Date: Sat, 7 Dec 2024 15:59:45 GMT From: "Jason E. Hale" <jhale@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: d5d17095a940 - main - security/vuxml: Add www/qt6-webengine < 6.7.3_3 Message-ID: <202412071559.4B7FxjlY026810@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by jhale: URL: https://cgit.FreeBSD.org/ports/commit/?id=d5d17095a9406585b6ea2e8ac142239ee4fe7157 commit d5d17095a9406585b6ea2e8ac142239ee4fe7157 Author: Jason E. Hale <jhale@FreeBSD.org> AuthorDate: 2024-12-07 04:41:44 +0000 Commit: Jason E. Hale <jhale@FreeBSD.org> CommitDate: 2024-12-07 15:59:31 +0000 security/vuxml: Add www/qt6-webengine < 6.7.3_3 --- security/vuxml/vuln/2024.xml | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/security/vuxml/vuln/2024.xml b/security/vuxml/vuln/2024.xml index 8114c8efcc33..a5f7f0e3e62a 100644 --- a/security/vuxml/vuln/2024.xml +++ b/security/vuxml/vuln/2024.xml @@ -1,3 +1,40 @@ + <vuln vid="c2fd83e4-b450-11ef-b680-4ccc6adda413"> + <topic>qt6-webengine -- Multiple vulnerabilities</topic> + <affects> + <package> + <name>qt6-webengine</name> + <range><lt>6.7.3_3</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Qt qtwebengine-chromium repo reports:</p> + <blockquote cite="https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=118-based">; + <p>Backports for 5 security bugs in Chromium:</p> + <ul> + <li>CVE-2024-11110: Inappropriate implementation in Blink</li> + <li>CVE-2024-11112: Use after free in Media</li> + <li>CVE-2024-11114: Inappropriate implementation in Views</li> + <li>CVE-2024-11116: Inappropriate implementation in Paint</li> + <li>CVE-2024-11117: Inappropriate implementation in FileSystem</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2024-11110</cvename> + <cvename>CVE-2024-11112</cvename> + <cvename>CVE-2024-11114</cvename> + <cvename>CVE-2024-11116</cvename> + <cvename>CVE-2024-11117</cvename> + <url>https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=118-based</url>; + </references> + <dates> + <discovery>2024-11-29</discovery> + <entry>2024-12-07</entry> + </dates> + </vuln> + <vuln vid="7f3a302b-b3e8-11ef-b680-4ccc6adda413"> <topic>gstreamer1-plugins-vorbis -- Stack buffer-overflow in Vorbis decoder</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202412071559.4B7FxjlY026810>