www/chromium -- multiple vulnerabilities

2015-06-2200:00:00

vuxml.freebsd.org

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.7%

JSON

Google Chrome Releases reports:

4 security fixes in this release:

[464922] High CVE-2015-1266: Scheme validation error in WebUI.
Credit to anonymous.
[494640] High CVE-2015-1268: Cross-origin bypass in Blink.
Credit to Mariusz Mlynski.
[497507] Medium CVE-2015-1267: Cross-origin bypass in Blink.
Credit to anonymous.
[461481] Medium CVE-2015-1269: Normalization error in HSTS/HPKP
preload list. Credit to Mike Ruddy.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchchromium< 43.0.2357.130UNKNOWN
FreeBSDanynoarchchromium-npapi< 43.0.2357.130UNKNOWN
FreeBSDanynoarchchromium-pulse< 43.0.2357.130UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	chromium	< 43.0.2357.130	UNKNOWN
FreeBSD	any	noarch	chromium-npapi	< 43.0.2357.130	UNKNOWN
FreeBSD	any	noarch	chromium-pulse	< 43.0.2357.130	UNKNOWN