svn commit: r367785 - branches/2014Q3/security/vuxml
Rene Ladan
rene at FreeBSD.org
Tue Sep 9 21:44:38 UTC 2014
Author: rene
Date: Tue Sep 9 21:44:36 2014
New Revision: 367785
URL: http://svnweb.freebsd.org/changeset/ports/367785
QAT: https://qat.redports.org/buildarchive/r367785/
Log:
MFH: r367784
Document new vulnerabilities in www/chromium < 37.0.2062.120
Obtained from: http://googlechromereleases.blogspot.nl/
Approved by: portmgr (erwin)
Modified:
branches/2014Q3/security/vuxml/vuln.xml
Directory Properties:
branches/2014Q3/ (props changed)
Modified: branches/2014Q3/security/vuxml/vuln.xml
==============================================================================
--- branches/2014Q3/security/vuxml/vuln.xml Tue Sep 9 21:27:24 2014 (r367784)
+++ branches/2014Q3/security/vuxml/vuln.xml Tue Sep 9 21:44:36 2014 (r367785)
@@ -57,6 +57,39 @@ Notes:
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="36a415c8-3867-11e4-b522-00262d5ed8ee">
+ <topic>www/chromium -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>chromium</name>
+ <range><lt>37.0.2062.120</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Google Chrome Releases reports:</p>
+ <blockquote cite="http://googlechromereleases.blogspot.nl/">
+ <p>4 security fixes in this release, including:</p>
+ <ul>
+ <li>[401362] High CVE-2014-3178: Use-after-free in rendering.
+ Credit to miaubiz.</li>
+ <li>[411014] CVE-2014-3179: Various fixes from internal audits,
+ fuzzing and other initiatives.</li>
+ </ul>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2014-3178</cvename>
+ <cvename>CVE-2014-3179</cvename>
+ <url>http://googlechromereleases.blogspot.nl/</url>
+ </references>
+ <dates>
+ <discovery>2014-09-09</discovery>
+ <entry>2014-09-09</entry>
+ </dates>
+ </vuln>
+
<vuln vid="6318b303-3507-11e4-b76c-0011d823eebd">
<topic>trafficserver -- unspecified vulnerability</topic>
<affects>
More information about the svn-ports-all
mailing list