Bug 203857 - www/chromium: update to 46.0.2490.71
Summary: www/chromium: update to 46.0.2490.71
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: freebsd-chromium (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-10-18 16:39 UTC by mitsosgtir
Modified: 2015-10-18 16:46 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (chromium)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description mitsosgtir 2015-10-18 16:39:14 UTC 
Chromium needs to be updated to address multiple security vulnerabilities:
CVE-2015-6755: Cross-origin bypass in Blink.
CVE-2015-6756: Use-after-free in PDFium.
CVE-2015-6757: Use-after-free in ServiceWorker.
CVE-2015-6758: Bad-cast in PDFium.
CVE-2015-6759: Information leakage in LocalStorage.
CVE-2015-6760: Improper error handling in libANGLE.
CVE-2015-6761: Memory corruption in FFMpeg.
CVE-2015-6762: CORS bypass via CSS fonts.
CVE-2015-6763: Various fixes from internal audits, fuzzing and other initiatives.

For more information: http://googlechromereleases.blogspot.nl/2015/10/stable-channel-update.html
Comment 1 Rene Ladan freebsd_committer freebsd_triage 2015-10-18 16:46:12 UTC 
Thanks for the report, however Chromium is already updated in r399613 and r399621. The latter commit was indeed after you sent in this PR.