diff options
| author | Rene Ladan <rene@FreeBSD.org> | 2021-08-17 12:35:20 +0000 |
|---|---|---|
| committer | Rene Ladan <rene@FreeBSD.org> | 2021-08-17 12:35:20 +0000 |
| commit | edc64acb158c7cf96a031f8918493502b7903138 (patch) | |
| tree | 51b8c0276d96944d9b36b60b7de1c4bdf1a8377b | |
| parent | 7415950cd04a7b06ba0be92f44e4f17619ad9549 (diff) | |
| download | ports-edc64acb158c7cf96a031f8918493502b7903138.tar.gz ports-edc64acb158c7cf96a031f8918493502b7903138.zip | |
security/vuxml: add www/chromium < 92.0.4515.159
| -rw-r--r-- | security/vuxml/vuln-2021.xml | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/security/vuxml/vuln-2021.xml b/security/vuxml/vuln-2021.xml index cc4e60e9de4a..2e4e71dee8b8 100644 --- a/security/vuxml/vuln-2021.xml +++ b/security/vuxml/vuln-2021.xml @@ -1,3 +1,53 @@ + <vuln vid="128deba6-ff56-11eb-8514-3065ec8fd3ec"> + <topic>chromium -- multiple vulnerabilities</topic> + <affects> + <package> + <name>chromium</name> + <range><lt>92.0.4515.159</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Chrome Releases reports:</p> + <blockquote cite="https://chromereleases.googleblog.com/2021/08/stable-channel-update-for-desktop.html"> + <p>This release contains 9 security fixes, including:</p> + <ul> + <li>[1234764] High CVE-2021-30598: Type Confusion in V8. Reported by + Manfred Paul on 2021-07-30</li> + <li>[1234770] High CVE-2021-30599: Type Confusion in V8. Reported by + Manfred Paul on 2021-07-30</li> + <li>[1231134] High CVE-2021-30600: Use after free in Printing. + Reported by Leecraso and Guang Gong of 360 Alpha Lab on + 2021-07-20</li> + <li>[1234009] High CVE-2021-30601: Use after free in Extensions API. + Reported by koocola(@alo_cook) and Nan Wang(@eternalsakura13) of + 360 Alpha Lab on 2021-07-28</li> + <li>[1230767] High CVE-2021-30602: Use after free in WebRTC. + Reported by Marcin Towalski of Cisco Talos on 2021-07-19</li> + <li>[1233564] High CVE-2021-30603: Race in WebAudio. Reported by + Sergei Glazunov of Google Project Zero on 2021-07-27</li> + <li>[1234829] High CVE-2021-30604: Use after free in ANGLE. Reported + by Seong-Hwan Park (SeHwa) of SecunologyLab on 2021-07-30</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2021-30598</cvename> + <cvename>CVE-2021-30599</cvename> + <cvename>CVE-2021-30600</cvename> + <cvename>CVE-2021-30601</cvename> + <cvename>CVE-2021-30602</cvename> + <cvename>CVE-2021-30603</cvename> + <cvename>CVE-2021-30604</cvename> + <url>https://chromereleases.googleblog.com/2021/08/stable-channel-update-for-desktop.html</url> + </references> + <dates> + <discovery>2021-08-16</discovery> + <entry>2021-08-17</entry> + </dates> + </vuln> + <vuln vid="e9200f8e-fd34-11eb-afb1-c85b76ce9b5a"> <topic>lynx -- SSL certificate validation error</topic> <affects> |