chromium -- multiple vulnerabilities

2012-03-28T00:00:00
ID B8F0A391-7910-11E1-8A43-00262D5ED8EE
Type freebsd
Reporter FreeBSD
Modified 2012-03-28T00:00:00

Description

Google Chrome Releases reports:

[109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in EUC-JP. Credit to Masato Kinugawa. [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling. Credit to Arthur Gerkis. [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment handling. Credit to miaubiz. [116398] Medium CVE-2011-3061: SPDY proxy certificate checking error. Credit to Leonidas Kontothanassis of Google. [116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to Mateusz Jurczyk of the Google Security Team. [117417] Low CVE-2011-3063: Validate navigation requests from the renderer more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie and scarybeasts (Google Chrome Security Team). [117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to Atte Kettunen of OUSPG. [117588] High CVE-2011-3065: Memory corruption in Skia. Credit to Omair. [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian Holler.