Sercan Canpolat
Kilopat
- Katılım
- 5 Ağustos 2013
- Mesajlar
- 2.632
- Makaleler
- 66
Sürüm notları: (İngilizce)
The Chrome team is delighted to announce the promotion of Chrome 40 to the stable channel for Windows, Mac and Linux. Chrome 40.0.2214.91 contains a number of fixes and improvements, including:
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 62 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.
[430353] High CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning.
[435880] High CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne.
[434136] High CVE-2014-7925: Use-after-free in WebAudio. Credit to mark.buer.
[422824] High CVE-2014-7926: Memory corruption in ICU. Credit to yangdingning.
[444695] High CVE-2014-7927: Memory corruption in V8. Credit to Christian Holler.
[435073] High CVE-2014-7928: Memory corruption in V8. Credit to Christian Holler.
[442806] High CVE-2014-7930: Use-after-free in DOM. Credit to cloudfuzzer.
[442710] High CVE-2014-7931: Memory corruption in V8. Credit to cloudfuzzer.
[443115] High CVE-2014-7929: Use-after-free in DOM. Credit to cloudfuzzer.
[429666] High CVE-2014-7932: Use-after-free in DOM. Credit to Atte Kettunen of OUSPG.
[427266] High CVE-2014-7933: Use-after-free in FFmpeg. Credit to aohelin.
[427249] High CVE-2014-7934: Use-after-free in DOM. Credit to cloudfuzzer.
[402957] High CVE-2014-7935: Use-after-free in Speech. Credit to Khalil Zhani.
[428561] High CVE-2014-7936: Use-after-free in Views. Credit to Christoph Diehl.
[419060] High CVE-2014-7937: Use-after-free in FFmpeg. Credit to Atte Kettunen of OUSPG.
[416323] High CVE-2014-7938: Memory corruption in Fonts. Credit to Atte Kettunen of OUSPG.
[399951] High CVE-2014-7939: Same-origin-bypass in V8. Credit to Takeshi Terada.
[433866] Medium CVE-2014-7940: Uninitialized-value in ICU. Credit to miaubiz.
[428557] Medium CVE-2014-7941: Out-of-bounds read in UI. Credit to Atte Kettunen of OUSPG and Christoph Diehl.
[426762] Medium CVE-2014-7942: Uninitialized-value in Fonts. Credit to miaubiz.
[422492] Medium CVE-2014-7943: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.
[418881] Medium CVE-2014-7944: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
[414310] Medium CVE-2014-7945: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
[414109] Medium CVE-2014-7946: Out-of-bounds read in Fonts. Credit to miaubiz.
[430566] Medium CVE-2014-7947: Out-of-bounds read in PDFium. Credit to fuzztercluck.
[414026] Medium CVE-2014-7948: Caching error in AppCache. Credit to jiayaoqijia.
We would also like to thank Atte Kettunen of OUSPG, Christian Holler, cloudfuzzer and Khalil Zhanifor working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $35000 in additional rewards were issued.
As usual, our ongoing internal security work was responsible for a wide range of fixes
Resmi: Chrome
Resmi (Çevrımdışı yükleme): Alternatif (çevrimdışı) Google Chrome yükleyicisi
Alternatif: Google Chrome 40
Not: Google Chrome'da yazıların bulanık görünmesi sorununu yaşayanlar aşağıdaki verdiğim makalede verilen talimatları aynen uygulasınlar.
Chrome 37 Sonrası Oluşan Görsel Sorunlar İçin Çözüm - Technopat
Güncelleme: Google Chrome'un 40.0.2214.111 sürümü yayınlandı. Bu yeni sürümde 11 güvenlik açığı giderildi. İndirmek için yukarıdaki bağlantıları kullanabilirsiniz.
Google Chrome'un yeni sürümü 40.0.2214.115'tir.
The Chrome team is delighted to announce the promotion of Chrome 40 to the stable channel for Windows, Mac and Linux. Chrome 40.0.2214.91 contains a number of fixes and improvements, including:
- Updated info dialog for Chrome app on Windows and Linux.
- A new clock behind/ahead error message.
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 62 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.
[430353] High CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning.
[435880] High CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne.
[434136] High CVE-2014-7925: Use-after-free in WebAudio. Credit to mark.buer.
[422824] High CVE-2014-7926: Memory corruption in ICU. Credit to yangdingning.
[444695] High CVE-2014-7927: Memory corruption in V8. Credit to Christian Holler.
[435073] High CVE-2014-7928: Memory corruption in V8. Credit to Christian Holler.
[442806] High CVE-2014-7930: Use-after-free in DOM. Credit to cloudfuzzer.
[442710] High CVE-2014-7931: Memory corruption in V8. Credit to cloudfuzzer.
[443115] High CVE-2014-7929: Use-after-free in DOM. Credit to cloudfuzzer.
[429666] High CVE-2014-7932: Use-after-free in DOM. Credit to Atte Kettunen of OUSPG.
[427266] High CVE-2014-7933: Use-after-free in FFmpeg. Credit to aohelin.
[427249] High CVE-2014-7934: Use-after-free in DOM. Credit to cloudfuzzer.
[402957] High CVE-2014-7935: Use-after-free in Speech. Credit to Khalil Zhani.
[428561] High CVE-2014-7936: Use-after-free in Views. Credit to Christoph Diehl.
[419060] High CVE-2014-7937: Use-after-free in FFmpeg. Credit to Atte Kettunen of OUSPG.
[416323] High CVE-2014-7938: Memory corruption in Fonts. Credit to Atte Kettunen of OUSPG.
[399951] High CVE-2014-7939: Same-origin-bypass in V8. Credit to Takeshi Terada.
[433866] Medium CVE-2014-7940: Uninitialized-value in ICU. Credit to miaubiz.
[428557] Medium CVE-2014-7941: Out-of-bounds read in UI. Credit to Atte Kettunen of OUSPG and Christoph Diehl.
[426762] Medium CVE-2014-7942: Uninitialized-value in Fonts. Credit to miaubiz.
[422492] Medium CVE-2014-7943: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.
[418881] Medium CVE-2014-7944: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
[414310] Medium CVE-2014-7945: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
[414109] Medium CVE-2014-7946: Out-of-bounds read in Fonts. Credit to miaubiz.
[430566] Medium CVE-2014-7947: Out-of-bounds read in PDFium. Credit to fuzztercluck.
[414026] Medium CVE-2014-7948: Caching error in AppCache. Credit to jiayaoqijia.
We would also like to thank Atte Kettunen of OUSPG, Christian Holler, cloudfuzzer and Khalil Zhanifor working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $35000 in additional rewards were issued.
As usual, our ongoing internal security work was responsible for a wide range of fixes
- [449894] CVE-2015-1205: Various fixes from internal audits, fuzzing and other initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 3.30 branch (currently 3.30.33.15).
Resmi: Chrome
Resmi (Çevrımdışı yükleme): Alternatif (çevrimdışı) Google Chrome yükleyicisi
Alternatif: Google Chrome 40
Not: Google Chrome'da yazıların bulanık görünmesi sorununu yaşayanlar aşağıdaki verdiğim makalede verilen talimatları aynen uygulasınlar.
Chrome 37 Sonrası Oluşan Görsel Sorunlar İçin Çözüm - Technopat
Güncelleme: Google Chrome'un 40.0.2214.111 sürümü yayınlandı. Bu yeni sürümde 11 güvenlik açığı giderildi. İndirmek için yukarıdaki bağlantıları kullanabilirsiniz.
Google Chrome'un yeni sürümü 40.0.2214.115'tir.
