https://bugzilla.novell.com/show_bug.cgi?id=844084
https://bugzilla.novell.com/show_bug.cgi?id=844084#c1
Marcus Meissner changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |meissner@suse.com,
| |security-team@suse.de
Summary|Chrome 30.0.1599.69 was |VUL-0: chromium: Chrome
|released ! |30.0.1599.69 was released !
--- Comment #1 from Marcus Meissner 2013-10-04 17:02:41 UTC ---
thanks for the entry... please submit. :)
[$2500][223962][270758][271161][284785][284786] Medium CVE-2013-2906: Races in
Web Audio. Credit to Atte Kettunen of OUSPG.
[260667] Medium CVE-2013-2907: Out of bounds read in Window.prototype object.
Credit to Boris Zbarsky.
[$500][265221] Medium CVE-2013-2908: Address bar spoofing related to the “204
No Content” status code. Credit to Chamal de Silva.
[$4000][265838][279277] High CVE-2013-2909: Use after free in inline-block
rendering. Credit to Atte Kettunen of OUSPG.
[$500][269753] Medium CVE-2013-2910: Use-after-free in Web Audio. Credit to
Byoungyoung Lee of Georgia Tech Information Security Center (GTISC).
[$1000][271939] High CVE-2013-2911: Use-after-free in XSLT. Credit to Atte
Kettunen of OUSPG.
[$1000][276368] High CVE-2013-2912: Use-after-free in PPAPI. Credit to Chamal
de Silva and 41.w4r10r(at)garage4hackers.com.
[$1000][278908] High CVE-2013-2913: Use-after-free in XML document parsing.
Credit to cloudfuzzer.
[$1000][279263] High CVE-2013-2914: Use after free in the Windows color chooser
dialog. Credit to Khalil Zhani.
[280512] Low CVE-2013-2915: Address bar spoofing via a malformed scheme. Credit
to Wander Groeneveld.
[$2000][281256] High CVE-2013-2916: Address bar spoofing related to the “204 No
Content” status code. Credit to Masato Kinugawa.
[$500][281480] Medium CVE-2013-2917: Out of bounds read in Web Audio. Credit to
Byoungyoung Lee and Tielei Wang of Georgia Tech Information Security Center
(GTISC).
[$1000][282088] High CVE-2013-2918: Use-after-free in DOM. Credit to
Byoungyoung Lee of Georgia Tech Information Security Center (GTISC).
[$1000][282736] High CVE-2013-2919: Memory corruption in V8. Credit to Adam
Haile of Concrete Data.
[285742] Medium CVE-2013-2920: Out of bounds read in URL parsing. Credit to
Atte Kettunen of OUSPG.
[$1000][286414] High CVE-2013-2921: Use-after-free in resource loader. Credit
to Byoungyoung Lee and Tielei Wang of Georgia Tech Information Security Center
(GTISC).
[$2000][286975] High CVE-2013-2922: Use-after-free in template element. Credit
to Jon Butler.
As usual, our ongoing internal security work responsible for a wide range of
fixes:
[299016] CVE-2013-2923: Various fixes from internal audits, fuzzing and other
initiatives (Chrome 30).
[275803] Medium CVE-2013-2924: Use-after-free in ICU. Upstream bug here.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.