chromium -- multiple vulnerabilities

ID FF922811-C096-11E1-B0F4-00262D5ED8EE
Type freebsd
Reporter FreeBSD
Modified 2012-06-26T00:00:00


Google Chrome Releases reports:

[118633] Low CVE-2012-2815: Leak of iframe fragment id. Credit to Elie Bursztein of Google. [120222] High CVE-2012-2817: Use-after-free in table section handling. Credit to miaubiz. [120944] High CVE-2012-2818: Use-after-free in counter layout. Credit to miaubiz. [120977] High CVE-2012-2819: Crash in texture handling. Credit to Ken "gets" Russell of the Chromium development community. [121926] Medium CVE-2012-2820: Out-of-bounds read in SVG filter handling. Credit to Atte Kettunen of OUSPG. [122925] Medium CVE-2012-2821: Autofill display problem. Credit to "simonbrown60". [various] Medium CVE-2012-2822: Misc. lower severity OOB read issues in PDF. Credit to awesome ASAN and various Googlers (Kostya Serebryany, Evgeniy Stepanov, Mateusz Jurczyk, Gynvael Coldwind). [124356] High CVE-2012-2823: Use-after-free in SVG resource handling. Credit to miaubiz. [125374] High CVE-2012-2824: Use-after-free in SVG painting. Credit to miaubiz. [128688] Medium CVE-2012-2826: Out-of-bounds read in texture conversion. Credit to Google Chrome Security Team (Inferno). [Mac only] [129826] Low CVE-2012-2827: Use-after-free in Mac UI. Credit to the Chromium development community (Dharani Govindan). [129857] High CVE-2012-2828: Integer overflows in PDF. Credit to Mateusz Jurczyk of Google Security Team and Google Chrome Security Team (Chris Evans). [129947] High CVE-2012-2829: Use-after-free in first-letter handling. Credit to miaubiz. [129951] High CVE-2012-2830: Wild pointer in array value setting. Credit to miaubiz. [130356] High CVE-2012-2831: Use-after-free in SVG reference handling. Credit to miaubiz. [131553] High CVE-2012-2832: Uninitialized pointer in PDF image codec. Credit to Mateusz Jurczyk of Google Security Team. [132156] High CVE-2012-2833: Buffer overflow in PDF JS API. Credit to Mateusz Jurczyk of Google Security Team. [132779] High CVE-2012-2834: Integer overflow in Matroska container. Credit to Juri Aedla.