FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  369565
Date:      2014-09-29
Time:      23:34:30Z
Committer: bdrewery

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
79356040-5da4-11e3-829e-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

15 security fixes in this release, including:

  • [307159] Medium CVE-2013-6634: Session fixation in sync related to 302 redirects. Credit to Andrey Labunets.
  • [314469] High CVE-2013-6635: Use-after-free in editing. Credit to cloudfuzzer.
  • [322959] Medium CVE-2013-6636: Address bar spoofing related to modal dialogs. Credit to Bas Venis.
  • [325501] CVE-2013-6637: Various fixes from internal audits, fuzzing and other initiatives.
  • [319722] Medium CVE-2013-6638: Buffer overflow in v8. This issue was fixed in v8 version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
  • [319835] High CVE-2013-6639: Out of bounds write in v8. This issue was fixed in v8 version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
  • [319860] Medium CVE-2013-6640: Out of bounds read in v8. This issue was fixed in v8 version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.

Discovery 2013-12-04
Entry 2013-12-05
chromium
lt 31.0.1650.63

CVE-2013-6634
CVE-2013-6635
CVE-2013-6636
CVE-2013-6637
CVE-2013-6638
CVE-2013-6639
CVE-2013-6640
http://googlechromereleases.blogspot.nl/
f9810c43-87a5-11e3-9214-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

14 security fixes in this release, including:

  • [330420] High CVE-2013-6649: Use-after-free in SVG images. Credit to Atte Kettunen of OUSPG.
  • [331444] High CVE-2013-6650: Memory corruption in V8. This issue was fixed in v8 version 3.22.24.16. Credit to Christian Holler.

Discovery 2014-01-27
Entry 2014-01-27
chromium
lt 32.0.1700.102

CVE-2013-6649
CVE-2013-6650
http://googlechromereleases.blogspot.nl/
3bfc7016-4bcc-11e3-b0cf-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

25 security fixes in this release, including:

  • [268565] Medium CVE-2013-6621: Use after free related to speech input elements. Credit to Khalil Zhani.
  • [272786] High CVE-2013-6622: Use after free related to media elements. Credit to cloudfuzzer.
  • [282925] High CVE-2013-6623: Out of bounds read in SVG. Credit to miaubiz.
  • [290566] High CVE-2013-6624: Use after free related to “id” attribute strings. Credit to Jon Butler.
  • [295010] High CVE-2013-6625: Use after free in DOM ranges. Credit to cloudfuzzer.
  • [295695] Low CVE-2013-6626: Address bar spoofing related to interstitial warnings. Credit to Chamal de Silva.
  • [299892] High CVE-2013-6627: Out of bounds read in HTTP parsing. Credit to skylined.
  • [306959] Medium CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco of INRIA Paris.
  • [315823] Medium-Critical CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives.
  • [258723] Medium CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo. Credit to Michal Zalewski of Google.
  • [299835] Medium CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo. Credit to Michal Zalewski of Google.
  • [296804] High CVE-2013-6631: Use after free in libjingle. Credit to Patrik Höglund of the Chromium project.

Discovery 2013-11-12
Entry 2013-11-12
chromium
lt 31.0.1650.48

CVE-2013-2931
CVE-2013-6621
CVE-2013-6622
CVE-2013-6623
CVE-2013-6624
CVE-2013-6625
CVE-2013-6626
CVE-2013-6627
CVE-2013-6628
CVE-2013-6629
CVE-2013-6630
CVE-2013-6631
http://googlechromereleases.blogspot.nl/
710cd5d5-35cb-11e3-85f9-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

5 security fixes in this release, including:

  • [292422] High CVE-2013-2925: Use after free in XHR. Credit to Atte Kettunen of OUSPG.
  • [294456] High CVE-2013-2926: Use after free in editing. Credit to cloudfuzzer.
  • [297478] High CVE-2013-2927: Use after free in forms. Credit to cloudfuzzer.
  • [305790] High CVE-2013-2928: Various fixes from internal audits, fuzzing and other initiatives.

Discovery 2013-10-15
Entry 2013-10-15
chromium
lt 30.0.1599.101

CVE-2013-2925
CVE-2013-2926
CVE-2013-2927
CVE-2013-2928
http://googlechromereleases.blogspot.nl/
5acf4638-7e2c-11e3-9fba-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

11 security fixes in this release, including:

  • [249502] High CVE-2013-6646: Use-after-free in web workers. Credit to Collin Payne.
  • [326854] High CVE-2013-6641: Use-after-free related to forms. Credit to Atte Kettunen of OUSPG.
  • [324969] High CVE-2013-6642: Address bar spoofing in Chrome for Android. Credit to lpilorz.
  • [321940] High CVE-2013-6643: Unprompted sync with an attacker’s Google account. Credit to Joao Lucas Melo Brasio.
  • [318791] Medium CVE-2013-6645 Use-after-free related to speech input elements. Credit to Khalil Zhani.
  • [333036] CVE-2013-6644: Various fixes from internal audits, fuzzing and other initiatives.

Discovery 2014-01-14
Entry 2014-01-15
chromium
lt 32.0.1700.77

CVE-2013-6641
CVE-2013-6642
CVE-2013-6643
CVE-2013-6644
CVE-2013-6645
CVE-2013-6646
http://googlechromereleases.blogspot.nl/
e62ab2af-4df4-11e3-b0cf-00262d5ed8eechromium -- multiple memory corruption issues

Google Chrome Releases reports:

[319117] [319125] Critical CVE-2013-6632: Multiple memory corruption issues. Credit to Pinkie Pie.


Discovery 2013-11-14
Entry 2013-11-15
chromium
lt 31.0.1650.57

CVE-2013-6632
http://googlechromereleases.blogspot.nl/