Date: Wed, 11 Jun 2014 08:30:01 +0000 (UTC) From: Rene Ladan <rene@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r357430 - branches/2014Q2/security/vuxml Message-ID: <201406110830.s5B8U16M031793@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rene Date: Wed Jun 11 08:30:01 2014 New Revision: 357430 URL: http://svnweb.freebsd.org/changeset/ports/357430 QAT: https://qat.redports.org/buildarchive/r357430/ Log: MFH: r357427 Document new vulnerabilities in www/chromium < 35.0.1916.153 Submitted by: Carlos Jacobo Puga Medina <cpm@fbsd.es> Obtained from: http://www.googlechromereleases.blogspot.nl/ Also merge entries for mozilla, openssl, gnutls (2), mumble (2), and linux-flashplugin Approved by: portmgr (erwin) Modified: branches/2014Q2/security/vuxml/vuln.xml Directory Properties: branches/2014Q2/ (props changed) Modified: branches/2014Q2/security/vuxml/vuln.xml ============================================================================== --- branches/2014Q2/security/vuxml/vuln.xml Wed Jun 11 08:19:36 2014 (r357429) +++ branches/2014Q2/security/vuxml/vuln.xml Wed Jun 11 08:30:01 2014 (r357430) @@ -51,6 +51,320 @@ Note: Please add new entries to the beg --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="0b0fb9b0-f0fb-11e3-9bcd-000c6e25e3e9"> + <topic>chromium -- multiple vulnerabilities</topic> + <affects> + <package> + <name>chromium</name> + <range><lt>35.0.1916.153</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Google Chrome Releases reports:</p> + <blockquote cite="http://googlechromereleases.blogspot.nl">; + <p>4 security fixes in this release, including:</p> + <ul> + <li>[369525] High CVE-2014-3154: Use-after-free in filesystem api. Credit + to Collin Payne.</li> + <li>[369539] High CVE-2014-3155: Out-if-bounds read in SPDY. Credit + to James March, Daniel Sommermann and Alan Frindell of Facebook.</li> + <li>[369621] Medium CVE-2014-3156: Buffer overflow in clipboard. Credit + to Atte Kettunen of OUSPG.</li> + <li>[368980] CVE-2014-3157: Heap overflow in media.</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2014-3154</cvename> + <cvename>CVE-2014-3155</cvename> + <cvename>CVE-2014-3156</cvename> + <cvename>CVE-2014-3157</cvename> + <url>http://googlechromereleases.blogspot.nl</url>; + </references> + <dates> + <discovery>2014-06-10</discovery> + <entry>2014-06-10</entry> + </dates> + </vuln> + + <vuln vid="888a0262-f0d9-11e3-ba0c-b4b52fce4ce8"> + <topic>mozilla -- multiple vulnerabilities</topic> + <affects> + <package> + <name>firefox</name> + <range><lt>30.0,1</lt></range> + </package> + <package> + <name>firefox-esr</name> + <range><lt>24.6.0,1</lt></range> + </package> + <package> + <name>linux-firefox</name> + <range><lt>30.0,1</lt></range> + </package> + <package> + <name>linux-thunderbird</name> + <range><lt>24.6.0</lt></range> + </package> + <package> + <name>nspr</name> + <range><lt>4.10.6</lt></range> + </package> + <package> + <name>thunderbird</name> + <range><lt>24.6.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>The Mozilla Project reports:</p> + <blockquote cite="http://www.mozilla.org/security/known-vulnerabilities/">; + <p>MFSA 2014-48 Miscellaneous memory safety hazards + (rv:30.0 / rv:24.6)</p> + <p>MFSA 2014-49 Use-after-free and out of bounds + issues found using Address Sanitizer</p> + <p>MFSA 2014-51 Use-after-free in Event Listener + Manager</p> + <p>MFSA 2014-52 Use-after-free with SMIL Animation + Controller</p> + <p>MFSA 2014-53 Buffer overflow in Web Audio Speex + resampler</p> + <p>MFSA 2014-54 Buffer overflow in Gamepad API</p> + <p>MFSA 2014-55 Out of bounds write in NSPR</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2014-1533</cvename> + <cvename>CVE-2014-1534</cvename> + <cvename>CVE-2014-1536</cvename> + <cvename>CVE-2014-1537</cvename> + <cvename>CVE-2014-1540</cvename> + <cvename>CVE-2014-1541</cvename> + <cvename>CVE-2014-1542</cvename> + <cvename>CVE-2014-1543</cvename> + <cvename>CVE-2014-1545</cvename> + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-48.html</url>; + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-49.html</url>; + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-51.html</url>; + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-52.html</url>; + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-53.html</url>; + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-54.html</url>; + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-55.html</url>; + </references> + <dates> + <discovery>2014-06-10</discovery> + <entry>2014-06-10</entry> + </dates> + </vuln> + + <vuln vid="5ac53801-ec2e-11e3-9cf3-3c970e169bc2"> + <topic>OpenSSL -- multiple vulnerabilities</topic> + <affects> + <package> + <name>openssl</name> + <range><ge>1.0.1</ge><lt>1.0.1_13</lt></range> + </package> + <package> + <name>mingw32-openssl</name> + <range><ge>1.0.1</ge><lt>1.0.1h</lt></range> + </package> + <system> + <name>FreeBSD</name> + <range><ge>8.0</ge><lt>8.4_12</lt></range> + <range><ge>9.1</ge><lt>9.1_15</lt></range> + <range><ge>9.2</ge><lt>9.2_8</lt></range> + <range><ge>10.0</ge><lt>10.0_5</lt></range> + </system> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>The OpenSSL Project reports:</p> + <blockquote cite="http://www.openssl.org/news/secadv_20140605.txt">; + <p>An attacker using a carefully crafted handshake can force + the use of weak keying material in OpenSSL SSL/TLS clients + and servers. This can be exploited by a Man-in-the-middle + (MITM) attack where the attacker can decrypt and modify + traffic from the attacked client and server. [CVE-2014-0224]</p> + <p>By sending an invalid DTLS handshake to an OpenSSL DTLS + client the code can be made to recurse eventually crashing + in a DoS attack. [CVE-2014-0221]</p> + <p>A buffer overrun attack can be triggered by sending invalid + DTLS fragments to an OpenSSL DTLS client or server. This is + potentially exploitable to run arbitrary code on a vulnerable + client or server. [CVE-2014-0195]</p> + <p>OpenSSL TLS clients enabling anonymous ECDH ciphersuites are + subject to a denial of service attack. [CVE-2014-3470]</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2014-0195</cvename> + <cvename>CVE-2014-0221</cvename> + <cvename>CVE-2014-0224</cvename> + <cvename>CVE-2014-3470</cvename> + <url>http://www.freebsd.org/security/advisories/FreeBSD-SA-14:14.openssl.asc</url>; + <url>http://www.openssl.org/news/secadv_20140605.txt</url>; + </references> + <dates> + <discovery>2014-06-05</discovery> + <entry>2014-06-05</entry> + </dates> + </vuln> + + <vuln vid="9733c480-ebff-11e3-970b-206a8a720317"> + <topic>gnutls -- client-side memory corruption</topic> + <affects> + <package> + <name>gnutls</name> + <range><lt>2.12.23_6</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>GnuTLS project reports:</p> + <blockquote cite="www.gnutls.org/security.html#GNUTLS-SA-2014-3"> + <p>This vulnerability affects the client side of the gnutls library. + A server that sends a specially crafted ServerHello could corrupt + the memory of a requesting client.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2014-3466</cvename> + <url>http://www.gnutls.org/security.html#GNUTLS-SA-2014-3</url>; + </references> + <dates> + <discovery>2014-05-14</discovery> + <entry>2014-06-04</entry> + </dates> + </vuln> + + <vuln vid="027af74d-eb56-11e3-9032-000c2980a9f3"> + <topic>gnutls -- client-side memory corruption</topic> + <affects> + <package> + <name>gnutls3</name> + <range><ge>3.1</ge><lt>3.1.25</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>GnuTLS project reports:</p> + <blockquote cite="www.gnutls.org/security.html#GNUTLS-SA-2014-3"> + <p>This vulnerability affects the client side of the gnutls library. + A server that sends a specially crafted ServerHello could corrupt + the memory of a requesting client.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2014-3466</cvename> + <url>http://www.gnutls.org/security.html#GNUTLS-SA-2014-3</url>; + </references> + <dates> + <discovery>2014-05-14</discovery> + <entry>2014-06-03</entry> + </dates> + </vuln> + + <vuln vid="77e2e631-e742-11e3-9a25-5404a6a6412c"> + <topic>mumble -- multiple vulnerabilities</topic> + <affects> + <package> + <name>mumble</name> + <range><ge>1.2.0</ge><lt>1.2.6</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Mumble reports:</p> + <blockquote cite="http://blog.mumble.info/mumble-1-2-6/">; + <p>SVG images with local file references could trigger client DoS</p> + <p>The Mumble client did not properly HTML-escape some external strings + before using them in a rich-text (HTML) context.</p> + </blockquote> + </body> + </description> + <references> + <url>http://mumble.info/security/Mumble-SA-2014-005.txt</url>; + <url>http://mumble.info/security/Mumble-SA-2014-006.txt</url>; + </references> + <dates> + <discovery>2014-04-16</discovery> + <entry>2014-05-29</entry> + </dates> + </vuln> + + <vuln vid="c2c8c84b-e734-11e3-9a25-5404a6a6412c"> + <topic>mumble -- NULL pointer dereference and heap-based buffer overflow</topic> + <affects> + <package> + <name>mumble</name> + <range><ge>1.2.4</ge><le>1.2.4_6</le></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Mumble reports:</p> + <blockquote cite="http://blog.mumble.info/mumble-1-2-5/">; + <p>A malformed Opus voice packet sent to a Mumble client could trigger + a NULL pointer dereference or an out-of-bounds array access.</p> + <p>A malformed Opus voice packet sent to a Mumble client could trigger a + heap-based buffer overflow.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2014-0044</cvename> + <cvename>CVE-2014-0045</cvename> + <url>http://mumble.info/security/Mumble-SA-2014-001.txt</url>; + <url>http://mumble.info/security/Mumble-SA-2014-002.txt</url>; + </references> + <dates> + <discovery>2014-01-25</discovery> + <entry>2014-05-29</entry> + </dates> + </vuln> + + <vuln vid="f99a4686-e694-11e3-9032-000c2980a9f3"> + <cancelled/> + </vuln> + + <vuln vid="688e73a2-e514-11e3-a52a-98fc11cdc4f5"> + <topic>linux-flashplugin -- multiple vulnerabilities</topic> + <affects> + <package> + <name>linux-f10-flashplugin</name> + <range><lt>11.2r202.359</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Adobe reports:</p> + <blockquote cite="https://helpx.adobe.com/security/products/flash-player/apsb14-14.html">; + <p>These updates address vulnerabilities that could cause a crash + and potentially allow an attacker to take control of the affected system.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2014-0510</cvename> + <cvename>CVE-2014-0516</cvename> + <cvename>CVE-2014-0517</cvename> + <cvename>CVE-2014-0518</cvename> + <cvename>CVE-2014-0519</cvename> + <cvename>CVE-2014-0520</cvename> + <url>https://helpx.adobe.com/security/products/flash-player/apsb14-14.html</url>; + </references> + <dates> + <discovery>2014-03-13</discovery> + <entry>2014-05-26</entry> + </dates> + </vuln> + <vuln vid="02db20d7-e34a-11e3-bd92-bcaec565249c"> <topic>openjpeg -- Multiple vulnabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201406110830.s5B8U16M031793>