FreeBSD : chromium -- multiple vulnerabilities (963413a5-bf50-11e3-a2d6-00262d5ed8ee)
High Nessus Plugin ID 73431
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionGoogle Chrome Releases reports :
31 vulnerabilities fixed in this release, including :
-  High CVE-2014-1716: UXSS in V8. Credit to Anonymous.
-  High CVE-2014-1717: OOB access in V8. Credit to Anonymous.
-  High CVE-2014-1718: Integer overflow in compositor. Credit to Aaron Staple.
-  High CVE-2014-1719: Use-after-free in web workers. Credit to Collin Payne.
-  High CVE-2014-1720: Use-after-free in DOM. Credit to cloudfuzzer.
-  High CVE-2014-1721: Memory corruption in V8. Credit to Christian Holler.
-  High CVE-2014-1722: Use-after-free in rendering. Credit to miaubiz.
-  High CVE-2014-1723: Url confusion with RTL characters.
Credit to George McBay.
-  High CVE-2014-1724: Use-after-free in speech. Credit to Atte Kettunen of OUSPG.
-  Medium CVE-2014-1725: OOB read with window property. Credit to Anonymous
-  Medium CVE-2014-1726: Local cross-origin bypass. Credit to Jann Horn.
-  Medium CVE-2014-1727: Use-after-free in forms. Credit to Khalil Zhani.
-  CVE-2014-1728: Various fixes from internal audits, fuzzing and other initiatives.
- [345820, 347262, 348319, 350863, 352982, 355586, 358059] CVE-2014-1729: Multiple vulnerabilities in V8 fixed in version 22.214.171.124.
SolutionUpdate the affected package.