security/vuxml: sync with upstream

Taken from: FreeBSD
2016-05-28 13:42:31 +02:00 · 2016-05-28 13:42:31 +02:00 · c2f2935480
commit c2f2935480
parent f9ca842347
1 changed files with 262 additions and 0 deletions
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@ -58,6 +58,268 @@ Notes:
  * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="1a6bbb95-24b8-11e6-bd31-3065ec8fd3ec">
+    <topic>chromium -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>chromium</name>
+	<name>chromium-npapi</name>
+	<name>chromium-pulse</name>
+	<range><lt>51.0.2704.63</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Google Chrome Releases reports:</p>
+	<blockquote cite="http://googlechromereleases.blogspot.nl/2016/05/stable-channel-update_25.html">
+	  <p>42 security fixes in this release, including:</p>
+	  <ul>
+	    <li>[590118] High CVE-2016-1672: Cross-origin bypass in extension
+	      bindings. Credit to Mariusz Mlynski.</li>
+	    <li>[597532] High CVE-2016-1673: Cross-origin bypass in Blink.
+	      Credit to Mariusz Mlynski.</li>
+	    <li>[598165] High CVE-2016-1674: Cross-origin bypass in extensions.i
+	      Credit to Mariusz Mlynski.</li>
+	    <li>[600182] High CVE-2016-1675: Cross-origin bypass in Blink.
+	      Credit to Mariusz Mlynski.</li>
+	    <li>[604901] High CVE-2016-1676: Cross-origin bypass in extension
+	      bindings. Credit to Rob Wu.</li>
+	    <li>[602970] Medium CVE-2016-1677: Type confusion in V8. Credit to
+	      Guang Gong of Qihoo 360.</li>
+	    <li>[595259] High CVE-2016-1678: Heap overflow in V8. Credit to
+	      Christian Holler.</li>
+	    <li>[606390] High CVE-2016-1679: Heap use-after-free in V8
+	      bindings. Credit to Rob Wu.</li>
+	    <li>[589848] High CVE-2016-1680: Heap use-after-free in Skia.
+	      Credit to Atte Kettunen of OUSPG.</li>
+	    <li>[613160] High CVE-2016-1681: Heap overflow in PDFium. Credit to
+	      Aleksandar Nikolic of Cisco Talos.</li>
+	    <li>[579801] Medium CVE-2016-1682: CSP bypass for ServiceWorker.
+	      Credit to KingstonTime.</li>
+	    <li>[583156] Medium CVE-2016-1683: Out-of-bounds access in libxslt.
+	      Credit to Nicolas Gregoire.</li>
+	    <li>[583171] Medium CVE-2016-1684: Integer overflow in libxslt.
+	      Credit to Nicolas Gregoire.</li>
+	    <li>[601362] Medium CVE-2016-1685: Out-of-bounds read in PDFium.
+	      Credit to Ke Liu of Tencent's Xuanwu LAB.</li>
+	    <li>[603518] Medium CVE-2016-1686: Out-of-bounds read in PDFium.
+	      Credit to Ke Liu of Tencent's Xuanwu LAB.</li>
+	    <li>[603748] Medium CVE-2016-1687: Information leak in extensions.
+	      Credit to Rob Wu.</li>
+	    <li>[604897] Medium CVE-2016-1688: Out-of-bounds read in V8.
+	      Credit to Max Korenko.</li>
+	    <li>[606185] Medium CVE-2016-1689: Heap buffer overflow in media.
+	      Credit to Atte Kettunen of OUSPG.</li>
+	    <li>[608100] Medium CVE-2016-1690: Heap use-after-free in Autofill.
+	      Credit to Rob Wu.</li>
+	    <li>[597926] Low CVE-2016-1691: Heap buffer-overflow in Skia.
+	      Credit to Atte Kettunen of OUSPG.</li>
+	    <li>[598077] Low CVE-2016-1692: Limited cross-origin bypass in
+	      ServiceWorker. Credit to Til Jasper Ullrich.</li>
+	    <li>[598752] Low CVE-2016-1693: HTTP Download of Software Removal
+	      Tool. Credit to Khalil Zhani.</li>
+	    <li>[603682] Low CVE-2016-1694: HPKP pins removed on cache
+	      clearance. Credit to Ryan Lester and Bryant Zadegan.</li>
+	    <li>[614767] CVE-2016-1695: Various fixes from internal audits,
+	      fuzzing and other initiatives.</li>
+	  </ul>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2016-1672</cvename>
+      <cvename>CVE-2016-1673</cvename>
+      <cvename>CVE-2016-1674</cvename>
+      <cvename>CVE-2016-1675</cvename>
+      <cvename>CVE-2016-1672</cvename>
+      <cvename>CVE-2016-1677</cvename>
+      <cvename>CVE-2016-1678</cvename>
+      <cvename>CVE-2016-1679</cvename>
+      <cvename>CVE-2016-1680</cvename>
+      <cvename>CVE-2016-1681</cvename>
+      <cvename>CVE-2016-1682</cvename>
+      <cvename>CVE-2016-1683</cvename>
+      <cvename>CVE-2016-1684</cvename>
+      <cvename>CVE-2016-1685</cvename>
+      <cvename>CVE-2016-1686</cvename>
+      <cvename>CVE-2016-1687</cvename>
+      <cvename>CVE-2016-1688</cvename>
+      <cvename>CVE-2016-1689</cvename>
+      <cvename>CVE-2016-1690</cvename>
+      <cvename>CVE-2016-1691</cvename>
+      <cvename>CVE-2016-1692</cvename>
+      <cvename>CVE-2016-1693</cvename>
+      <cvename>CVE-2016-1694</cvename>
+      <cvename>CVE-2016-1695</cvename>
+      <url>http://googlechromereleases.blogspot.nl/2016/05/stable-channel-update_25.html</url>
+    </references>
+    <dates>
+      <discovery>2016-05-25</discovery>
+      <entry>2016-05-28</entry>
+    </dates>
+  </vuln>
+
+  <vuln vid="4dfafa16-24ba-11e6-bd31-3065ec8fd3ec">
+    <topic>chromium -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>chromium</name>
+	<name>chromium-npapi</name>
+	<name>chromium-pulse</name>
+	<range><lt>50.0.2661.102</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Google Chrome Releases reports:</p>
+	<blockquote cite="http://googlechromereleases.blogspot.nl/2016/05/stable-channel-update.html">
+	  <p>5 security fixes in this release, including:</p>
+	  <ul>
+	    <li>[605766] High CVE-2016-1667: Same origin bypass in DOM. Credit
+	      to Mariusz Mlynski.</li>
+	    <li>[605910] High CVE-2016-1668: Same origin bypass in Blink V8
+	      bindings. Credit to Mariusz Mlynski.</li>
+	    <li>[606115] High CVE-2016-1669: Buffer overflow in V8. Credit to
+	      Choongwoo Han.</li>
+	    <li>[578882] Medium CVE-2016-1670: Race condition in loader. Credit
+	      to anonymous.</li>
+	    <li>[586657] Medium CVE-2016-1671: Directory traversal using the
+	      file scheme on Android. Credit to Jann Horn.</li>
+	  </ul>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2016-1667</cvename>
+      <cvename>CVE-2016-1668</cvename>
+      <cvename>CVE-2016-1669</cvename>
+      <cvename>CVE-2016-1670</cvename>
+      <cvename>CVE-2016-1671</cvename>
+      <url>http://googlechromereleases.blogspot.nl/2016/05/stable-channel-update.html</url>
+    </references>
+    <dates>
+      <discovery>2016-05-11</discovery>
+      <entry>2016-05-28</entry>
+    </dates>
+  </vuln>
+
+  <vuln vid="7da1da96-24bb-11e6-bd31-3065ec8fd3ec">
+    <topic>chromium -- multiple vulnerablities</topic>
+    <affects>
+      <package>
+	<name>chromium</name>
+	<name>chromium-npapi</name>
+	<name>chromium-pulse</name>
+	<range><lt>50.0.2661.94</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Google Chrome Releases reports:</p>
+	<blockquote cite="http://googlechromereleases.blogspot.nl/2016/04/stable-channel-update_28.html">
+	  <p>9 security fixes in this release, including:</p>
+	  <ul>
+	    <li>[574802] High CVE-2016-1660: Out-of-bounds write in Blink.
+	     Credit to Atte Kettunen of OUSPG.</li>
+	    <li>[601629] High CVE-2016-1661: Memory corruption in cross-process
+	     frames. Credit to Wadih Matar.</li>
+	    <li>[603732] High CVE-2016-1662: Use-after-free in extensions.
+	     Credit to Rob Wu.</li>
+	    <li>[603987] High CVE-2016-1663: Use-after-free in Blink's V8
+	     bindings. Credit to anonymous.</li>
+	    <li>[597322] Medium CVE-2016-1664: Address bar spoofing. Credit to
+	     Wadih Matar.</li>
+	    <li>[606181] Medium CVE-2016-1665: Information leak in V8. Credit
+	     to HyungSeok Han.</li>
+	    <li>[607652] CVE-2016-1666: Various fixes from internal audits,
+	     fuzzing and other initiatives.</li>
+	  </ul>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2016-1660</cvename>
+      <cvename>CVE-2016-1661</cvename>
+      <cvename>CVE-2016-1662</cvename>
+      <cvename>CVE-2016-1663</cvename>
+      <cvename>CVE-2016-1664</cvename>
+      <cvename>CVE-2016-1665</cvename>
+      <cvename>CVE-2016-1666</cvename>
+      <url>http://googlechromereleases.blogspot.nl/2016/04/stable-channel-update_28.html</url>
+    </references>
+    <dates>
+      <discovery>2016-04-28</discovery>
+      <entry>2016-05-28</entry>
+    </dates>
+  </vuln>
+
+  <vuln vid="6b110175-246d-11e6-8dd3-002590263bf5">
+    <topic>php -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>php70-gd</name>
+	<name>php70-intl</name>
+	<range><lt>7.0.7</lt></range>
+      </package>
+      <package>
+	<name>php56</name>
+	<name>php56-gd</name>
+	<range><lt>5.6.22</lt></range>
+      </package>
+      <package>
+	<name>php55</name>
+	<name>php55-gd</name>
+	<name>php55-phar</name>
+	<range><lt>5.5.36</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>The PHP Group reports:</p>
+	<blockquote cite="http://php.net/ChangeLog-5.php#5.5.36">
+	  <ul><li>Core:
+	  <ul>
+	    <li>Fixed bug #72114 (Integer underflow / arbitrary null write in
+	      fread/gzread). (CVE-2016-5096) (PHP 5.5/5.6 only)</li>
+	    <li>Fixed bug #72135 (Integer Overflow in php_html_entities).
+	      (CVE-2016-5094) (PHP 5.5/5.6 only)</li>
+	  </ul></li>
+	  <li>GD:
+	  <ul>
+	    <li>Fixed bug #72227 (imagescale out-of-bounds read).
+	      (CVE-2013-7456)</li>
+	  </ul></li>
+	  <li>Intl:
+	  <ul>
+	    <li>Fixed bug #72241 (get_icu_value_internal out-of-bounds read).
+	      (CVE-2016-5093)</li>
+	  </ul></li>
+	  <li>Phar:
+	  <ul>
+	    <li>Fixed bug #71331 (Uninitialized pointer in
+	      phar_make_dirstream()). (CVE-2016-4343) (PHP 5.5 only)</li>
+	  </ul></li>
+	  </ul>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2016-5096</cvename>
+      <cvename>CVE-2016-5094</cvename>
+      <cvename>CVE-2013-7456</cvename>
+      <cvename>CVE-2016-5093</cvename>
+      <cvename>CVE-2016-4343</cvename>
+      <freebsdpr>ports/209779</freebsdpr>
+      <url>http://php.net/ChangeLog-7.php#7.0.7</url>
+      <url>http://php.net/ChangeLog-5.php#5.6.22</url>
+      <url>http://php.net/ChangeLog-5.php#5.5.36</url>
+    </references>
+    <dates>
+      <discovery>2016-05-26</discovery>
+      <entry>2016-05-28</entry>
+    </dates>
+  </vuln>
+
  <vuln vid="00ec1be1-22bb-11e6-9ead-6805ca0b3d42">
    <topic>phpmyadmin -- XSS and sensitive data leakage</topic>
    <affects>