aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRene Ladan <rene@FreeBSD.org>2012-11-27 19:32:44 +0000
committerRene Ladan <rene@FreeBSD.org>2012-11-27 19:32:44 +0000
commite0be61b375d0a183212c092747940d860751ac48 (patch)
tree6cca63975add3c7ea570caa8bf200cff6d42bb5b
parent8fc58a9bf2b7e6189dcd6866a8d2920ddcafa3c1 (diff)
downloadports-e0be61b375d0a183212c092747940d860751ac48.tar.gz
ports-e0be61b375d0a183212c092747940d860751ac48.zip
MFH r307828: describe new vulnerabilities in www/chromium < 23.0.1271.91
Obtained from: http://googlechromereleases.blogspot.nl/search/label/Stable%20updates MFH r307855: update www/chromium to 23.0.1271.91 Security: http://www.vuxml.org/freebsd/4d64fc61-3878-11e2-a4eb-00262d5ed8ee.html Approved by: portmgr (tabthorpe) Feature safe: yes
Notes
Notes: svn path=/branches/RELENG_9_1_0/; revision=307860
-rw-r--r--security/vuxml/vuln.xml42
-rw-r--r--www/chromium/Makefile3
-rw-r--r--www/chromium/distinfo4
3 files changed, 45 insertions, 4 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 4ba9386fadc3..f6f0f59a003c 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -51,6 +51,48 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="4d64fc61-3878-11e2-a4eb-00262d5ed8ee">
+ <topic>chromium -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>chromium</name>
+ <range><lt>23.0.1271.91</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Google Chrome Releases reports:</p>
+ <blockquote cite="http://googlechromereleases.blogspot.nl/search/label/Stable%20updates">
+ <p>[156567] High CVE-2012-5133: Use-after-free in SVG filters. Credit
+ to miaubiz.</p>
+ <p>[148638] Medium CVE-2012-5130: Out-of-bounds read in Skia. Credit
+ to Atte Kettunen of OUSPG.</p>
+ <p>[155711] Low CVE-2012-5132: Browser crash with chunked encoding.
+ Credit to Attila Szász.</p>
+ <p>[158249] High CVE-2012-5134: Buffer underflow in libxml. Credit to
+ Google Chrome Security Team (Jüri Aedla).</p>
+ <p>[159165] Medium CVE-2012-5135: Use-after-free with printing.
+ Credit to Fermin Serna of Google Security Team.</p>
+ <p>[159829] Medium CVE-2012-5136: Bad cast in input element handling.
+ Credit to Google Chrome Security Team (Inferno).</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2012-5130</cvename>
+ <cvename>CVE-2012-5132</cvename>
+ <cvename>CVE-2012-5133</cvename>
+ <cvename>CVE-2012-5134</cvename>
+ <cvename>CVE-2012-5135</cvename>
+ <cvename>CVE-2012-5136</cvename>
+ <url>http://googlechromereleases.blogspot.nl/search/label/Stable%20updates</url>
+ </references>
+ <dates>
+ <discovery>2012-11-26</discovery>
+ <entry>2012-11-27</entry>
+ </dates>
+ </vuln>
+
<vuln vid="5536c8e4-36b3-11e2-a633-902b343deec9">
<topic>FreeBSD -- Linux compatibility layer input validation error</topic>
<affects>
diff --git a/www/chromium/Makefile b/www/chromium/Makefile
index 4c48e9e949e4..04f3aed96042 100644
--- a/www/chromium/Makefile
+++ b/www/chromium/Makefile
@@ -3,8 +3,7 @@
PORTNAME= chromium
DISTVERSIONPREFIX= courgette-redacted-
-DISTVERSION= 23.0.1271.64
-PORTREVISION= 1
+DISTVERSION= 23.0.1271.91
CATEGORIES= www
MASTER_SITES= http://download.goodking.org/downloads/ \
ftp://rene-ladan.nl/pub/distfiles/ \
diff --git a/www/chromium/distinfo b/www/chromium/distinfo
index 8901edcf329e..a602b5e65d82 100644
--- a/www/chromium/distinfo
+++ b/www/chromium/distinfo
@@ -1,2 +1,2 @@
-SHA256 (chromium-courgette-redacted-23.0.1271.64.tar.xz) = da86614142ea34d27b0e566fe2c7823cb07ef45a9161d77cfdf715d6c018ca39
-SIZE (chromium-courgette-redacted-23.0.1271.64.tar.xz) = 179486396
+SHA256 (chromium-courgette-redacted-23.0.1271.91.tar.xz) = f5b45eeab5b292a81b70ee8d0cf5db4c1b76b9a98db60f7602b12f373ffe62b1
+SIZE (chromium-courgette-redacted-23.0.1271.91.tar.xz) = 179453608