Document new vulnerabilities in www/chromium < 37.0.2062.120
René Ladan
rene at freebsd.org
Wed Sep 10 08:14:36 UTC 2014
On 10-09-2014 09:43, Carlos Jacobo Puga Medina wrote:
> Current www/chromium is marked as vulnerable on Google Chrome website [1]. Added a new entry in vuxml.
I already added an entry last night, see r367784
Thanks anyway.
Rene
> diff -urN vuln.xml.old vuln.xml
> --- vuln.xml.old 2014-09-10 09:24:32.000000000 +0200
> +++ vuln.xml 2014-09-10 09:37:49.000000000 +0200
> @@ -57,6 +57,39 @@
>
> -->
> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
> + <vuln vid="86508b1d-38bb-11e4-827c-000c6e25e3e9">
> + <topic>chromium -- multiple vulnerabilities</topic>
> + <affects>
> + <package>
> + <name>chromium</name>
> + <range><lt>37.0.2062.120</lt></range>
> + </package>
> + </affects>
> + <description>
> + <body xmlns="http://www.w3.org/1999/xhtml">
> + <p>Google Chrome Releases reports:</p>
> + <blockquote cite="http://googlechromereleases.blogspot.nl">
> + <p>4 security fixes in this release, including:</p>
> + <ul>
> + <li>[401362] High CVE-2014-3178: Use-after-free in rendering. Credit
> + to miaubiz.</li>
> + <li>[411014] CVE-2014-3179: Various fixes from internal audits, fuzzing
> + and other initiatives.</li>
> + </ul>
> + </blockquote>
> + </body>
> + </description>
> + <references>
> + <cvename>CVE-2014-3178</cvename>
> + <cvename>CVE-2014-3179</cvename>
> + <url>http://googlechromereleases.blogspot.nl</url>
> + </references>
> + <dates>
> + <discovery>2014-09-09</discovery>
> + <entry>2014-09-10</entry>
> + </dates>
> + </vuln>
> +
> <vuln vid="6318b303-3507-11e4-b76c-0011d823eebd">
> <topic>trafficserver -- unspecified vulnerability</topic>
> <affects>
>
> [1] http://googlechromereleases.blogspot.nl
More information about the freebsd-chromium
mailing list