FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
e5090d2a-dbbe-11df-82f8-0015f2db7bdeWebkit-gtk2 -- Multiple Vulnabilities

Gustavo Noronha Silva reports:

The patches to fix the following CVEs are included with help from Vincent Danen and other members of the Red Hat security team:


Discovery 2010-10-01
Entry 2010-10-19
webkit-gtk2
< 1.2.5

CVE-2010-1780
CVE-2010-1807
CVE-2010-1812
CVE-2010-1814
CVE-2010-1815
CVE-2010-3113
CVE-2010-3114
CVE-2010-3115
CVE-2010-3116
CVE-2010-3255
CVE-2010-3257
CVE-2010-3259
http://gitorious.org/webkitgtk/stable/blobs/master/WebKit/gtk/NEWS
06a12e26-142e-11e0-bea2-0015f2db7bdewebkit-gtk2 -- Multiple vulnerabilities

Gustavo Noronha Silva reports:

The patches to fix the following CVEs are included with help from Huzaifa Sidhpurwala from the Red Hat security team.


Discovery 2010-12-28
Entry 2010-12-30
webkit-gtk2
< 1.2.6

CVE-2010-1791
CVE-2010-3812
CVE-2010-3813
CVE-2010-4197
CVE-2010-4198
CVE-2010-4204
CVE-2010-4206
CVE-2010-4577
http://gitorious.org/webkitgtk/stable/blobs/master/WebKit/gtk/NEWS
e3aacd6d-3d01-434c-9330-bc9efd40350fwebkit-gtk -- Multiple vulnerabilities

The Webkitgtk project reports:

CVE-2019-6212 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.

CVE-2019-6215 - Processing maliciously crafted web content may lead to arbitrary code execution. A type confusion issue was addressed with improved memory handling.

CVE-2019-6216 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.

CVE-2019-6217 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.

CVE-2019-6226 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.

CVE-2019-6227 - Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.

CVE-2019-6229 - Processing maliciously crafted web content may lead to universal cross site scripting. A logic issue was addressed with improved validation.

CVE-2019-6233 - Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.

CVE-2019-6234 - Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.


Discovery 2019-02-08
Entry 2019-02-24
webkit2-gtk3
< 2.22.6

webkit-gtk2
webkit-gtk3
ge 0

https://webkitgtk.org/security/WSA-2019-0001.html
CVE-2019-6212
CVE-2019-6215
CVE-2019-6216
CVE-2019-6217
CVE-2019-6226
CVE-2019-6227
CVE-2019-6229
CVE-2019-6233
CVE-2019-6234
1091d2d1-cb2e-11e5-b14b-bcaec565249cwebkit -- UI spoof

webkit reports:

The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame.


Discovery 2015-12-28
Entry 2016-02-04
webkit-gtk2
webkit-gtk3
< 2.4.9_1

CVE-2014-1748
http://webkitgtk.org/security/WSA-2015-0002.html
19419b3b-92bd-11df-b140-0015f2db7bdewebkit-gtk2 -- Multiple vulnerabilities

Gustavo Noronha reports:

Debian's Michael Gilbert has done a great job going through all CVEs released about WebKit, and including patches in the Debian package. 1.2.3 includes all of the commits from trunk to fix those, too.


Discovery 2010-07-16
Entry 2010-07-18
webkit-gtk2
< 1.2.3

CVE-2010-1386
CVE-2010-1392
CVE-2010-1405
CVE-2010-1407
CVE-2010-1416
CVE-2010-1417
CVE-2010-1418
CVE-2010-1421
CVE-2010-1422
CVE-2010-1501
CVE-2010-1664
CVE-2010-1665
CVE-2010-1758
CVE-2010-1759
CVE-2010-1760
CVE-2010-1761
CVE-2010-1762
CVE-2010-1767
CVE-2010-1770
CVE-2010-1771
CVE-2010-1772
CVE-2010-1773
CVE-2010-1774
CVE-2010-2264
http://blog.kov.eti.br/?p=116
e9ccdb28-9802-11e4-9d9c-bcaec565249cWebKit-gtk -- Multiple vulnerabilities

Webkit release team reports:

This release fixes the following security issues: CVE-2014-1344, CVE-2014-1384, CVE-2014-1385, CVE-2014-1386, CVE-2014-1387, CVE-2014-1388, CVE-2014-1389, CVE-2014-1390.


Discovery 2015-01-07
Entry 2015-01-09
webkit-gtk2
< 1.4.8

webkit-gtk3
< 1.4.8

http://webkitgtk.org/2015/01/07/webkitgtk2.4.8-released.html
CVE-2014-1344
CVE-2014-1384
CVE-2014-1385
CVE-2014-1386
CVE-2014-1387
CVE-2014-1388
CVE-2014-1389
CVE-2014-1390
35ecdcbe-3501-11e0-afcd-0015f2db7bdewebkit-gtk2 -- Multiple vurnabilities.

Gustavo Noronha Silva reports:

This release has essentially security fixes. Refer to the WebKit/gtk/NEWS file inside the tarball for details. We would like to thank the Red Hat security team (Huzaifa Sidhpurwala in particular) and Michael Gilbert from Debian for their help in checking (and pushing!) security issues affecting the WebKitGTK+ stable branch for this release.


Discovery 2011-02-08
Entry 2011-02-10
webkit-gtk2
< 1.2.7

CVE-2010-4492
CVE-2010-2901
CVE-2010-4040
CVE-2010-4042
CVE-2010-4199
CVE-2010-4493
CVE-2010-4578
CVE-2011-0482
CVE-2011-0778
https://bugs.webkit.org/show_bug.cgi?id=48328
https://bugs.webkit.org/show_bug.cgi?id=50710
https://bugs.webkit.org/show_bug.cgi?id=50840
https://bugs.webkit.org/show_bug.cgi?id=50932
https://bugs.webkit.org/show_bug.cgi?id=51993
https://bugs.webkit.org/show_bug.cgi?id=53265
https://bugs.webkit.org/show_bug.cgi?id=53276
http://permalink.gmane.org/gmane.os.opendarwin.webkit.gtk/405
9bcfd7b6-bcda-11df-9a6a-0015f2db7bdewebkit-gtk2 -- Multiple vulnerabilities

Gustavo Noronha Silva reports:

With help from Vincent Danen and other members of the Red Hat security team, the following CVE's where fixed.


Discovery 2010-09-07
Entry 2010-09-10
webkit-gtk2
< 1.2.4

CVE-2010-1781
CVE-2010-1782
CVE-2010-1784
CVE-2010-1785
CVE-2010-1786
CVE-2010-1787
CVE-2010-1788
CVE-2010-1790
CVE-2010-1792
CVE-2010-1793
CVE-2010-2647
CVE-2010-2648
CVE-2010-3119
http://gitorious.org/webkitgtk/stable/commit/9d07fda89aab7105962d933eef32ca15dda610d8