diff options
author | Rene Ladan <rene@FreeBSD.org> | 2016-02-18 21:23:58 +0000 |
---|---|---|
committer | Rene Ladan <rene@FreeBSD.org> | 2016-02-18 21:23:58 +0000 |
commit | c6919a4dd4319a863488c4eb1c021f8e77c0ca99 (patch) | |
tree | 2346a883198c62858acadf736068914e20edeb53 /security | |
parent | Update ImageMagick to 6.9.3.4. (diff) |
Document new vulnerability in www/chromium < 48.0.2564.116
Obtained from: http://googlechromereleases.blogspot.nl/2016/02/stable-channel-update_18.html
Notes
Notes:
svn path=/head/; revision=409131
Diffstat (limited to 'security')
-rw-r--r-- | security/vuxml/vuln.xml | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 664691bf03b3..638c76bc49dc 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -57,6 +57,35 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="368993bb-d685-11e5-8858-00262d5ed8ee"> + <topic>chromium -- same origin bypass</topic> + <affects> + <package> + <name>chromium</name> + <name>chromium-npapi</name> + <name>chromium-pulse</name> + <range><lt>48.0.2564.116</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Google Chrome Releases reports:</p> + <blockquote cite="http://googlechromereleases.blogspot.nl/2016/02/stable-channel-update_18.html"> + <p>[583431] Critical CVE-2016-1629: Same-origin bypass in Blink + and Sandbox escape in Chrome. Credit to anonymous.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2016-1629</cvename> + <url>http://googlechromereleases.blogspot.nl/2016/02/stable-channel-update_18.html</url> + </references> + <dates> + <discovery>2016-02-18</discovery> + <entry>2016-02-18</entry> + </dates> + </vuln> + <vuln vid="2dd7e97e-d5e8-11e5-bcbd-bc5ff45d0f28"> <topic>glibc -- getaddrinfo stack-based buffer overflow</topic> <affects> |