Document new vulnerabilities in www/chromium < 37.0.2062.120
Carlos Jacobo Puga Medina
cpm at fbsd.es
Wed Sep 10 07:55:17 UTC 2014
Current www/chromium is marked as vulnerable on Google Chrome website [1]. Added a new entry in vuxml.
diff -urN vuln.xml.old vuln.xml
--- vuln.xml.old 2014-09-10 09:24:32.000000000 +0200
+++ vuln.xml 2014-09-10 09:37:49.000000000 +0200
@@ -57,6 +57,39 @@
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="86508b1d-38bb-11e4-827c-000c6e25e3e9">
+ <topic>chromium -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>chromium</name>
+ <range><lt>37.0.2062.120</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Google Chrome Releases reports:</p>
+ <blockquote cite="http://googlechromereleases.blogspot.nl">
+ <p>4 security fixes in this release, including:</p>
+ <ul>
+ <li>[401362] High CVE-2014-3178: Use-after-free in rendering. Credit
+ to miaubiz.</li>
+ <li>[411014] CVE-2014-3179: Various fixes from internal audits, fuzzing
+ and other initiatives.</li>
+ </ul>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2014-3178</cvename>
+ <cvename>CVE-2014-3179</cvename>
+ <url>http://googlechromereleases.blogspot.nl</url>
+ </references>
+ <dates>
+ <discovery>2014-09-09</discovery>
+ <entry>2014-09-10</entry>
+ </dates>
+ </vuln>
+
<vuln vid="6318b303-3507-11e4-b76c-0011d823eebd">
<topic>trafficserver -- unspecified vulnerability</topic>
<affects>
[1] http://googlechromereleases.blogspot.nl
--
Carlos Jacobo Puga Medina <cpm at fbsd.es>
More information about the freebsd-chromium
mailing list