From owner-svn-ports-all@freebsd.org  Fri Sep 29 15:17:11 2017
Return-Path: <owner-svn-ports-all@freebsd.org>
Delivered-To: svn-ports-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 41BA7E2EF14;
 Fri, 29 Sep 2017 15:17:11 +0000 (UTC) (envelope-from zi@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id DE7D569D57;
 Fri, 29 Sep 2017 15:17:10 +0000 (UTC) (envelope-from zi@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v8TFHAYr005277;
 Fri, 29 Sep 2017 15:17:10 GMT (envelope-from zi@FreeBSD.org)
Received: (from zi@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id v8TFH4Hg005273;
 Fri, 29 Sep 2017 15:17:04 GMT (envelope-from zi@FreeBSD.org)
Message-Id: <201709291517.v8TFH4Hg005273@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: zi set sender to zi@FreeBSD.org
 using -f
From: Ryan Steinmetz <zi@FreeBSD.org>
Date: Fri, 29 Sep 2017 15:17:04 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r450898 - head/security/vuxml
X-SVN-Group: ports-head
X-SVN-Commit-Author: zi
X-SVN-Commit-Paths: head/security/vuxml
X-SVN-Commit-Revision: 450898
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Sep 2017 15:17:11 -0000

Author: zi
Date: Fri Sep 29 15:17:04 2017
New Revision: 450898
URL: https://svnweb.freebsd.org/changeset/ports/450898

Log:
  - Fix invalid date entries
  - Purge 6887828f-0229-11e0-b84d-00262d5ed8ee as it has been superceded by other entries and it is massive. (We have hit 5M on vuln.xml)

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Fri Sep 29 15:16:41 2017	(r450897)
+++ head/security/vuxml/vuln.xml	Fri Sep 29 15:17:04 2017	(r450898)
@@ -511,7 +511,7 @@ Notes:
       <cvename>CVE-2017-13725</cvename>
     </references>
     <dates>
-      <discovery>2017-7-22</discovery>
+      <discovery>2017-07-22</discovery>
       <entry>2017-09-26</entry>
     </dates>
   </vuln>
@@ -711,7 +711,7 @@ Notes:
       <cvename>CVE-2017-7473</cvename>
     </references>
     <dates>
-      <discovery>2017-7-21</discovery>
+      <discovery>2017-07-21</discovery>
       <entry>2017-09-25</entry>
     </dates>
   </vuln>
@@ -13275,7 +13275,7 @@ maliciously crafted GET request to the Horde server.</
       <url>https://googlechromereleases.blogspot.nl/2016/11/stable-channel-update-for-desktop_9.html</url>
     </references>
     <dates>
-      <discovery>2016-11-9</discovery>
+      <discovery>2016-11-09</discovery>
       <entry>2016-11-10</entry>
     </dates>
   </vuln>
@@ -85060,830 +85060,6 @@ executed in your Internet Explorer while displaying th
     </dates>
   </vuln>
 
-  <vuln vid="6887828f-0229-11e0-b84d-00262d5ed8ee">
-    <topic>chromium -- multiple vulnerabilities</topic>
-    <affects>
-      <package>
-	<name>chromium</name>
-	<range><lt>15.0.874.121</lt></range>
-      </package>
-    </affects>
-    <description>
-      <body xmlns="http://www.w3.org/1999/xhtml">
-	<p>Google Chrome Releases reports:</p>
-	<blockquote cite="http://googlechromereleases.blogspot.com/search/label/Stable%20updates">
-	  <p>Fixed in 15.0.874.121:<br/>
-	    [103259] High CVE-2011-3900: Out-of-bounds write in v8. Credit to
-	      Christian Holler.</p>
-
-	  <p>Fixed in 15.0.874.120:<br/>
-	    [100465] High CVE-2011-3892: Double free in Theora decoder. Credit
-	      to Aki Helin of OUSPG.<br/>
-	    [100492] [100543] Medium CVE-2011-3893: Out of bounds reads in MKV
-	      and Vorbis media handlers. Credit to Aki Helin of OUSPG.<br/>
-	    [101172] High CVE-2011-3894: Memory corruption regression in VP8
-	      decoding. Credit to Andrew Scherkus of the Chromium development
-	      community.<br/>
-	    [101458] High CVE-2011-3895: Heap overflow in Vorbis decoder.
-	      Credit to Aki Helin of OUSPG.<br/>
-	    [101624] High CVE-2011-3896: Buffer overflow in shader variable
-	      mapping. Credit to Ken "strcpy" Russell of the Chromium
-	      development community.<br/>
-	    [102242] High CVE-2011-3897: Use-after-free in editing. Credit to
-	      pa_kt reported through ZDI (ZDI-CAN-1416).<br/>
-	    [102461] Low CVE-2011-3898: Failure to ask for permission to run
-	      applets in JRE7. Credit to Google Chrome Security Team (Chris
-	      Evans).</p>
-
-	  <p>Fixed in 15.0.874.102:<br/>
-	    [86758] High CVE-2011-2845: URL bar spoof in history handling.
-	      Credit to Jordi Chancel.<br/>
-	    [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs.
-	      Credit to Jordi Chancel.<br/>
-	    [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of
-	      download filenames. Credit to Marc Novak.<br/>
-	    [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit
-	      to Google Chrome Security Team (Tom Sepez) plus independent
-	      discovery by Juho Nurminen.<br/>
-	    [94487] Medium CVE-2011-3878: Race condition in worker process
-	      initialization. Credit to miaubiz.<br/>
-	    [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs.
-	      Credit to Masato Kinugawa.<br/>
-	    [95992] Low CVE-2011-3880: Don't permit  as a HTTP header delimiter.
-	      Credit to Vladimir Vorontsov, ONsec company.<br/>
-	    [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881:
-	      Cross-origin policy violations. Credit to Sergey Glazunov.<br/>
-	    [96292] High CVE-2011-3882: Use-after-free in media buffer handling.
-	      Credit to Google Chrome Security Team (Inferno).<br/>
-	    [96902] High CVE-2011-3883: Use-after-free in counter handling.
-	      Credit to miaubiz.<br/>
-	    [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit
-	      to Brian Ryner of the Chromium development community.<br/>
-	    [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885:
-	      Stale style bugs leading to use-after-free. Credit to
-	      miaubiz.<br/>
-	    [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8.
-	      Credit to Christian Holler.<br/>
-	    [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs.
-	      Credit to Sergey Glazunov.<br/>
-	    [99138] High CVE-2011-3888: Use-after-free with plug-in and editing.
-	      Credit to miaubiz.<br/>
-	    [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to
-	      miaubiz.<br/>
-	    [99553] High CVE-2011-3890: Use-after-free in video source handling.
-	      Credit to Ami Fischman of the Chromium development community.<br/>
-	    [100332] High CVE-2011-3891: Exposure of internal v8 functions.
-	      Credit to Steven Keuchel of the Chromium development community
-	      plus independent discovery by Daniel Divricean.</p>
-
-	  <p>Fixed in 14.0.835.202:<br/>
-	    [93788] High CVE-2011-2876: Use-after-free in text line box
-	      handling. Credit to miaubiz.<br/>
-	    [95072] High CVE-2011-2877: Stale font in SVG text handling. Credit
-	      to miaubiz.<br/>
-	    [95671] High CVE-2011-2878: Inappropriate cross-origin access to the
-	      window prototype. Credit to Sergey Glazunov.<br/>
-	    [96150] High CVE-2011-2879: Lifetime and threading issues in audio
-	      node handling. Credit to Google Chrome Security Team
-	      (Inferno).<br/>
-	    [97451] [97520] [97615] High CVE-2011-2880: Use-after-free in the v8
-	      bindings. Credit to Sergey Glazunov.<br/>
-	    [97784] High CVE-2011-2881: Memory corruption with v8 hidden
-	      objects. Credit to Sergey Glazunov.<br/>
-	    [98089] Critical CVE-2011-3873: Memory corruption in shader
-	      translator. Credit to Zhenyao Mo of the Chromium development
-	      community.</p>
-
-	  <p>Fixed in 14.0.835.163:<br/>
-	    [49377] High CVE-2011-2835: Race condition in the certificate cache.	      Credit to Ryan Sleevi of the Chromium development community.<br/>
-	    [51464] Low CVE-2011-2836: Infobar the Windows Media Player plug-in
-	      to avoid click-free access to the system Flash. Credit to
-	      electronixtar.<br/>
-	    [Linux only] [57908] Low CVE-2011-2837: Use PIC / pie compiler
-	      flags. Credit to wbrana.<br/>
-	    [75070] Low CVE-2011-2838: Treat MIME type more authoritatively when
-	      loading plug-ins. Credit to Michal Zalewski of the Google Security
-	      Team.<br/>
-	    [76771] High CVE-2011-2839: Crash in v8 script object wrappers.
-	      Credit to Kostya Serebryany of the Chromium development
-	      community.<br/>
-	    [78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with
-	      unusual user interaction. Credit to kuzzcc.<br/>
-	    [78639] High CVE-2011-2841: Garbage collection error in PDF. Credit
-	      to Mario Gomes.<br/>
-	    [82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers.
-	      Credit to Kostya Serebryany of the Chromium development
-	      community.<br/>
-	    [85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files.
-	      Credit to Mario Gomes.<br/>
-	    [89219] High CVE-2011-2846: Use-after-free in unload event handling.
-	      Credit to Arthur Gerkis.<br/>
-	    [89330] High CVE-2011-2847: Use-after-free in document loader.
-	      Credit to miaubiz.<br/>
-	    [89564] Medium CVE-2011-2848: URL bar spoof with forward button.
-	      Credit to Jordi Chancel.<br/>
-	    [89795] Low CVE-2011-2849: Browser NULL pointer crash with
-	      WebSockets. Credit to Arthur Gerkis.<br/>
-	    [89991] Medium CVE-2011-3234: Out-of-bounds read in box handling.
-	      Credit to miaubiz.<br/>
-	    [90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer
-	      characters. Credit to miaubiz.<br/>
-	    [90173] Medium CVE-2011-2851: Out-of-bounds read in video handling.
-	      Credit to Google Chrome Security Team (Inferno).<br/>
-	    [91120] High CVE-2011-2852: Off-by-one in v8. Credit to Christian
-	      Holler.<br/>
-	    [91197] High CVE-2011-2853: Use-after-free in plug-in handling.
-	      Credit to Google Chrome Security Team (SkyLined).<br/>
-	    [92651] [94800] High CVE-2011-2854: Use-after-free in ruby / table
-	      style handing. Credit to Slawomir Blazek, and independent later
-	      discoveries by miaubiz and Google Chrome Security Team
-	      (Inferno).<br/>
-	    [92959] High CVE-2011-2855: Stale node in stylesheet handling.
-	      Credit to Arthur Gerkis.<br/>
-	    [93416] High CVE-2011-2856: Cross-origin bypass in v8. Credit to
-	      Daniel Divricean.<br/>
-	    [93420] High CVE-2011-2857: Use-after-free in focus controller.
-	      Credit to miaubiz.<br/>
-	    [93472] High CVE-2011-2834: Double free in libxml XPath handling.
-	      Credit to Yang Dingning from NCNIPC, Graduate University of
-	      Chinese Academy of Sciences.<br/>
-	    [93497] Medium CVE-2011-2859: Incorrect permissions assigned to
-	      non-gallery pages. Credit to Bernhard "Bruhns" Brehm of Recurity
-	      Labs.<br/>
-	    [93587] High CVE-2011-2860: Use-after-free in table style handling.
-	      Credit to miaubiz.<br/>
-	    [93596] Medium CVE-2011-2861: Bad string read in PDF. Credit to Aki
-	      Helin of OUSPG.<br/>
-	    [93906] High CVE-2011-2862: Unintended access to v8 built-in
-	      objects. Credit to Sergey Glazunov.<br/>
-	    [95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan
-	      characters. Credit to Google Chrome Security Team (Inferno).<br/>
-	    [95625] Medium CVE-2011-2858: Out-of-bounds read with triangle
-	      arrays. Credit to Google Chrome Security Team (Inferno).<br/>
-	    [95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a
-	      session. Credit to Nishant Yadant of VMware and Craig Chamberlain
-	      (@randomuserid).<br/>
-	    High CVE-2011-2875: Type confusion in v8 object sealing. Credit to
-	      Christian Holler.</p>
-
-	  <p>Fixed in 13.0.782.215:<br/>
-	    [89402] High CVE-2011-2821: Double free in libxml XPath handling.
-	      Credit to Yang Dingning from NCNIPC, Graduate University of
-	      Chinese Academy of Sciences.<br/>
-	    [82552] High CVE-2011-2823: Use-after-free in line box handling.
-	      Credit to Google Chrome Security Team (SkyLined) and independent
-	      later discovery by miaubiz.<br/>
-	    [88216] High CVE-2011-2824: Use-after-free with counter nodes.
-	      Credit to miaubiz.<br/>
-	    [88670] High CVE-2011-2825: Use-after-free with custom fonts. Credit
-	      to wushi of team509 reported through ZDI (ZDI-CAN-1283), plus
-	      indepdendent later discovery by miaubiz.<br/>
-	    [87453] High CVE-2011-2826: Cross-origin violation with empty
-	      origins. Credit to Sergey Glazunov.<br/>
-	    [90668] High CVE-2011-2827: Use-after-free in text searching. Credit
-	      to miaubiz.<br/>
-	    [91517] High CVE-2011-2828: Out-of-bounds write in v8. Credit to
-	      Google Chrome Security Team (SkyLined).<br/>
-	    [32-bit only] [91598] High CVE-2011-2829: Integer overflow in
-	      uniform arrays. Credit to Sergey Glazunov.<br/>
-	    [Linux only] [91665] High CVE-2011-2839: Buggy memset() in PDF.
-	      Credit to Aki Helin of OUSPG.</p>
-
-	  <p>Fixed in 13.0.782.107:<br/>
-	    [75821] Medium CVE-2011-2358: Always confirm an extension install
-	      via a browser dialog. Credit to Sergey Glazunov.<br/>
-	    [78841] High CVE-2011-2359: Stale pointer due to bad line box
-	      tracking in rendering. Credit to miaubiz and Martin Barbella.<br/>
-	    [79266] Low CVE-2011-2360: Potential bypass of dangerous file
-	      prompt. Credit to kuzzcc.<br/>
-	    [79426] Low CVE-2011-2361: Improve designation of strings in the
-	      basic auth dialog. Credit to kuzzcc.<br/>
-	    [Linux only] [81307] Medium CVE-2011-2782: File permissions error
-	      with drag and drop. Credit to Evan Martin of the Chromium
-	      development community.<br/>
-	    [83273] Medium CVE-2011-2783: Always confirm a developer mode NPAPI
-	      extension install via a browser dialog. Credit to Sergey
-	      Glazunov.<br/>
-	    [83841] Low CVE-2011-2784: Local file path disclosure via GL
-	      program log. Credit to kuzzcc.<br/>
-	    [84402] Low CVE-2011-2785: Sanitize the homepage URL in extensions.
-	      Credit to kuzzcc.<br/>
-	    [84600] Low CVE-2011-2786: Make sure the speech input bubble is
-	      always on-screen. Credit to Olli Pettay of Mozilla.<br/>
-	    [84805] Medium CVE-2011-2787: Browser crash due to GPU lock
-	      re-entrancy issue. Credit to kuzzcc.<br/>
-	    [85559] Low CVE-2011-2788: Buffer overflow in inspector
-	      serialization. Credit to Mikolaj Malecki.<br/>
-	    [85808] Medium CVE-2011-2789: Use after free in Pepper plug-in
-	      instantiation. Credit to Mario Gomes and kuzzcc.<br/>
-	    [86502] High CVE-2011-2790: Use-after-free with floating styles.
-	      Credit to miaubiz.<br/>
-	    [86900] High CVE-2011-2791: Out-of-bounds write in ICU. Credit to
-	      Yang Dingning from NCNIPC, Graduate University of Chinese Academy
-	      of Sciences.<br/>
-	    [87148] High CVE-2011-2792: Use-after-free with float removal.
-	      Credit to miaubiz.<br/>
-	    [87227] High CVE-2011-2793: Use-after-free in media selectors.
-	      Credit to miaubiz.<br/>
-	    [87298] Medium CVE-2011-2794: Out-of-bounds read in text iteration.
-	      Credit to miaubiz.<br/>
-	    [87339] Medium CVE-2011-2795: Cross-frame function leak. Credit to
-	      Shih Wei-Long.<br/>
-	    [87548] High CVE-2011-2796: Use-after-free in Skia. Credit to Google
-	      Chrome Security Team (Inferno) and Kostya Serebryany of the
-	      Chromium development community.<br/>
-	    [87729] High CVE-2011-2797: Use-after-free in resource caching.
-	      Credit to miaubiz.<br/>
-	    [87815] Low CVE-2011-2798: Prevent a couple of internal schemes from
-	      being web accessible. Credit to sirdarckcat of the Google Security
-	      Team.<br/>
-	    [87925] High CVE-2011-2799: Use-after-free in HTML range handling.
-	      Credit to miaubiz.<br/>
-	    [88337] Medium CVE-2011-2800: Leak of client-side redirect target.
-	      Credit to Juho Nurminen.<br/>
-	    [88591] High CVE-2011-2802: v8 crash with const lookups. Credit to
-	      Christian Holler.<br/>
-	    [88827] Medium CVE-2011-2803: Out-of-bounds read in Skia paths.
-	      Credit to Google Chrome Security Team (Inferno).<br/>
-	    [88846] High CVE-2011-2801: Use-after-free in frame loader. Credit
-	      to miaubiz.<br/>
-	    [88889] High CVE-2011-2818: Use-after-free in display box rendering.
-	      Credit to Martin Barbella.<br/>
-	    [89142] High CVE-2011-2804: PDF crash with nested functions. Credit
-	      to Aki Helin of OUSPG.<br/>
-	    [89520] High CVE-2011-2805: Cross-origin script injection. Credit to
-	      Sergey Glazunov.<br/>
-	    [90222] High CVE-2011-2819: Cross-origin violation in base URI
-	      handling. Credit to Sergey Glazunov.</p>
-
-	  <p>Fixed in 12.0.742.112:<br/>
-	    [77493] Medium CVE-2011-2345: Out-of-bounds read in NPAPI string
-	      handling. Credit to Philippe Arteau.<br/>
-	    [84355] High CVE-2011-2346: Use-after-free in SVG font handling.
-	      Credit to miaubiz.<br/>
-	    [85003] High CVE-2011-2347: Memory corruption in CSS parsing. Credit
-	      to miaubiz.<br/>
-	    [85102] High CVE-2011-2350: Lifetime and re-entrancy issues in the
-	      HTML parser. Credit to miaubiz.<br/>
-	    [85177] High CVE-2011-2348: Bad bounds check in v8. Credit to Aki
-	      Helin of OUSPG.<br/>
-	    [85211] High CVE-2011-2351: Use-after-free with SVG use element.
-	      Credit to miaubiz.<br/>
-	    [85418] High CVE-2011-2349: Use-after-free in text selection. Credit
-	      to miaubiz.</p>
-
-	  <p>Fixed in 12.0.742.91:<br/>
-	    [73962] [79746] High CVE-2011-1808: Use-after-free due to integer
-	      issues in float handling. Credit to miaubiz.<br/>
-	    [75496] Medium CVE-2011-1809: Use-after-free in accessibility
-	      support. Credit to Google Chrome Security Team (SkyLined).<br/>
-	    [75643] Low CVE-2011-1810: Visit history information leak in CSS.
-	      Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability
-	      Research (MSVR).<br/>
-	    [76034] Low CVE-2011-1811: Browser crash with lots of form
-	      submissions. Credit to "DimitrisV22".<br/>
-	    [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit
-	      to kuzzcc.<br/>
-	    [78516] High CVE-2011-1813: Stale pointer in extension framework.
-	      Credit to Google Chrome Security Team (Inferno).<br/>
-	    [79362] Medium CVE-2011-1814: Read from uninitialized pointer.
-	      Credit to Eric Roman of the Chromium development community.<br/>
-	    [79862] Low CVE-2011-1815: Extension script injection into new tab
-	      page. Credit to kuzzcc.<br/>
-	    [80358] Medium CVE-2011-1816: Use-after-free in developer tools.
-	      Credit to kuzzcc.<br/>
-	    [81916] Medium CVE-2011-1817: Browser memory corruption in history
-	      deletion. Credit to Collin Payne.<br/>
-	    [81949] High CVE-2011-1818: Use-after-free in image loader. Credit
-	      to miaubiz.<br/>
-	    [83010] Medium CVE-2011-1819: Extension injection into chrome://
-	      pages. Credit to Vladislavas Jarmalis, plus subsequent
-	      independent discovery by Sergey Glazunov.<br/>
-	    [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to
-	      Sergey Glazunov.<br/>
-	    [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to
-	      Sergey Glazunov.</p>
-
-	  <p>Fixed in 11.0.696.71:<br/>
-	    [72189] Low CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal
-	      De Silva.<br/>
-	    [82546] High CVE-2011-1804: Stale pointer in floats rendering.
-	      Credit to Martin Barbella.<br/>
-	    [82873] Critical CVE-2011-1806: Memory corruption in GPU command
-	      buffer. Credit to Google Chrome Security Team (Cris Neckar).<br/>
-	    [82903] Critical CVE-2011-1807: Out-of-bounds write in blob
-	      handling. Credit to Google Chrome Security Team (Inferno) and
-	      Kostya Serebryany of the Chromium development community.</p>
-
-	  <p>Fixed in 11.0.696.68:<br/>
-	    [64046] High CVE-2011-1799: Bad casts in Chromium WebKit glue.
-	      Credit to Google Chrome Security Team (SkyLined).<br/>
-	    [80608] High CVE-2011-1800: Integer overflows in SVG filters.
-	      Credit to Google Chrome Security Team (Cris Neckar).</p>
-
-	  <p>Fixed in 11.0.696.57:<br/>
-	    [61502] High CVE-2011-1303: Stale pointer in floating object
-	      handling. Credit to Scott Hess of the Chromium development
-	      community and Martin Barbella.<br/>
-	    [70538] Low CVE-2011-1304: Pop-up block bypass via plug-ins. Credit
-	       to Chamal De Silva.<br/>
-	    [Linux / Mac only] [70589] Medium CVE-2011-1305: Linked-list race
-	       in database handling. Credit to Kostya Serebryany of the
-	       Chromium development community.<br/>
-	    [71586] Medium CVE-2011-1434: Lack of thread safety in MIME
-	       handling. Credit to Aki Helin.<br/>
-	    [72523] Medium CVE-2011-1435: Bad extension with "tabs" permission
-	       can capture local files. Credit to Cole Snodgrass.<br/>
-	    [Linux only] [72910] Low CVE-2011-1436: Possible browser crash due
-	       to bad interaction with X. Credit to miaubiz.<br/>
-	    [73526] High CVE-2011-1437: Integer overflows in float rendering.
-	       Credit to miaubiz.<br/>
-	    [74653] High CVE-2011-1438: Same origin policy violation with
-	       blobs. Credit to kuzzcc.<br/>
-	    [Linux only] [74763] High CVE-2011-1439: Prevent interference
-	       between renderer processes. Credit to Julien Tinnes of the
-	       Google Security Team.<br/>
-	    [75186] High CVE-2011-1440: Use-after-free with &lt;ruby&gt; tag
-	       and CSS. Credit to Jose A. Vazquez.<br/>
-	    [75347] High CVE-2011-1441: Bad cast with floating select lists.
-	       Credit to Michael Griffiths.<br/>
-	    [75801] High CVE-2011-1442: Corrupt node trees with mutation events.
-	       Credit to Sergey Glazunov and wushi of team 509.<br/>
-	    [76001] High CVE-2011-1443: Stale pointers in layering code. Credit
-	       to Martin Barbella.<br/>
-	    [Linux only] [76542] High CVE-2011-1444: Race condition in sandbox
-	       launcher. Credit to Dan Rosenberg.<br/>
-	    Medium CVE-2011-1445: Out-of-bounds read in SVG. Credit to wushi of
-	       team509.<br/>
-	    [76666] [77507] [78031] High CVE-2011-1446: Possible URL bar spoofs
-	       with navigation errors and interrupted loads. Credit to
-	       kuzzcc.<br/>
-	    [76966] High CVE-2011-1447: Stale pointer in drop-down list
-	       handling. Credit to miaubiz.<br/>
-	    [77130] High CVE-2011-1448: Stale pointer in height calculations.
-	       Credit to wushi of team509.<br/>
-	    [77346] High CVE-2011-1449: Use-after-free in WebSockets. Credit to
-	       Marek Majkowski.<br/>
-	    Low CVE-2011-1450: Dangling pointers in file dialogs. Credit to
-	       kuzzcc.<br/>
-	    [77463] High CVE-2011-1451: Dangling pointers in DOM id map. Credit
-	       to Sergey Glazunov.<br/>
-	    [77786] Medium CVE-2011-1452: URL bar spoof with redirect and manual
-	       reload. Credit to Jordi Chancel.<br/>
-	    [79199] High CVE-2011-1454: Use-after-free in DOM id handling.
-	       Credit to Sergey Glazunov.<br/>
-	    [79361] Medium CVE-2011-1455: Out-of-bounds read with
-	       multipart-encoded PDF. Credit to Eric Roman of the Chromium
-	       development community.<br/>
-	    [79364] High CVE-2011-1456: Stale pointers with PDF forms. Credit to
-	       Eric Roman of the Chromium development community.</p>
-
-	  <p>Fixed in 10.0.648.205:<br/>
-	    [75629] Critical CVE-2011-1301: Use-after-free in the GPU process.
-	      Credit to Google Chrome Security Team (Inferno).<br/>
-	    [78524] Critical CVE-2011-1302: Heap overflow in the GPU process.
-	      Credit to Christoph Diehl.</p>
-
-	  <p>Fixed in 10.0.648.204:<br/>
-	    [72517] High CVE-2011-1291: Buffer error in base string handling.
-	      Credit to Alex Turpin.<br/>
-	    [73216] High CVE-2011-1292: Use-after-free in the frame loader.
-	      Credit to Slawomir Blazek.<br/>
-	    [73595] High CVE-2011-1293: Use-after-free in HTMLCollection.
-	      Credit to Sergey Glazunov.<br/>
-	    [74562] High CVE-2011-1294: Stale pointer in CSS handling.
-	      Credit to Sergey Glazunov.<br/>
-	    [74991] High CVE-2011-1295: DOM tree corruption with broken node
-	      parentage. Credit to Sergey Glazunov.<br/>
-	    [75170] High CVE-2011-1296: Stale pointer in SVG text handling.
-	      Credit to Sergey Glazunov.</p>
-
-	  <p>Fixed in 10.0.648.133:<br/>
-	    [75712] High Memory corruption in style handling.
-	      Credit to Vincenzo Iozzo, Ralf Philipp Weinmann and Willem
-	      Pinckaers reported through ZDI.</p>
-
-	  <p>Fixed in 10.0.648.127:<br/>
-	    [42765] Low Possible to navigate or close the top location in a
-	      sandboxed frame. Credit to sirdarckcat of the Google Security
-	      Team.<br/>
-	    [Linux only] [49747] Low Work around an X server bug and crash with
-	      long messages. Credit to Louis Lang.<br/>
-	    [Linux only] [66962] Low Possible browser crash with parallel
-	      print()s. Credit to Aki Helin of OUSPG.<br/>
-	    [69187] Medium Cross-origin error message leak. Credit to Daniel
-	      Divricean.<br/>
-	    [69628] High Memory corruption with counter nodes. Credit to Martin
-	      Barbella.<br/>
-	    [70027] High Stale node in box layout. Credit to Martin
-	      Barbella.<br/>
-	    [70336] Medium Cross-origin error message leak with workers. Credit
-	      to Daniel Divricean.<br/>
-	    [70442] High Use after free with DOM URL handling. Credit to Sergey
-	      Glazunov.<br/>
-	    [Linux only] [70779] Medium Out of bounds read handling unicode
-	      ranges. Credit to miaubiz.<br/>
-	    [70877] High Same origin policy bypass in v8. Credit to Daniel
-	      Divricean.<br/>
-	    [70885] [71167] Low Pop-up blocker bypasses. Credit to Chamal de
-	      Silva.<br/>
-	    [71763] High Use-after-free in document script lifetime handling.
-	      Credit to miaubiz.<br/>
-	    [71788] High Out-of-bounds write in the OGG container. Credit to
-	      Google Chrome Security Team (SkyLined); plus subsequent
-	      independent discovery by David Weston of Microsoft and MSVR.<br/>
-	    [72028] High Stale pointer in table painting. Credit to Martin
-	      Barbella.<br/>
-	    [73026] High Use of corrupt out-of-bounds structure in video code.
-	      Credit to Tavis Ormandy of the Google Security Team.<br/>
-	    [73066] High Crash with the DataView object. Credit to Sergey
-	      Glazunov.<br/>
-	    [73134] High Bad cast in text rendering. Credit to miaubiz.<br/>
-	    [73196] High Stale pointer in WebKit context code. Credit to Sergey
-	      Glazunov.<br/>
-	    [73716] Low Leak of heap address in XSLT. Credit to Google Chrome
-	      Security Team (Chris Evans).<br/>
-	    [73746] High Stale pointer with SVG cursors. Credit to Sergey
-	      Glazunov.<br/>
-	    [74030] High DOM tree corruption with attribute handling. Credit to
-	      Sergey Glazunov.<br/>
-	    [74662] High Corruption via re-entrancy of RegExp code. Credit to
-	      Christian Holler.<br/>
-	    [74675] High Invalid memory access in v8. Credit to Christian
-	      Holler.</p>
-
-	  <p>Fixed in 9.0.597.107:<br/>
-	    [54262] High URL bar spoof. Credit to Jordi Chancel.<br/>
-	    [63732] High Crash with javascript dialogs. Credit to Sergey
-	      Radchenko.<br/>
-	    [68263] High Stylesheet node stale pointer. Credit to Sergey
-	      Glazunov.<br/>
-	    [68741] High Stale pointer with key frame rule. Credit to Sergey
-	      Glazunov.<br/>
-	    [70078] High Crash with forms controls. Credit to Stefan van
-	      Zanden.<br/>
-	    [70244] High Crash in SVG rendering. Credit to Slawomir Blazek.<br/>
-	    [64-bit Linux only] [70376] Medium Out-of-bounds read in pickle
-	       deserialization. Credit to Evgeniy Stepanov of the Chromium
-	       development community.<br/>
-	    [71114] High Stale node in table handling. Credit to Martin
-	       Barbella.<br/>
-	    [71115] High Stale pointer in table rendering. Credit to Martin
-	       Barbella.<br/>
-	    [71296] High Stale pointer in SVG animations. Credit to
-	       miaubiz.<br/>
-	    [71386] High Stale nodes in XHTML. Credit to wushi of team509.<br/>
-	    [71388] High Crash in textarea handling. Credit to wushi of
-	       team509.<br/>
-	    [71595] High Stale pointer in device orientation. Credit to Sergey
-	       Glazunov.<br/>
-	    [71717] Medium Out-of-bounds read in WebGL. Credit to miaubiz.<br/>
-	    [71855] High Integer overflow in textarea handling. Credit to
-	       miaubiz.<br/>
-	    [71960] Medium Out-of-bounds read in WebGL. Credit to Google Chrome
-	       Security Team (Inferno).<br/>
-	    [72214] High Accidental exposure of internal extension functions.
-	       Credit to Tavis Ormandy of the Google Security Team.<br/>
-	    [72437] High Use-after-free with blocked plug-ins. Credit to Chamal
-	       de Silva.<br/>
-	    [73235] High Stale pointer in layout. Credit to Martin Barbella.</p>
-
-	  <p>Fixed in 9.0.597.94:<br/>
-	    [67234] High Stale pointer in animation event handling. Credit to
-	      Rik Cabanier.<br/>
-	    [68120] High Use-after-free in SVG font faces. Credit to
-	      miaubiz.<br/>
-	    [69556] High Stale pointer with anonymous block handling. Credit to
-	      Martin Barbella.<br/>
-	    [69970] Medium Out-of-bounds read in plug-in handling. Credit to
-	      Bill Budge of Google.<br/>
-	    [70456] Medium Possible failure to terminate process on
-	      out-of-memory condition. Credit to David Warren of CERT/CC.</p>
-
-	  <p>Fixed in 9.0.597.84:<br/>
-	    [Mac only] [42989] Low Minor sandbox leak via stat(). Credit to
-	      Daniel Cheng of the Chromium development community.<br/>
-	    [55831] High Use-after-free in image loading. Credit to Aki
-	      Helin of OUSPG.<br/>
-	    [59081] Low Apply some restrictions to cross-origin drag + drop.
-	      Credit to Google Chrome Security Team (SkyLined) and the Google
-	      Security Team (Michal Zalewski, David Bloom).<br/>
-	    [62791] Low Browser crash with extension with missing key. Credit
-	      to Brian Kirchoff.<br/>
-	    [64051] High Crashing when printing in PDF event handler. Credit to
-	      Aki Helin of OUSPG.<br/>
-	    [65669] Low Handle merging of autofill profiles more gracefully.
-	      Credit to Google Chrome Security Team (Inferno).<br/>
-	    [Mac only] [66931] Low Work around a crash in the Mac OS 10.5 SSL
-	      libraries. Credit to Dan Morrison.<br/>
-	    [68244] Low Browser crash with bad volume setting. Credit to
-	      Matthew Heidermann.<br/>
-	    [69195] Critical Race condition in audio handling. Credit to the
-	      gamers of Reddit!</p>
-
-	  <p>Fixed in 8.0.552.237:<br/>
-	    [58053] Medium Browser crash in extensions notification handling.
-	      Credit to Eric Roman of the Chromium development community.<br/>
-	    [65764] High Bad pointer handling in node iteration. Credit to
-	      Sergey Glazunov.<br/>
-	    [66334] High Crashes when printing multi-page PDFs. Credit to
-	      Google Chrome Security Team (Chris Evans).<br/>
-	    [66560] High Stale pointer with CSS + canvas. Credit to Sergey
-	      Glazunov.<br/>
-	    [66748] High Stale pointer with CSS + cursors. Credit to Jan
-	      Tosovsk.<br/>
-	    [67100] High Use after free in PDF page handling. Credit to Google
-	      Chrome Security Team (Chris Evans).<br/>
-	    [67208] High Stack corruption after PDF out-of-memory condition.
-	      Credit to Jared Allar of CERT.<br/>
-	    [67303] High Bad memory access with mismatched video frame sizes.
-	      Credit to Aki Helin of OUSPG; plus independent discovery by
-	      Google Chrome Security Team (SkyLined) and David Warren of
-	      CERT.<br/>
-	    [67363] High Stale pointer with SVG use element. Credited
-	      anonymously; plus indepdent discovery by miaubiz.<br/>
-	    [67393] Medium Uninitialized pointer in the browser triggered by
-	      rogue extension. Credit to kuzzcc.<br/>
-	    [68115] High Vorbis decoder buffer overflows. Credit to David
-	      Warren of CERT.<br/>
-	    [68170] High Buffer overflow in PDF shading. Credit to Aki Helin of
-	      OUSPG.<br/>
-	    [68178] High Bad cast in anchor handling. Credit to Sergey
-	      Glazunov.<br/>
-	    [68181] High Bad cast in video handling. Credit to Sergey
-	      Glazunov.<br/>
-	    [68439] High Stale rendering node after DOM node removal. Credit to
-	      Martin Barbella; plus independent discovery by Google Chrome
-	      Security Team (SkyLined).<br/>
-	    [68666] Critical Stale pointer in speech handling. Credit to Sergey
-	      Glazunov.</p>
-
-	  <p>Fixed in 8.0.552.224:<br/>
-	    [64-bit Linux only] [56449] High Bad validation for message
-	      deserialization on 64-bit builds. Credit to Lei Zhang of the
-	      Chromium development community.<br/>
-	    [60761] Medium Bad extension can cause browser crash in tab
-	      handling. Credit to kuzzcc.<br/>
-	    [63529] Low Browser crash with NULL pointer in web worker handling.
-	      Credit to Nathan Weizenbaum of Google.<br/>
-	    [63866] Medium Out-of-bounds read in CSS parsing. Credit to Chris
-	      Rohlf.<br/>
-	    [64959] High Stale pointers in cursor handling. Credit to Slawomir
-	      Blazek and Sergey Glazunov.</p>
-
-	  <p>Fixed in 8.0.552.215:<br/>
-	    [17655] Low Possible pop-up blocker bypass. Credit to Google Chrome
-	      Security Team (SkyLined).<br/>
-	    [55745] Medium Cross-origin video theft with canvas. Credit to
-	      Nirankush Panchbhai and Microsoft Vulnerability Research
-	      (MSVR).<br/>
-	    [56237] Low Browser crash with HTML5 databases. Credit to Google
-	      Chrome Security Team (Inferno).<br/>
-	    [58319] Low Prevent excessive file dialogs, possibly leading to
-	      browser crash. Credit to Cezary Tomczak (gosu.pl).<br/>
-	    [59554] High Use after free in history handling. Credit to Stefan
-	      Troger.<br/>
-	    [Linux / Mac] [59817] Medium Make sure the "dangerous file types"
-	      list is uptodate with the Windows platforms. Credit to Billy Rios
-	      of the Google Security Team.<br/>
-	    [61701] Low Browser crash with HTTP proxy authentication. Credit to
-	      Mohammed Bouhlel.<br/>
-	    [61653] Medium Out-of-bounds read regression in WebM video support.
-	      Credit to Google Chrome Security Team (Chris Evans), based on
-	      earlier testcases from Mozilla and Microsoft (MSVR).<br/>
-	    [62127] High Crash due to bad indexing with malformed video. Credit
-	      to miaubiz.<br/>
-	    [62168] Medium Possible browser memory corruption via malicious
-	      privileged extension. Credit to kuzzcc.<br/>
-	    [62401] High Use after free with SVG animations. Credit to Slawomir
-	      Blazek.<br/>
-	    [63051] Medium Use after free in mouse dragging event handling.
-	      Credit to kuzzcc.<br/>
-	    [63444] High Double free in XPath handling. Credit to Yang Dingning
-	      from NCNIPC, Graduate University of Chinese Academy of Sciences.</p>
-
-	    <p>Fixed in 7.0.517.44:<br/>
-	    [51602] High Use-after-free in text editing. Credit to David Bloom
-	      of the Google Security Team, Google Chrome Security Team (Inferno)
-	      and Google Chrome Security Team (Cris Neckar).<br/>
-	    [55257] High Memory corruption with enormous text area. Credit to
-	      wushi of team509.<br/>
-	    [58657] High Bad cast with the SVG use element. Credit to the
-	      kuzzcc.<br/>
-	    [58731] High Invalid memory read in XPath handling. Credit to Bui
-	      Quang Minh from Bkis (www.bkis.com).<br/>
-	    [58741] High Use-after-free in text control selections. Credit to
-	      "vkouchna".<br/>
-	    [Linux only] [59320] High Integer overflows in font handling. Credit
-	      to Aki Helin of OUSPG.<br/>
-	    [60055] High Memory corruption in libvpx. Credit to Christoph
-	      Diehl.<br/>
-	    [60238] High Bad use of destroyed frame object. Credit to various
-	      developers, including "gundlach".<br/>
-	    [60327] [60769] [61255] High Type confusions with event objects.
-	      Credit to "fam.lam" and Google Chrome Security Team
-	      (Inferno).<br/>
-	    [60688] High Out-of-bounds array access in SVG handling. Credit to
-	      wushi of team509.</p>
-
-	    <p>Fixed in 7.0.517.43:<br/>
-	    [48225] [51727] Medium Possible autofill / autocomplete profile
-	      spamming. Credit to Google Chrome Security Team (Inferno).<br/>
-	    [48857] High Crash with forms. Credit to the Chromium development
-	      community.<br/>
-	    [50428] Critical Browser crash with form autofill. Credit to the
-	      Chromium development community.<br/>
-	    [51680] High Possible URL spoofing on page unload. Credit to kuzzcc;
-	      plus independent discovery by Jordi Chancel.<br/>
-	    [53002] Low Pop-up block bypass. Credit to kuzzcc.<br/>
-	    [53985] Medium Crash on shutdown with Web Sockets. Credit to the
-	      Chromium development community.<br/>
-	    [Linux only] [54132] Low Bad construction of PATH variable. Credit
-	      to Dan Rosenberg, Virtual Security Research.<br/>
-	    [54500] High Possible memory corruption with animated GIF. Credit to
-	      Simon Schaak.<br/>
-	    [Linux only] [54794] High Failure to sandbox worker processes on
-	      Linux. Credit to Google Chrome Security Team (Chris Evans).<br/>
-	    [56451] High Stale elements in an element map. Credit to Michal
-	      Zalewski of the Google Security Team.</p>
-	</blockquote>
-      </body>
-    </description>
-    <references>
-      <url>http://googlechromereleases.blogspot.com/search/label/Stable%20updates</url>
-      <cvename>CVE-2011-1290</cvename>
-      <cvename>CVE-2011-1291</cvename>
-      <cvename>CVE-2011-1292</cvename>
-      <cvename>CVE-2011-1293</cvename>
-      <cvename>CVE-2011-1294</cvename>
-      <cvename>CVE-2011-1295</cvename>
-      <cvename>CVE-2011-1296</cvename>
-      <cvename>CVE-2011-1301</cvename>
-      <cvename>CVE-2011-1302</cvename>
-      <cvename>CVE-2011-1303</cvename>
-      <cvename>CVE-2011-1304</cvename>
-      <cvename>CVE-2011-1305</cvename>
-      <cvename>CVE-2011-1434</cvename>
-      <cvename>CVE-2011-1435</cvename>
-      <cvename>CVE-2011-1436</cvename>
-      <cvename>CVE-2011-1437</cvename>
-      <cvename>CVE-2011-1438</cvename>
-      <cvename>CVE-2011-1439</cvename>
-      <cvename>CVE-2011-1440</cvename>
-      <cvename>CVE-2011-1441</cvename>
-      <cvename>CVE-2011-1442</cvename>
-      <cvename>CVE-2011-1443</cvename>
-      <cvename>CVE-2011-1444</cvename>
-      <cvename>CVE-2011-1445</cvename>
-      <cvename>CVE-2011-1446</cvename>
-      <cvename>CVE-2011-1447</cvename>
-      <cvename>CVE-2011-1448</cvename>
-      <cvename>CVE-2011-1449</cvename>
-      <cvename>CVE-2011-1450</cvename>
-      <cvename>CVE-2011-1451</cvename>
-      <cvename>CVE-2011-1452</cvename>
-      <cvename>CVE-2011-1454</cvename>
-      <cvename>CVE-2011-1455</cvename>
-      <cvename>CVE-2011-1456</cvename>
-      <cvename>CVE-2011-1799</cvename>
-      <cvename>CVE-2011-1800</cvename>
-      <cvename>CVE-2011-1801</cvename>
-      <cvename>CVE-2011-1804</cvename>
-      <cvename>CVE-2011-1806</cvename>
-      <cvename>CVE-2011-1807</cvename>
-      <cvename>CVE-2011-1808</cvename>
-      <cvename>CVE-2011-1809</cvename>
-      <cvename>CVE-2011-1810</cvename>
-      <cvename>CVE-2011-1811</cvename>
-      <cvename>CVE-2011-1812</cvename>
-      <cvename>CVE-2011-1813</cvename>
-      <cvename>CVE-2011-1814</cvename>
-      <cvename>CVE-2011-1815</cvename>
-      <cvename>CVE-2011-1816</cvename>
-      <cvename>CVE-2011-1817</cvename>
-      <cvename>CVE-2011-1818</cvename>
-      <cvename>CVE-2011-1819</cvename>
-      <cvename>CVE-2011-2332</cvename>
-      <cvename>CVE-2011-2342</cvename>
-      <cvename>CVE-2011-2345</cvename>
-      <cvename>CVE-2011-2346</cvename>
-      <cvename>CVE-2011-2347</cvename>
-      <cvename>CVE-2011-2348</cvename>
-      <cvename>CVE-2011-2349</cvename>
-      <cvename>CVE-2011-2350</cvename>
-      <cvename>CVE-2011-2351</cvename>
-      <cvename>CVE-2011-2358</cvename>
-      <cvename>CVE-2011-2359</cvename>
-      <cvename>CVE-2011-2360</cvename>
-      <cvename>CVE-2011-2361</cvename>
-      <cvename>CVE-2011-2782</cvename>
-      <cvename>CVE-2011-2783</cvename>
-      <cvename>CVE-2011-2784</cvename>
-      <cvename>CVE-2011-2785</cvename>
-      <cvename>CVE-2011-2786</cvename>
-      <cvename>CVE-2011-2787</cvename>
-      <cvename>CVE-2011-2788</cvename>
-      <cvename>CVE-2011-2789</cvename>
-      <cvename>CVE-2011-2790</cvename>
-      <cvename>CVE-2011-2791</cvename>
-      <cvename>CVE-2011-2792</cvename>
-      <cvename>CVE-2011-2793</cvename>
-      <cvename>CVE-2011-2794</cvename>
-      <cvename>CVE-2011-2795</cvename>
-      <cvename>CVE-2011-2796</cvename>
-      <cvename>CVE-2011-2797</cvename>
-      <cvename>CVE-2011-2798</cvename>
-      <cvename>CVE-2011-2799</cvename>
-      <cvename>CVE-2011-2800</cvename>
-      <cvename>CVE-2011-2801</cvename>
-      <cvename>CVE-2011-2802</cvename>
-      <cvename>CVE-2011-2803</cvename>
-      <cvename>CVE-2011-2804</cvename>
-      <cvename>CVE-2011-2805</cvename>
-      <cvename>CVE-2011-2818</cvename>
-      <cvename>CVE-2011-2819</cvename>
-      <cvename>CVE-2011-2821</cvename>
-      <cvename>CVE-2011-2823</cvename>
-      <cvename>CVE-2011-2824</cvename>
-      <cvename>CVE-2011-2825</cvename>
-      <cvename>CVE-2011-2826</cvename>
-      <cvename>CVE-2011-2827</cvename>
-      <cvename>CVE-2011-2828</cvename>
-      <cvename>CVE-2011-2829</cvename>
-      <cvename>CVE-2011-2834</cvename>
-      <cvename>CVE-2011-2835</cvename>
-      <cvename>CVE-2011-2836</cvename>
-      <cvename>CVE-2011-2837</cvename>
-      <cvename>CVE-2011-2838</cvename>
-      <cvename>CVE-2011-2839</cvename>
-      <cvename>CVE-2011-2840</cvename>
-      <cvename>CVE-2011-2841</cvename>
-      <cvename>CVE-2011-2842</cvename>
-      <cvename>CVE-2011-2843</cvename>
-      <cvename>CVE-2011-2844</cvename>
-      <cvename>CVE-2011-2845</cvename>
-      <cvename>CVE-2011-2846</cvename>
-      <cvename>CVE-2011-2847</cvename>
-      <cvename>CVE-2011-2848</cvename>
-      <cvename>CVE-2011-2849</cvename>
-      <cvename>CVE-2011-2850</cvename>
-      <cvename>CVE-2011-2851</cvename>
-      <cvename>CVE-2011-2852</cvename>
-      <cvename>CVE-2011-2853</cvename>
-      <cvename>CVE-2011-2854</cvename>
-      <cvename>CVE-2011-2855</cvename>
-      <cvename>CVE-2011-2856</cvename>
-      <cvename>CVE-2011-2857</cvename>
-      <cvename>CVE-2011-2858</cvename>
-      <cvename>CVE-2011-2859</cvename>
-      <cvename>CVE-2011-2860</cvename>
-      <cvename>CVE-2011-2861</cvename>
-      <cvename>CVE-2011-2862</cvename>
-      <cvename>CVE-2011-2864</cvename>
-      <cvename>CVE-2011-2874</cvename>
-      <cvename>CVE-2011-2875</cvename>
-      <cvename>CVE-2011-2876</cvename>
-      <cvename>CVE-2011-2877</cvename>
-      <cvename>CVE-2011-2878</cvename>
-      <cvename>CVE-2011-2879</cvename>
-      <cvename>CVE-2011-2880</cvename>
-      <cvename>CVE-2011-2881</cvename>
-      <cvename>CVE-2011-3234</cvename>
-      <cvename>CVE-2011-3873</cvename>
-      <cvename>CVE-2011-3873</cvename>
-      <cvename>CVE-2011-3875</cvename>
-      <cvename>CVE-2011-3876</cvename>
-      <cvename>CVE-2011-3877</cvename>
-      <cvename>CVE-2011-3878</cvename>
-      <cvename>CVE-2011-3879</cvename>
-      <cvename>CVE-2011-3880</cvename>
-      <cvename>CVE-2011-3881</cvename>
-      <cvename>CVE-2011-3882</cvename>
-      <cvename>CVE-2011-3883</cvename>
-      <cvename>CVE-2011-3884</cvename>
-      <cvename>CVE-2011-3885</cvename>
-      <cvename>CVE-2011-3886</cvename>
-      <cvename>CVE-2011-3887</cvename>
-      <cvename>CVE-2011-3888</cvename>
-      <cvename>CVE-2011-3889</cvename>
-      <cvename>CVE-2011-3890</cvename>
-      <cvename>CVE-2011-3891</cvename>
-      <cvename>CVE-2011-3892</cvename>
-      <cvename>CVE-2011-3893</cvename>
-      <cvename>CVE-2011-3894</cvename>
-      <cvename>CVE-2011-3895</cvename>
-      <cvename>CVE-2011-3896</cvename>
-      <cvename>CVE-2011-3897</cvename>
-      <cvename>CVE-2011-3898</cvename>
-      <cvename>CVE-2011-3900</cvename>
-    </references>
-    <dates>
-      <discovery>2010-10-19</discovery>
-      <entry>2010-12-07</entry>
-      <modified>2011-11-17</modified>
-    </dates>
-  </vuln>
-
   <vuln vid="ed7fa1b4-ff59-11df-9759-080027284eaa">
     <topic>proftpd -- Compromised source packages backdoor</topic>
     <affects>
@@ -87256,7 +86432,7 @@ executed in your Internet Explorer while displaying th
       <url>http://gitorious.org/webkitgtk/stable/commit/9d07fda89aab7105962d933eef32ca15dda610d8</url>
     </references>
     <dates>
-      <discovery>2010-09-7</discovery>
+      <discovery>2010-09-07</discovery>
       <entry>2010-09-10</entry>
     </dates>
   </vuln>
@@ -101327,7 +100503,7 @@ executed in your Internet Explorer while displaying th
        <url>http://secunia.com/advisories/31028/</url>
     </references>
     <dates>
-      <discovery>2008-07-9</discovery>
+      <discovery>2008-07-09</discovery>
       <entry>2008-07-13</entry>
       <modified>2010-05-12</modified>
     </dates>
@@ -111062,7 +110238,7 @@ executed in your Internet Explorer while displaying th
      <url>http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html</url>
     </references>
     <dates>
-      <discovery>2006-12-1</discovery>
+      <discovery>2006-12-01</discovery>
       <entry>2006-12-11</entry>
       <modified>2010-05-12</modified>
     </dates>