From owner-svn-ports-all@freebsd.org Tue Apr 24 18:07:22 2018 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0C1EBFADE36; Tue, 24 Apr 2018 18:07:22 +0000 (UTC) (envelope-from riggs@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id ADC66681A6; Tue, 24 Apr 2018 18:07:21 +0000 (UTC) (envelope-from riggs@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A81E8168D4; Tue, 24 Apr 2018 18:07:21 +0000 (UTC) (envelope-from riggs@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w3OI7Lv3058194; Tue, 24 Apr 2018 18:07:21 GMT (envelope-from riggs@FreeBSD.org) Received: (from riggs@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w3OI7LEO058193; Tue, 24 Apr 2018 18:07:21 GMT (envelope-from riggs@FreeBSD.org) Message-Id: <201804241807.w3OI7LEO058193@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: riggs set sender to riggs@FreeBSD.org using -f From: Thomas Zander Date: Tue, 24 Apr 2018 18:07:21 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r468227 - head/security/vuxml X-SVN-Group: ports-head X-SVN-Commit-Author: riggs X-SVN-Commit-Paths: head/security/vuxml X-SVN-Commit-Revision: 468227 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Apr 2018 18:07:22 -0000 Author: riggs Date: Tue Apr 24 18:07:21 2018 New Revision: 468227 URL: https://svnweb.freebsd.org/changeset/ports/468227 Log: Document vulnerabilities in chromium before 66.0.3359.117 Submitted by: tommi.pernila@iki.fi (via mail to ports-secteam) Reviewed by: riggs Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Tue Apr 24 18:05:23 2018 (r468226) +++ head/security/vuxml/vuln.xml Tue Apr 24 18:07:21 2018 (r468227) @@ -58,6 +58,101 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + chromium -- vulnerability + + + chromium + 66.0.3359.117 + + + + +

Google Chrome Releases reports:

+
+

62 security fixes in this release:

+
    +
  • [826626] Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28
  • +
  • [827492] Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30
  • +
  • [813876] High CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous on 2018-02-20
  • +
  • [822091] High CVE-2018-6088: Use after free in PDFium. Reported by Anonymous on 2018-03-15
  • +
  • [808838] High CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by Rob Wu on 2018-02-04
  • +
  • [820913] High CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song on 2018-03-12
  • +
  • [771933] High CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05
  • +
  • [819869] High CVE-2018-6092: Integer overflow in WebAssembly. Reported by Natalie Silvanovich of Google Project Zero on 2018-03-08
  • +
  • [780435] Medium CVE-2018-6093: Same origin bypass in Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-01
  • +
  • [633030] Medium CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris Rohlf on 2016-08-01
  • +
  • [637098] Medium CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. Reported by Abdulrahman Alqabandi (@qab) on 2016-08-11
  • +
  • [776418] Medium CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-19
  • +
  • [806162] Medium CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr of Tencent's Xuanwu Lab on 2018-01-26
  • +
  • [798892] Medium CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-03
  • +
  • [808825] Medium CVE-2018-6099: CORS bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-02-03
  • +
  • [811117] Medium CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-02-11
  • +
  • [813540] Medium CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . Reported by Rob Wu on 2018-02-19
  • +
  • [813814] Medium CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-20
  • +
  • [816033] Medium CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani on 2018-02-24
  • +
  • [820068] Medium CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-08
  • +
  • [803571] Medium CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-18
  • +
  • [805729] Medium CVE-2018-6106: Incorrect handling of promises in V8. Reported by lokihardt of Google Project Zero on 2018-01-25
  • +
  • [808316] Medium CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-02
  • +
  • [816769] Medium CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-27
  • +
  • [710190] Low CVE-2018-6109: Incorrect handling of files by FileAPI. Reported by Dominik Weber (@DoWeb_) on 2017-04-10
  • +
  • [777737] Low CVE-2018-6110: Incorrect handling of plaintext files via file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24
  • +
  • [780694] Low CVE-2018-6111: Heap-use-after-free in DevTools. Reported by Khalil Zhani on 2017-11-02
  • +
  • [798096] Low CVE-2018-6112: Incorrect URL handling in DevTools. Reported by Rob Wu on 2017-12-29
  • +
  • [805900] Low CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani on 2018-01-25
  • +
  • [811691] Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on 2018-02-13
  • +
  • [819809] Low CVE-2018-6115: SmartScreen bypass in downloads. Reported by James Feher on 2018-03-07
  • +
  • [822266] Low CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by Jin from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. on 2018-03-15
  • +
  • [822465] Low CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey on 2018-03-15
  • +
  • [822424] Low CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS. Reported by Ian Beer of Google Project Zero on 2018-03-15
  • +
+
+ +
+ + https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html + CVE-2018-6085 + CVE-2018-6086 + CVE-2018-6087 + CVE-2018-6088 + CVE-2018-6089 + CVE-2018-6090 + CVE-2018-6091 + CVE-2018-6092 + CVE-2018-6093 + CVE-2018-6094 + CVE-2018-6095 + CVE-2018-6096 + CVE-2018-6097 + CVE-2018-6098 + CVE-2018-6099 + CVE-2018-6100 + CVE-2018-6101 + CVE-2018-6102 + CVE-2018-6103 + CVE-2018-6104 + CVE-2018-6105 + CVE-2018-6106 + CVE-2018-6107 + CVE-2018-6108 + CVE-2018-6109 + CVE-2018-6110 + CVE-2018-6111 + CVE-2018-6112 + CVE-2018-6113 + CVE-2018-6114 + CVE-2018-6115 + CVE-2018-6116 + CVE-2018-6117 + CVE-2018-6084 + + + 2017-04-10 + 2018-04-24 + +
+ mbed TLS (PolarSSL) -- multiple vulnerabilities