diff options
| author | Rene Ladan <rene@FreeBSD.org> | 2016-06-06 21:08:05 +0000 |
|---|---|---|
| committer | Rene Ladan <rene@FreeBSD.org> | 2016-06-06 21:08:05 +0000 |
| commit | 6f39846c839d94072235c90bbc0af3e377bf9583 (patch) | |
| tree | 4d8c1a47aa76b27c58c999f21e5967b2417a030a /security | |
| parent | c85028c3dc41d2e5e9187bddc7bc219925867d54 (diff) | |
Document new vulnerabilities in www/chromium < 51.0.2704.79
Notes
Notes:
svn path=/head/; revision=416488
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 323858ef8c8b..eb226e36518a 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,60 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="c039a761-2c29-11e6-8912-3065ec8fd3ec"> + <topic>chromium -- multiple vulnerabilities</topic> + <affects> + <package> + <name>chromium</name> + <name>chromium-npapi</name> + <name>chromium-pulse</name> + <range><lt>51.0.2704.79</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Google Chrome Releases reports:</p> + <blockquote cite="http://googlechromereleases.blogspot.nl/2016/06/stable-channel-update.html"> + <p>15 security fixes in this release, including:</p> + <ul> + <li>601073] High CVE-2016-1696: Cross-origin bypass in Extension + bindings. Credit to anonymous.</li> + <li>[613266] High CVE-2016-1697: Cross-origin bypass in Blink. + Credit to Mariusz Mlynski.</li> + <li>[603725] Medium CVE-2016-1698: Information leak in Extension + bindings. Credit to Rob Wu.</li> + <li>[607939] Medium CVE-2016-1699: Parameter sanitization failure + in DevTools. Credit to Gregory Panakkal.</li> + <li>[608104] Medium CVE-2016-1700: Use-after-free in Extensions. + Credit to Rob Wu.</li> + <li>[608101] Medium CVE-2016-1701: Use-after-free in Autofill. + Credit to Rob Wu.</li> + <li>[609260] Medium CVE-2016-1702: Out-of-bounds read in Skia. + Credit to cloudfuzzer.</li> + <li>[616539] CVE-2016-1703: Various fixes from internal audits, + fuzzing and other initiatives.</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>2016-1695</cvename> + <cvename>2016-1696</cvename> + <cvename>2016-1697</cvename> + <cvename>2016-1698</cvename> + <cvename>2016-1699</cvename> + <cvename>2016-1700</cvename> + <cvename>2016-1701</cvename> + <cvename>2016-1702</cvename> + <cvename>2016-1703</cvename> + <url>http://googlechromereleases.blogspot.nl/2016/06/stable-channel-update.html</url> + </references> + <dates> + <discovery>2016-06-01</discovery> + <entry>2016-06-06</entry> + </dates> + </vuln> + <vuln vid="bcbd3fe0-2b46-11e6-ae88-002590263bf5"> <topic>openafs -- multiple vulnerabilities</topic> <affects> |