Stable Update
Google Chrome 10.0.648.127 has been released to the Stable channel for Windows, Mac, Linux, and Chrome Frame. This release contains 23 security fixes.
Download Google Chrome
Download Google Chrome 10.0.648.127 Stable Channel standalone offline installer at website Download Google Chrome 10.0.648.127 Stable channel or install from website http://www.google.com/chrome
Google Chrome 10.0.648.127 Stable
What's new in Google Chrome 10.0.648.127 Stable, Beta Channel
Google Chrome 10 contains several improvements including:
• New version of V8 - Crankshaft - which greatly improves javascript performance
• New settings pages that open in a tab, rather than a dialog box
• Improved security with malware reporting and disabling outdated plugins by default
• Sandboxed Adobe Flash on Windows
• Password sync as part of Chrome Sync now enabled by default
• GPU Accelerated Video
• Background WebApps
• webNavigation extension API (experimental but ready for testing)
Google Chrome 10.0.648.127 security fixes and rewards
Google Chrome 10.0.648.127 contains several security fixes listed below.
• [42574] [42765] Possible to navigate or close the top location in a sandboxed frame. Credit to sirdarckcat of the Google Security Team. (Low)
• [Linux only] [49747] Work around an X server bug and crash with long messages. Credit to Louis Lang. (Low)
• [Linux only] [66962] Possible browser crash with parallel print()s. Credit to Aki Helin of OUSPG. (Low)
• [69187] Cross-origin error message leak. Credit to Daniel Divricean. [$1337] (Medium)
• [69628] Memory corruption with counter nodes. Credit to Martin Barbella. [$500] (High)
• [70027] Stale node in box layout. Credit to Martin Barbella. [$1000] (High)
• [70336] Cross-origin error message leak with workers. Credit to Daniel Divricean. [$500] (Medium)
• [70442] Use after free with DOM URL handling. Credit to Sergey Glazunov. [$1000] (High)
• [Linux only] [70779] Out of bounds read handling unicode ranges. Credit to miaubiz. (Medium)
• [70877] Same origin policy bypass in v8. Credit to Daniel Divricean. [$1337] (High)
• [70885] [71167] Pop-up blocker bypasses. Credit to Chamal de Silva. (Low)
• [71763] Use-after-free in document script lifetime handling. Credit to miaubiz. [$1000] (High)
• [71788] Out-of-bounds write in the OGG container. Credit to Google Chrome Security Team (SkyLined); plus subsequent independent discovery by David Weston of Microsoft and MSVR. (High)
• [72028] Stale pointer in table painting. Credit to Martin Barbella. [$1000] (High)
• [73026] Use of corrupt out-of-bounds structure in video code. Credit to Tavis Ormandy of the Google Security Team. (High)
• [73066] Crash with the DataView object. Credit to Sergey Glazunov. [$1000] (High)
• [73134] Bad cast in text rendering. Credit to miaubiz. [$1000] (High)
• [73196] Stale pointer in WebKit context code. Credit to Sergey Glazunov. [$2000] (High)
• [73716] Leak of heap address in XSLT. Credit to Google Chrome Security Team (Chris Evans). (Low)
• [73746] Stale pointer with SVG cursors. Credit to Sergey Glazunov. [$1500] (High)
• [74030] DOM tree corruption with attribute handling. Credit to Sergey Glazunov. [$1000] (High)
• [74662] Corruption via re-entrancy of RegExp code. Credit to Christian Holler. [$1000] (High)
• [74675] Invalid memory access in v8. Credit to Christian Holler. [$1000] (High)
Source:
• Google Chrome Releases
No comments:
Post a Comment