Talon Cyber Security on 2022-08-09</li>
+ <li>[1352817] Medium CVE-2022-3658: Use after free in Feedback service on Chrome OS. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-08-14</li>
+ <li>[1355560] Medium CVE-2022-3659: Use after free in Accessibility. Reported by @ginggilBesel on 2022-08-23</li>
+ <li>[1327505] Medium CVE-2022-3660: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2022-05-20</li>
+ <li>[1350111] Low CVE-2022-3661: Insufficient data validation in Extensions. Reported by Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University on 2022-08-04</li>
+ </ul>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2022-3652</cvename>
+ <cvename>CVE-2022-3653</cvename>
+ <cvename>CVE-2022-3654</cvename>
+ <cvename>CVE-2022-3655</cvename>
+ <cvename>CVE-2022-3656</cvename>
+ <cvename>CVE-2022-3657</cvename>
+ <cvename>CVE-2022-3658</cvename>
+ <cvename>CVE-2022-3659</cvename>
+ <cvename>CVE-2022-3660</cvename>
+ <cvename>CVE-2022-3661</cvename>
+ <url>https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html</url>
+ </references>
+ <dates>
+ <discovery>2022-10-25</discovery>
+ <entry>2022-10-25</entry>
+ </dates>
+ </vuln>
+
<vuln vid="68fcee9b-5259-11ed-89c9-0800276af896">
<topic>Cleartext leak in libudisks</topic>
<affects>