Anzeigen der neuesten Beiträge
0 Mitglieder und 1 Gast betrachten dieses Thema.
The Google Chrome team is happy to announce the arrival of Chrome 15.0.874.102 to the Stable Channel for Windows, Mac, Linux, and Chrome Frame. Chrome 15 contains some really great improvements including a new New Tab page.Security fixes and rewards:Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix. [$500] [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi Chancel. [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to Jordi Chancel. [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of download filenames. Credit to Marc Novak. [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to Google Chrome Security Team (Tom Sepez) plus independent discovery by Juho Nurminen. [94487] Medium CVE-2011-3878: Race condition in worker process initialization. Credit to miaubiz. [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to Masato Kinugawa. [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit to Vladimir Vorontsov, ONsec company. [$12174] [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin policy violations. Credit to Sergey Glazunov. [96292] High CVE-2011-3882: Use-after-free in media buffer handling. Credit to Google Chrome Security Team (Inferno). [$1000] [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to miaubiz. [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian Ryner of the Chromium development community. [$6337] [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale style bugs leading to use-after-free. Credit to miaubiz. [$2000] [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler. [$1500] [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to Sergey Glazunov. [$1000] [99138] High CVE-2011-3888: Use-after-free with plug-in and editing. Credit to miaubiz. [$2000] [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz. [99553] High CVE-2011-3890: Use-after-free in video source handling. Credit to Ami Fischman of the Chromium development community. [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to Steven Keuchel of the Chromium development community plus independent discovery by Daniel Divricean.The bugs [94487], [96292], [96902], [97599], [98064], [98556], [99294], [100059], [99138] and [99211] were detected using AddressSanitizer.Although Chrome is not directly affected by the attack, the NSS network library was updated to include a defense against so-called BEAST. This defense may expose bugs in Brocade hardware. Brocade is working on the issue. The lighttpd project fixed a compatibility issue at version 1.4.27 and newer.In addition, we would like to thank Sławomir Błażek and Aki Helin of OUSPG for working with us in the development cycle and preventing bugs from ever reaching the stable channel. Various rewards were issued.
The Dev channel has been updated to 16.0.912.12 for Windows, Mac, Linux, and Chrome Frame.Full details about what changes are in this build are available in the SVN revision log.
The Stable channel has been updated to 15.0.874.106 for Windows, Mac, Linux, and Chrome Frame. This release fixes login issues to Barrons Online and The Wall Street Journal (Issue 101274).
The Dev channel has been updated to 16.0.912.15 for Windows, Mac, Linux, and Chrome Frame. This release contains fixes for stability. Full details about what changes are in this build are available in the SVN revision log.
The Dev channel has been updated to 16.0.912.21 for Windows, Mac, Linux, and Chrome Frame. This release contains stability fixes. Full details about what changes are in this build are available in the SVN revision log.
The Beta channel has been updated to 16.0.912.21 for Windows, Mac, Linux, and Chrome Frame. For an overview of key features in this release check out the Google Chrome Blog.
The Dev channel has been updated to 17.0.928.0 for Windows, Mac, Linux, and Chrome Frame. This build contains the following updates:All Updated V8 - 3.6.6.3 Prompt the user if they want to cancel downloads occurring when the last Incognito Window of a profile is closed. Panels are enabled by default (extensions-only, “Tasky” in Web Store is one example) Adjustable margins supported in Print Preview. Mouse Lock “Allow” permission (given via a prompt) is now saved in content settings per domain.Linux Fix the multi-profile selection bubble when using a chrome-theme [r107495] Optimization work to make the GTK+ tabstrip do less redundant painting. Please report any regressions, especially with complex themes. [Issue: 100803]Known Issues NaCl will not run on Windows Indexed Database: IDBDatabase.transaction() - passing [] as first argument is no longer supported per specification [Issue: 99690] Indexed Database: Databases will fail to load previously created object stores [Issue: 102537].Full details about what changes are in this build are available in the SVN revision log.
The Dev channel has been updated to 17.0.932.0 for Windows, Mac, Linux, and Chrome Frame. This build contains the following updates:All Fixed possible hang when using the GPU (Issue: 102214).Windows Fixed a bug causing the missing plug-in infobar (“An additional plug-in is required…”) to wrongly appear (Issue: 101821) Stopped search engine dialog from appearing even when not changed. NaCl working again on Win64.Known Issues In some cases, clicking the “Install plug-in” button on the missing plug-in infobar does nothing (Issue: 103216). A workaround is to click on the plug-in placeholder on the page instead.Full details about what changes are in this build are available in the SVN revision log.
The Beta channel has been updated to 16.0.912.32 for Windows, Mac, Linux, and Chrome Frame. For an overview of key features in this release check out the Google Chrome Blog.
The Stable channel has been updated to 15.0.874.120 for Windows, Mac, Linux and Chrome Frame platformsAll Updated V8 - 3.5.10.23 Fix small print sizing issues (issues: 102186, 82472, 102154) This new build also contains a new version of Flash which contains security fixes.Mac Fixed the "certificate is not yet valid" error for server certificate issued by a VeriSign intermediate CA. (issue 101555)Security fixes and rewards:Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix. [$500] [100465] High CVE-2011-3892: Double free in Theora decoder. Credit to Aki Helin of OUSPG. [$500] [100492] [100543] Medium CVE-2011-3893: Out of bounds reads in MKV and Vorbis media handlers. Credit to Aki Helin of OUSPG. [101172] High CVE-2011-3894: Memory corruption regression in VP8 decoding. Credit to Andrew Scherkus of the Chromium development community. [$1000] [101458] High CVE-2011-3895: Heap overflow in Vorbis decoder. Credit to Aki Helin of OUSPG. [101624] High CVE-2011-3896: Buffer overflow in shader variable mapping. Credit to Ken “strcpy” Russell of the Chromium development community. [102242] High CVE-2011-3897: Use-after-free in editing. Credit to pa_kt reported through ZDI (ZDI-CAN-1416). [102461] Low CVE-2011-3898: Failure to ask for permission to run applets in JRE7. Credit to Google Chrome Security Team (Chris Evans).The bugs [100465], [100492], [100543] and [101458] were detected using AddressSanitizer. Full details about what changes have been made in this release are available in the SVN revisions log.
The Beta channel has been updated to 16.0.912.36 for Windows, Mac, Linux, and Chrome Frame. For an overview of key features in this release check out the Google Chrome Blog.
The Dev channel has been updated to 17.0.938.0 for Windows, Mac, Linux, and Chrome Frame. This build contains the following updates: Updated V8 - 3.7.6.0. This release includes the new garbage collector. Windows: Fixed a bug where the missing plug-in infobar would not do anything (issue 103216).Full details about what changes are in this build are available in the SVN revision log.
The Stable channel has been updated to 15.0.874.121 for Windows, Mac, Linux and Chrome Frame platformsAll Updated V8 - 3.5.10.24 This build contains the fix to a regression: SVG in iframe doesn't use specified dimensions (Issue: 98951)Security fixes and rewards:Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix. [$1000] [103259] High CVE-2011-3900: Out-of-bounds write in v8. Credit to Christian Holler.Full details about what changes have been made in this release are available in the SVN revisions log.
Autor
Thema: Chrome / Chromium / Iron Browser .... (Gelesen 170562 mal)
