FreeBSD : chromium -- multiple vulnerabilities (e1100e63-92f7-11e7-bd95-e8e0b747a45a)
Medium Nessus Plugin ID 102988
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionGoogle Chrome releases reports :
22 security fixes in this release, including :
-  High CVE-2017-5111: Use after free in PDFium. Reported by Luat Nguyen on KeenLab, Tencent on 2017-06-27
-  High CVE-2017-5112: Heap buffer overflow in WebGL. Reported by Tobias Klein on 2017-07-10
-  High CVE-2017-5113: Heap buffer overflow in Skia. Reported by Anonymous on 2017-07-20
-  High CVE-2017-5114: Memory life cycle issue in PDFium.
Reported by Ke Liu of Tencent's Xuanwu LAB on 2017-08-07
-  High CVE-2017-5115: Type confusion in V8. Reported by Marco Giovannini on 2017-07-17
-  High CVE-2017-5116: Type confusion in V8. Reported by Anonymous on 2017-08-28
-  Medium CVE-2017-5117: Use of uninitialized value in Skia.
Reported by Tobias Klein on 2017-07-04
-  Medium CVE-2017-5118: Bypass of Content Security Policy in Blink. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-07-24
-  Medium CVE-2017-5119: Use of uninitialized value in Skia.
Reported by Anonymous on 2017-05-22
-  Low CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. Reported by Xiaoyin Liu on 2017-05-05
-  Various fixes from internal audits, fuzzing and other initiatives
SolutionUpdate the affected package.