chromium -- multiple vulnerabilities

2013-06-04T00:00:00
ID 4865D189-CD62-11E2-AE11-00262D5ED8EE
Type freebsd
Reporter FreeBSD
Modified 2013-06-04T00:00:00

Description

Google Chrome Releases reports:

[242322] Medium CVE-2013-2855: Memory corruption in dev tools API. Credit to "daniel.zulla". [242224] High CVE-2013-2856: Use-after-free in input handling. Credit to miaubiz. [240124] High CVE-2013-2857: Use-after-free in image handling. Credit to miaubiz. [239897] High CVE-2013-2858: Use-after-free in HTML5 Audio. Credit to "cdel921". [237022] High CVE-2013-2859: Cross-origin namespace pollution. to "bobbyholley". [225546] High CVE-2013-2860: Use-after-free with workers accessing database APIs. Credit to Collin Payne. [209604] High CVE-2013-2861: Use-after-free with SVG. Credit to miaubiz. [161077] High CVE-2013-2862: Memory corruption in Skia GPU handling. Credit to Atte Kettunen of OUSPG. [232633] Critical CVE-2013-2863: Memory corruption in SSL socket handling. Credit to Sebastian Marchand of the Chromium development community. [239134] High CVE-2013-2864: Bad free in PDF viewer. Credit to Mateusz Jurczyk, with contributions by Gynvael Coldwind, both from Google Security Team. [246389] High CVE-2013-2865: Various fixes from internal audits, fuzzing and other initiatives.