FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

chromium -- multiple vulnerabilities

Affected packages
chromium < 20.0.1132.43

Details

VuXML ID ff922811-c096-11e1-b0f4-00262d5ed8ee
Discovery 2012-06-26
Entry 2012-06-27

Google Chrome Releases reports:

[118633] Low CVE-2012-2815: Leak of iframe fragment id. Credit to Elie Bursztein of Google.

[120222] High CVE-2012-2817: Use-after-free in table section handling. Credit to miaubiz.

[120944] High CVE-2012-2818: Use-after-free in counter layout. Credit to miaubiz.

[120977] High CVE-2012-2819: Crash in texture handling. Credit to Ken "gets" Russell of the Chromium development community.

[121926] Medium CVE-2012-2820: Out-of-bounds read in SVG filter handling. Credit to Atte Kettunen of OUSPG.

[122925] Medium CVE-2012-2821: Autofill display problem. Credit to "simonbrown60".

[various] Medium CVE-2012-2822: Misc. lower severity OOB read issues in PDF. Credit to awesome ASAN and various Googlers (Kostya Serebryany, Evgeniy Stepanov, Mateusz Jurczyk, Gynvael Coldwind).

[124356] High CVE-2012-2823: Use-after-free in SVG resource handling. Credit to miaubiz.

[125374] High CVE-2012-2824: Use-after-free in SVG painting. Credit to miaubiz.

[128688] Medium CVE-2012-2826: Out-of-bounds read in texture conversion. Credit to Google Chrome Security Team (Inferno).

[Mac only] [129826] Low CVE-2012-2827: Use-after-free in Mac UI. Credit to the Chromium development community (Dharani Govindan).

[129857] High CVE-2012-2828: Integer overflows in PDF. Credit to Mateusz Jurczyk of Google Security Team and Google Chrome Security Team (Chris Evans).

[129947] High CVE-2012-2829: Use-after-free in first-letter handling. Credit to miaubiz.

[129951] High CVE-2012-2830: Wild pointer in array value setting. Credit to miaubiz.

[130356] High CVE-2012-2831: Use-after-free in SVG reference handling. Credit to miaubiz.

[131553] High CVE-2012-2832: Uninitialized pointer in PDF image codec. Credit to Mateusz Jurczyk of Google Security Team.

[132156] High CVE-2012-2833: Buffer overflow in PDF JS API. Credit to Mateusz Jurczyk of Google Security Team.

[132779] High CVE-2012-2834: Integer overflow in Matroska container. Credit to Juri Aedla.

References

CVE Name CVE-2012-2815
CVE Name CVE-2012-2817
CVE Name CVE-2012-2818
CVE Name CVE-2012-2819
CVE Name CVE-2012-2820
CVE Name CVE-2012-2821
CVE Name CVE-2012-2822
CVE Name CVE-2012-2823
CVE Name CVE-2012-2824
CVE Name CVE-2012-2826
CVE Name CVE-2012-2827
CVE Name CVE-2012-2828
CVE Name CVE-2012-2829
CVE Name CVE-2012-2830
CVE Name CVE-2012-2831
CVE Name CVE-2012-2832
CVE Name CVE-2012-2833
CVE Name CVE-2012-2834
URL http://googlechromereleases.blogspot.com/search/label/Stable%20updates