FreeBSD : chromium -- multiple vulnerabilities (fd5f305d-2d3d-11e4-aa3d-00262d5ed8ee)
Critical Nessus Plugin ID 77401
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionGoogle Chrome Releases reports :
50 security fixes in this release, including :
-  Critical CVE-2014-3176, CVE-2014-3177: A special reward to [email protected] for a combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox.
-  High CVE-2014-3168: Use-after-free in SVG. Credit to cloudfuzzer.
-  High CVE-2014-3169: Use-after-free in DOM. Credit to Andrzej Dyjak.
-  High CVE-2014-3170: Extension permission dialog spoofing.
Credit to Rob Wu.
-  High CVE-2014-3171: Use-after-free in bindings. Credit to cloudfuzzer.
-  Medium CVE-2014-3172: Issue related to extension debugging.
Credit to Eli Grey.
-  Medium CVE-2014-3173: Uninitialized memory read in WebGL.
Credit to jmuizelaar.
-  Medium CVE-2014-3174: Uninitialized memory read in Web Audio. Credit to Atte Kettunen from OUSPG.
-  CVE-2014-3175: Various fixes from internal audits, fuzzing and other initiatives (Chrome 37).
SolutionUpdate the affected package.