From owner-svn-ports-all@FreeBSD.ORG Wed Jun 11 08:30:02 2014 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DDDDD8C4; Wed, 11 Jun 2014 08:30:01 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C98AA28F5; Wed, 11 Jun 2014 08:30:01 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5B8U1CB031796; Wed, 11 Jun 2014 08:30:01 GMT (envelope-from rene@svn.freebsd.org) Received: (from rene@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s5B8U16M031793; Wed, 11 Jun 2014 08:30:01 GMT (envelope-from rene@svn.freebsd.org) Message-Id: <201406110830.s5B8U16M031793@svn.freebsd.org> From: Rene Ladan Date: Wed, 11 Jun 2014 08:30:01 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r357430 - branches/2014Q2/security/vuxml X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2014 08:30:02 -0000 Author: rene Date: Wed Jun 11 08:30:01 2014 New Revision: 357430 URL: http://svnweb.freebsd.org/changeset/ports/357430 QAT: https://qat.redports.org/buildarchive/r357430/ Log: MFH: r357427 Document new vulnerabilities in www/chromium < 35.0.1916.153 Submitted by: Carlos Jacobo Puga Medina Obtained from: http://www.googlechromereleases.blogspot.nl/ Also merge entries for mozilla, openssl, gnutls (2), mumble (2), and linux-flashplugin Approved by: portmgr (erwin) Modified: branches/2014Q2/security/vuxml/vuln.xml Directory Properties: branches/2014Q2/ (props changed) Modified: branches/2014Q2/security/vuxml/vuln.xml ============================================================================== --- branches/2014Q2/security/vuxml/vuln.xml Wed Jun 11 08:19:36 2014 (r357429) +++ branches/2014Q2/security/vuxml/vuln.xml Wed Jun 11 08:30:01 2014 (r357430) @@ -51,6 +51,320 @@ Note: Please add new entries to the beg --> + + chromium -- multiple vulnerabilities + + + chromium + 35.0.1916.153 + + + + +

Google Chrome Releases reports:

+
4 security fixes in this release, including:
+
+
[369525] High CVE-2014-3154: Use-after-free in filesystem api. Credit + to Collin Payne.
+
[369539] High CVE-2014-3155: Out-if-bounds read in SPDY. Credit + to James March, Daniel Sommermann and Alan Frindell of Facebook.
+
[369621] Medium CVE-2014-3156: Buffer overflow in clipboard. Credit + to Atte Kettunen of OUSPG.
+
[368980] CVE-2014-3157: Heap overflow in media.
+
+

+ + + + CVE-2014-3154 + CVE-2014-3155 + CVE-2014-3156 + CVE-2014-3157 + http://googlechromereleases.blogspot.nl + + + 2014-06-10 + 2014-06-10 + + + + + mozilla -- multiple vulnerabilities + + + firefox + 30.0,1 + + + firefox-esr + 24.6.0,1 + + + linux-firefox + 30.0,1 + + + linux-thunderbird + 24.6.0 + + + nspr + 4.10.6 + + + thunderbird + 24.6.0 + + + + +

The Mozilla Project reports:

+
MFSA 2014-48 Miscellaneous memory safety hazards + (rv:30.0 / rv:24.6)
+
MFSA 2014-49 Use-after-free and out of bounds + issues found using Address Sanitizer
+
MFSA 2014-51 Use-after-free in Event Listener + Manager
+
MFSA 2014-52 Use-after-free with SMIL Animation + Controller
+
MFSA 2014-53 Buffer overflow in Web Audio Speex + resampler
+
MFSA 2014-54 Buffer overflow in Gamepad API
+
MFSA 2014-55 Out of bounds write in NSPR
+

+ + + + CVE-2014-1533 + CVE-2014-1534 + CVE-2014-1536 + CVE-2014-1537 + CVE-2014-1540 + CVE-2014-1541 + CVE-2014-1542 + CVE-2014-1543 + CVE-2014-1545 + https://www.mozilla.org/security/announce/2014/mfsa2014-48.html + https://www.mozilla.org/security/announce/2014/mfsa2014-49.html + https://www.mozilla.org/security/announce/2014/mfsa2014-51.html + https://www.mozilla.org/security/announce/2014/mfsa2014-52.html + https://www.mozilla.org/security/announce/2014/mfsa2014-53.html + https://www.mozilla.org/security/announce/2014/mfsa2014-54.html + https://www.mozilla.org/security/announce/2014/mfsa2014-55.html + + + 2014-06-10 + 2014-06-10 + + + + + OpenSSL -- multiple vulnerabilities + + + openssl + 1.0.11.0.1_13 + + + mingw32-openssl + 1.0.11.0.1h + + + FreeBSD + 8.08.4_12 + 9.19.1_15 + 9.29.2_8 + 10.010.0_5 + + + + +

The OpenSSL Project reports:

+
An attacker using a carefully crafted handshake can force + the use of weak keying material in OpenSSL SSL/TLS clients + and servers. This can be exploited by a Man-in-the-middle + (MITM) attack where the attacker can decrypt and modify + traffic from the attacked client and server. [CVE-2014-0224]
+
By sending an invalid DTLS handshake to an OpenSSL DTLS + client the code can be made to recurse eventually crashing + in a DoS attack. [CVE-2014-0221]
+
A buffer overrun attack can be triggered by sending invalid + DTLS fragments to an OpenSSL DTLS client or server. This is + potentially exploitable to run arbitrary code on a vulnerable + client or server. [CVE-2014-0195]
+
OpenSSL TLS clients enabling anonymous ECDH ciphersuites are + subject to a denial of service attack. [CVE-2014-3470]
+

+ + + + CVE-2014-0195 + CVE-2014-0221 + CVE-2014-0224 + CVE-2014-3470 + http://www.freebsd.org/security/advisories/FreeBSD-SA-14:14.openssl.asc + http://www.openssl.org/news/secadv_20140605.txt + + + 2014-06-05 + 2014-06-05 + + + + + gnutls -- client-side memory corruption + + + gnutls + 2.12.23_6 + + + + +

GnuTLS project reports:

+
This vulnerability affects the client side of the gnutls library. + A server that sends a specially crafted ServerHello could corrupt + the memory of a requesting client.
+

+ + + + CVE-2014-3466 + http://www.gnutls.org/security.html#GNUTLS-SA-2014-3 + + + 2014-05-14 + 2014-06-04 + + + + + gnutls -- client-side memory corruption + + + gnutls3 + 3.13.1.25 + + + + +

GnuTLS project reports:

+
This vulnerability affects the client side of the gnutls library. + A server that sends a specially crafted ServerHello could corrupt + the memory of a requesting client.
+

+ + + + CVE-2014-3466 + http://www.gnutls.org/security.html#GNUTLS-SA-2014-3 + + + 2014-05-14 + 2014-06-03 + + + + + mumble -- multiple vulnerabilities + + + mumble + 1.2.01.2.6 + + + + +

Mumble reports:

+
SVG images with local file references could trigger client DoS
+
The Mumble client did not properly HTML-escape some external strings + before using them in a rich-text (HTML) context.
+

+ + + + http://mumble.info/security/Mumble-SA-2014-005.txt + http://mumble.info/security/Mumble-SA-2014-006.txt + + + 2014-04-16 + 2014-05-29 + + + + + mumble -- NULL pointer dereference and heap-based buffer overflow + + + mumble + 1.2.41.2.4_6 + + + + +

Mumble reports:

+
A malformed Opus voice packet sent to a Mumble client could trigger + a NULL pointer dereference or an out-of-bounds array access.
+
A malformed Opus voice packet sent to a Mumble client could trigger a + heap-based buffer overflow.
+

+ + + + CVE-2014-0044 + CVE-2014-0045 + http://mumble.info/security/Mumble-SA-2014-001.txt + http://mumble.info/security/Mumble-SA-2014-002.txt + + + 2014-01-25 + 2014-05-29 + + + + + + + + + linux-flashplugin -- multiple vulnerabilities + + + linux-f10-flashplugin + 11.2r202.359 + + + + +

Adobe reports:

+
These updates address vulnerabilities that could cause a crash + and potentially allow an attacker to take control of the affected system.
+

+ + + + CVE-2014-0510 + CVE-2014-0516 + CVE-2014-0517 + CVE-2014-0518 + CVE-2014-0519 + CVE-2014-0520 + https://helpx.adobe.com/security/products/flash-player/apsb14-14.html + + + 2014-03-13 + 2014-05-26 + + + openjpeg -- Multiple vulnabilities