FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  351541
Date:      2014-04-18
Time:      14:56:43Z
Committer: ohauer

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
ee68923d-f2f5-11e1-8014-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

[121347] Medium CVE-2012-2865: Out-of-bounds read in line breaking. Credit to miaubiz.

[134897] High CVE-2012-2866: Bad cast with run-ins. Credit to miaubiz.

[135485] Low CVE-2012-2867: Browser crash with SPDY.

[136881] Medium CVE-2012-2868: Race condition with workers and XHR. Credit to miaubiz.

[137778] High CVE-2012-2869: Avoid stale buffer in URL loading. Credit to Fermin Serna of the Google Security Team.

[138672] [140368] Low CVE-2012-2870: Lower severity memory management issues in XPath. Credit to Nicolas Gregoire.

[138673] High CVE-2012-2871: Bad cast in XSL transforms. Credit to Nicolas Gregoire.

[142956] Medium CVE-2012-2872: XSS in SSL interstitial. Credit to Emmanuel Bronshtein.


Discovery 2012-08-30
Entry 2012-08-30
chromium
lt 21.0.1180.89

CVE-2012-2865
CVE-2012-2866
CVE-2012-2867
CVE-2012-2868
CVE-2012-2869
CVE-2012-2870
CVE-2012-2871
CVE-2012-2872
http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
e6161b65-1187-11e2-afe3-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

[138208] High CVE-2012-2900: Crash in Skia text rendering. Credit to Atte Kettunen of OUSPG.

[147499] Critical CVE-2012-5108: Race condition in audio device handling. Credit to Atte Kettunen of OUSPG.

[148692] Medium CVE-2012-5109: OOB read in ICU regex. Credit to Arthur Gerkis.

[151449] Medium CVE-2012-5110: Out-of-bounds read in compositor. Credit to Google Chrome Security Team (Inferno).

[151895] Low CVE-2012-5111: Plug-in crash monitoring was missing for Pepper plug-ins. Credit to Google Chrome Security Team (Chris Evans).


Discovery 2012-10-08
Entry 2012-10-08
chromium
lt 22.0.1229.92

CVE-2012-2900
CVE-2012-5108
CVE-2012-5109
CVE-2012-5110
CVE-2012-5111
http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
ce84e136-e2f6-11e1-a8ca-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

[Linux only] [125225] Medium CVE-2012-2846: Cross-process interference in renderers. Credit to Google Chrome Security Team (Julien Tinnes).

[127522] Low CVE-2012-2847: Missing re-prompt to user upon excessive downloads. Credit to Matt Austin of Aspect Security.

[127525] Medium CVE-2012-2848: Overly broad file access granted after drag+drop. Credit to Matt Austin of Aspect Security.

[128163] Low CVE-2012-2849: Off-by-one read in GIF decoder. Credit to Atte Kettunen of OUSPG.

[130251] [130592] [130611] [131068] [131237] [131252] [131621] [131690] [132860] Medium CVE-2012-2850: Various lower severity issues in the PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

[132585] [132694] [132861] High CVE-2012-2851: Integer overflows in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

[134028] High CVE-2012-2852: Use-after-free with bad object linkage in PDF. Credit to Alexey Samsonov of Google.

[134101] Medium CVE-2012-2853: webRequest can interfere with the Chrome Web Store. Credit to Trev of Adblock.

[134519] Low CVE-2012-2854: Leak of pointer values to WebUI renderers. Credit to Nasko Oskov of the Chromium development community.

[134888] High CVE-2012-2855: Use-after-free in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

[134954] [135264] High CVE-2012-2856: Out-of-bounds writes in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

[136235] High CVE-2012-2857: Use-after-free in CSS DOM. Credit to Arthur Gerkis.

[136894] High CVE-2012-2858: Buffer overflow in WebP decoder. Credit to Juri Aedla.

[Linux only] [137541] Critical CVE-2012-2859: Crash in tab handling. Credit to Jeff Roberts of Google Security Team.

[137671] Medium CVE-2012-2860: Out-of-bounds access when clicking in date picker. Credit to Chamal de Silva.


Discovery 2012-07-31
Entry 2012-08-10
chromium
lt 21.0.1180.60

CVE-2012-2846
CVE-2012-2847
CVE-2012-2848
CVE-2012-2849
CVE-2012-2850
CVE-2012-2851
CVE-2012-2852
CVE-2012-2853
CVE-2012-2854
CVE-2012-2855
CVE-2012-2856
CVE-2012-2857
CVE-2012-2858
CVE-2012-2859
CVE-2012-2860
http://googlechromereleases.blogspot.com/search/label/Stable%20updates
5bae2ab4-0820-11e2-be5f-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

[143439] High CVE-2012-2889: UXSS in frame handling. Credit to Sergey Glazunov.

[143437] High CVE-2012-2886: UXSS in v8 bindings. Credit to Sergey Glazunov.

[139814] High CVE-2012-2881: DOM tree corruption with plug-ins. Credit to Chamal de Silva.

[135432] High CVE-2012-2876: Buffer overflow in SSE2 optimizations. Credit to Atte Kettunen of OUSPG.

[140803] High CVE-2012-2883: Out-of-bounds write in Skia. Credit to Atte Kettunen of OUSPG.

[143609] High CVE-2012-2887: Use-after-free in onclick handling. Credit to Atte Kettunen of OUSPG.

[143656] High CVE-2012-2888: Use-after-free in SVG text references. Credit to miaubiz.

[144899] High CVE-2012-2894: Crash in graphics context handling. Credit to Slawomir Blazek.

[137707] Medium CVE-2012-2877: Browser crash with extensions and modal dialogs. Credit to Nir Moshe.

[139168] Low CVE-2012-2879: DOM topology corruption. Credit to pawlkt.

[141651] Medium CVE-2012-2884: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.

[132398] High CVE-2012-2874: Out-of-bounds write in Skia. Credit to Google Chrome Security Team (Inferno).

[134955] [135488] [137106] [137288] [137302] [137547] [137556] [137606] [137635] [137880] [137928] [144579] [145079] [145121] [145163] [146462] Medium CVE-2012-2875: Various lower severity issues in the PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

[137852] High CVE-2012-2878: Use-after-free in plug-in handling. Credit to Fermin Serna of Google Security Team.

[139462] Medium CVE-2012-2880: Race condition in plug-in paint buffer. Credit to Google Chrome Security Team (Cris Neckar).

[140647] High CVE-2012-2882: Wild pointer in OGG container handling. Credit to Google Chrome Security Team (Inferno).

[142310] Medium CVE-2012-2885: Possible double free on exit. Credit to the Chromium development community.

[143798] [144072] [147402] High CVE-2012-2890: Use-after-free in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

[144051] Low CVE-2012-2891: Address leak over IPC. Credit to Lei Zhang of the Chromium development community.

[144704] Low CVE-2012-2892: Pop-up block bypass. Credit to Google Chrome Security Team (Cris Neckar).

[144799] High CVE-2012-2893: Double free in XSL transforms. Credit to Google Chrome Security Team (Cris Neckar).

[145029] [145157] [146460] High CVE-2012-2895: Out-of-bounds writes in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.


Discovery 2012-09-25
Entry 2012-09-26
chromium
lt 22.0.1229.79

CVE-2012-2889
CVE-2012-2886
CVE-2012-2881
CVE-2012-2876
CVE-2012-2883
CVE-2012-2887
CVE-2012-2888
CVE-2012-2894
CVE-2012-2877
CVE-2012-2879
CVE-2012-2884
CVE-2012-2874
CVE-2012-2875
CVE-2012-2878
CVE-2012-2880
CVE-2012-2882
CVE-2012-2885
CVE-2012-2890
CVE-2012-2891
CVE-2012-2892
CVE-2012-2893
CVE-2012-2895
http://googlechromereleases.blogspot.nl/search/label/Stable%20updates
60bbe12c-e2c1-11e1-a8ca-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

[136643] [137721] [137957] High CVE-2012-2862: Use-after-free in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

[136968] [137361] High CVE-2012-2863: Out-of-bounds writes in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.


Discovery 2012-08-08
Entry 2012-08-10
chromium
lt 21.0.1180.75

CVE-2012-2862
CVE-2012-2863
http://googlechromereleases.blogspot.com/search/label/Stable%20updates
09e83f7f-1326-11e2-afe3-00262d5ed8eechromium -- multiple vulnerabilities

Google Chrome Releases reports:

[154983][154987] Critical CVE-2012-5112: SVG use-after-free and IPC arbitrary file write. Credit to Pinkie Pie.


Discovery 2012-10-10
Entry 2012-10-10
chromium
lt 22.0.1229.94

CVE-2012-5112
http://googlechromereleases.blogspot.nl/search/label/Stable%20updates