Date: Fri, 06 Mar 2020 06:39:17 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 244625] www/chromium: [patch] Please update to 80.x Message-ID: <bug-244625-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D244625 Bug ID: 244625 Summary: www/chromium: [patch] Please update to 80.x Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: chromium@FreeBSD.org Reporter: cem@freebsd.org Assignee: chromium@FreeBSD.org Flags: maintainer-feedback?(chromium@FreeBSD.org) Created attachment 212180 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D212180&action= =3Dedit Update www/chromium port to 80.x Apparently, there are active CVEs being used in the wild against 79.x: https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-des= ktop_24.html > This update includes 3 security fixes. Below, we highlight fixes that wer= e contributed by external researchers. Please see the Chrome Security Page = for more information. > > [$5000][1044570] High: Integer overflow in ICU. Reported by Andr=C3=A9 Ba= rgull (with thanks to Jeff Walden from Mozilla) on 2020-01-22 > [N/A][1045931] High CVE-2020-6407: Out of bounds memory access in streams= . Reported by Sergei Glazunov of Google Project Zero on 2020-01-27 > > This release also contains: > [N/A][1053604] High CVE-2020-6418: Type confusion in V8. Reported by Clem= ent Lecigne of Google's Threat Analysis Group on 2020-02-18 > > Google is aware of reports that an exploit for CVE-2020-6418 exists in th= e wild. I've rebased our patches against the latest 80.x stable at the time I start= ed the work a few days ago, 80.0.3987.132, and tested the ordinary Release configuration with default knobs against a few "smoke test" websites: david.li/waves youtube.com google / basic browsing --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-244625-7788>