svn commit: r542278 - head/security/vuxml

Wed Jul 15 18:13:57 UTC 2020

Author: rene
Date: Wed Jul 15 18:13:55 2020
New Revision: 542278
URL: https://svnweb.freebsd.org/changeset/ports/542278

Log:
  Document new vulnerabilities in www/chromium < 84.0.4147.89
  
  Obtained from:	https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================

--- head/security/vuxml/vuln.xml	Wed Jul 15 18:09:40 2020	(r542277)
+++ head/security/vuxml/vuln.xml	Wed Jul 15 18:13:55 2020	(r542278)
@@ -58,6 +58,127 @@ Notes:
   * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="870d59b0-c6c4-11ea-8015-e09467587c17">
+    <topic>chromium -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>chromium</name>
+	<range><lt>84.0.4147.89</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Chrome Releases reports:</p>
+	<blockquote cite="https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html">
+	  <p>This update contains 38 security fixes, including:</p>
+	  <ul>
+	    <li>[1103195] Critical CVE-2020-6510: Heap buffer overflow in
+	      background fetch. Reported by Leecraso and Guang Gong of 360
+	      Alpha Lab working with 360 BugCloud on 2020-07-08</li>
+	    <li>[1074317] High CVE-2020-6511: Side-channel information leakage
+	      in content security policy. Reported by Mikhail Oblozhikhin on
+	      2020-04-24</li>
+	    <li>[1084820] High CVE-2020-6512: Type Confusion in V8. Reported by
+	      nocma, leogan, cheneyxu of WeChat Open Platform Security Team on
+	      2020-05-20</li>
+	    <li>[1091404] High CVE-2020-6513: Heap buffer overflow in PDFium.
+	      Reported by Aleksandar Nikolic of Cisco Talos on 2020-06-04</li>
+	    <li>[1076703] High CVE-2020-6514: Inappropriate implementation in
+	      WebRTC. Reported by Natalie Silvanovich of Google Project Zero on
+	      2020-04-30</li>
+	    <li>[1082755] High CVE-2020-6515: Use after free in tab strip.
+	      Reported by DDV_UA on 2020-05-14</li>
+	    <li>[1092449] High CVE-2020-6516: Policy bypass in CORS. Reported by
+	      Yongke Wang(@Rudykewang) and Aryb1n(@aryb1n) of Tencent Security
+	      Xuanwu Lab on 2020-06-08</li>
+	    <li>[1095560] High CVE-2020-6517: Heap buffer overflow in history.
+	      Reported by ZeKai Wu (@hellowuzekai) of Tencent Security Xuanwu
+	      Lab on 2020-06-16</li>
+	    <li>[986051] Medium CVE-2020-6518: Use after free in developer
+	      tools. Reported by David Erceg on 2019-07-20</li>
+	    <li>[1064676] Medium CVE-2020-6519: Policy bypass in CSP. Reported
+	      by Gal Weizman (@WeizmanGal) of PerimeterX on 2020-03-25</li>
+	    <li>[1092274] Medium CVE-2020-6520: Heap buffer overflow in Skia.
+	     Reported by Zhen Zhou of NSFOCUS Security Team on 2020-06-08</li>
+	    <li>[1075734] Medium CVE-2020-6521: Side-channel information leakage
+	      in autofill. Reported by Xu Lin (University of Illinois at
+	      Chicago), Panagiotis Ilia (University of Illinois at Chicago),
+	      Jason Polakis (University of Illinois at Chicago) on
+	      2020-04-27</li>
+	    <li>[1052093] Medium CVE-2020-6522: Inappropriate implementation in
+	      external protocol handlers. Reported by Eric Lawrence of Microsoft
+	      on 2020-02-13</li>
+	    <li>[1080481] Medium CVE-2020-6523: Out of bounds write in Skia.
+	      Reported by Liu Wei and Wu Zekai of Tencent Security Xuanwu Lab on
+	      2020-05-08</li>
+	    <li>[1081722] Medium CVE-2020-6524: Heap buffer overflow in
+	      WebAudio. Reported by Sung Ta (@Mipu94) of SEFCOM Lab, Arizona
+	      State University on 2020-05-12</li>
+	    <li>[1091670] Medium CVE-2020-6525: Heap buffer overflow in Skia.
+	      Reported by Zhen Zhou of NSFOCUS Security Team on 2020-06-05</li>
+	    <li>[1074340] Low CVE-2020-6526: Inappropriate implementation in
+	      iframe sandbox. Reported by Jonathan Kingston on 2020-04-24</li>
+	    <li>[992698] Low CVE-2020-6527: Insufficient policy enforcement in
+	      CSP. Reported by Zhong Zhaochen of andsecurity.cn on
+	      2019-08-10</li>
+	    <li>[1063690] Low CVE-2020-6528: Incorrect security UI in basic
+	      auth. Reported by Rayyan Bijoora on 2020-03-22</li>
+	    <li>[978779] Low CVE-2020-6529: Inappropriate implementation in
+	      WebRTC. Reported by kaustubhvats7 on 2019-06-26</li>
+	    <li>[1016278] Low CVE-2020-6530: Out of bounds memory access in
+	      developer tools. Reported by myvyang on 2019-10-21</li>
+	    <li>[1042986] Low CVE-2020-6531: Side-channel information leakage in
+	      scroll to text. Reported by Jun Kokatsu, Microsoft Browser
+	      Vulnerability Research on 2020-01-17</li>
+	    <li>[1069964] Low CVE-2020-6533: Type Confusion in V8. Reported by
+	      Avihay Cohen @ SeraphicAlgorithms on 2020-04-11</li>
+	    <li>[1072412] Low CVE-2020-6534: Heap buffer overflow in WebRTC.
+	      Reported by Anonymous on 2020-04-20</li>
+	    <li>[1073409] Low CVE-2020-6535: Insufficient data validation in
+	      WebUI. Reported by Jun Kokatsu, Microsoft Browser Vulnerability
+	      Research on 2020-04-22</li>
+	    <li>[1080934] Low CVE-2020-6536: Incorrect security UI in PWAs.
+	      Reported by Zhiyang Zeng of Tencent security platform department
+	      on 2020-05-09</li>
+	  </ul>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2020-6510</cvename>
+      <cvename>CVE-2020-6511</cvename>
+      <cvename>CVE-2020-6512</cvename>
+      <cvename>CVE-2020-6513</cvename>
+      <cvename>CVE-2020-6514</cvename>
+      <cvename>CVE-2020-6515</cvename>
+      <cvename>CVE-2020-6516</cvename>
+      <cvename>CVE-2020-6517</cvename>
+      <cvename>CVE-2020-6518</cvename>
+      <cvename>CVE-2020-6519</cvename>
+      <cvename>CVE-2020-6520</cvename>
+      <cvename>CVE-2020-6521</cvename>
+      <cvename>CVE-2020-6522</cvename>
+      <cvename>CVE-2020-6523</cvename>
+      <cvename>CVE-2020-6524</cvename>
+      <cvename>CVE-2020-6525</cvename>
+      <cvename>CVE-2020-6526</cvename>
+      <cvename>CVE-2020-6527</cvename>
+      <cvename>CVE-2020-6528</cvename>
+      <cvename>CVE-2020-6529</cvename>
+      <cvename>CVE-2020-6530</cvename>
+      <cvename>CVE-2020-6531</cvename>
+      <cvename>CVE-2020-6533</cvename>
+      <cvename>CVE-2020-6534</cvename>
+      <cvename>CVE-2020-6535</cvename>
+      <cvename>CVE-2020-6536</cvename>
+      <url>https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html</url>
+    </references>
+    <dates>
+      <discovery>2020-07-14</discovery>
+      <entry>2020-07-15</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="1ddab5cb-14c9-4632-959f-802c412a9593">
     <topic>jenkins -- multiple vulnerabilities</topic>
     <affects>
