FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  371804
Date:      2014-10-31
Time:      11:09:17Z
Committer: rea

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
710cd5d5-35cb-11e3-85f9-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

5 security fixes in this release, including:

  • [292422] High CVE-2013-2925: Use after free in XHR. Credit to Atte Kettunen of OUSPG.
  • [294456] High CVE-2013-2926: Use after free in editing. Credit to cloudfuzzer.
  • [297478] High CVE-2013-2927: Use after free in forms. Credit to cloudfuzzer.
  • [305790] High CVE-2013-2928: Various fixes from internal audits, fuzzing and other initiatives.

Discovery 2013-10-15
Entry 2013-10-15
chromium
lt 30.0.1599.101

CVE-2013-2925
CVE-2013-2926
CVE-2013-2927
CVE-2013-2928
http://googlechromereleases.blogspot.nl/
e5414d0c-2ade-11e3-821d-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

50 security fixes in this release, including:

  • [223962][270758][271161][284785][284786] Medium CVE-2013-2906: Races in Web Audio. Credit to Atte Kettunen of OUSPG.
  • [260667] Medium CVE-2013-2907: Out of bounds read in Window.prototype object. Credit to Boris Zbarsky.
  • [265221] Medium CVE-2013-2908: Address bar spoofing related to the “204 No Content” status code. Credit to Chamal de Silva.
  • [265838][279277] High CVE-2013-2909: Use after free in inline-block rendering. Credit to Atte Kettunen of OUSPG.
  • [269753] Medium CVE-2013-2910: Use-after-free in Web Audio. Credit to Byoungyoung Lee of Georgia Tech Information Security Center (GTISC).
  • [271939] High CVE-2013-2911: Use-after-free in XSLT. Credit to Atte Kettunen of OUSPG.
  • [276368] High CVE-2013-2912: Use-after-free in PPAPI. Credit to Chamal de Silva and 41.w4r10r(at)garage4hackers.com.
  • [278908] High CVE-2013-2913: Use-after-free in XML document parsing. Credit to cloudfuzzer.
  • [279263] High CVE-2013-2914: Use after free in the Windows color chooser dialog. Credit to Khalil Zhani.
  • [280512] Low CVE-2013-2915: Address bar spoofing via a malformed scheme. Credit to Wander Groeneveld.
  • [281256] High CVE-2013-2916: Address bar spoofing related to the “204 No Content” status code. Credit to Masato Kinugawa.
  • [281480] Medium CVE-2013-2917: Out of bounds read in Web Audio. Credit to Byoungyoung Lee and Tielei Wang of Georgia Tech Information Security Center (GTISC).
  • [282088] High CVE-2013-2918: Use-after-free in DOM. Credit to Byoungyoung Lee of Georgia Tech Information Security Center (GTISC).
  • [282736] High CVE-2013-2919: Memory corruption in V8. Credit to Adam Haile of Concrete Data.
  • [285742] Medium CVE-2013-2920: Out of bounds read in URL parsing. Credit to Atte Kettunen of OUSPG.
  • [286414] High CVE-2013-2921: Use-after-free in resource loader. Credit to Byoungyoung Lee and Tielei Wang of Georgia Tech Information Security Center (GTISC).
  • [286975] High CVE-2013-2922: Use-after-free in template element. Credit to Jon Butler.
  • [299016] CVE-2013-2923: Various fixes from internal audits, fuzzing and other initiatives (Chrome 30).
  • [275803] Medium CVE-2013-2924: Use-after-free in ICU. Upstream bug here.

Discovery 2013-10-01
Entry 2013-10-01
chromium
lt 30.0.1599.66

CVE-2013-2906
CVE-2013-2907
CVE-2013-2908
CVE-2013-2909
CVE-2013-2910
CVE-2013-2911
CVE-2013-2912
CVE-2013-2913
CVE-2013-2914
CVE-2013-2915
CVE-2013-2916
CVE-2013-2917
CVE-2013-2918
CVE-2013-2919
CVE-2013-2920
CVE-2013-2921
CVE-2013-2922
CVE-2013-2923
CVE-2013-2924
http://googlechromereleases.blogspot.nl/
69098c5c-fc4b-11e2-8ad0-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

Eleven vulnerabilities, including:

[257748] Medium CVE-2013-2881: Origin bypass in frame handling. Credit to Karthik Bhargavan.

[260106] High CVE-2013-2882: Type confusion in V8. Credit to Cloudfuzzer.

[260165] High CVE-2013-2883: Use-after-free in MutationObserver. Credit to Cloudfuzzer.

[248950] High CVE-2013-2884: Use-after-free in DOM. Credit to Ivan Fratric of Google Security Team.

[249640] [257353] High CVE-2013-2885: Use-after-free in input handling. Credit to Ivan Fratric of Google Security Team.

[261701] High CVE-2013-2886: Various fixes from internal audits, fuzzing and other initiatives.


Discovery 2013-07-30
Entry 2013-08-03
chromium
lt 28.0.1500.95

CVE-2013-2881
CVE-2013-2882
CVE-2013-2883
CVE-2013-2884
CVE-2013-2885
CVE-2013-2886
http://www.googlechromereleases.blogspot.nl/
ae651a4b-0a42-11e3-ba52-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

25 security fixes in this release, including:

  • [181617] High CVE-2013-2900: Incomplete path sanitization in file handling. Credit to Krystian Bigaj.
  • [254159] Low CVE-2013-2905: Information leak via overly broad permissions on shared memory files. Credit to Christian Jaeger.
  • [257363] High CVE-2013-2901: Integer overflow in ANGLE. Credit to Alex Chapman.
  • [260105] High CVE-2013-2902: Use after free in XSLT. Credit to cloudfuzzer.
  • [260156] High CVE-2013-2903: Use after free in media element. Credit to cloudfuzzer.
  • [260428] High CVE-2013-2904: Use after free in document parsing. Credit to cloudfuzzer.
  • [274602] CVE-2013-2887: Various fixes from internal audits, fuzzing and other initiatives (Chrome 29).

Discovery 2013-08-20
Entry 2013-08-21
chromium
lt 29.0.1547.57

CVE-2013-2887
CVE-2013-2900
CVE-2013-2901
CVE-2013-2902
CVE-2013-2903
CVE-2013-2904
CVE-2013-2905
http://googlechromereleases.blogspot.nl/