22.02.2013, 08:27
Wersja 25 Google Chrome jest już w kanale stabilnym.
Źródło:
Cytat: The Chrome team is excited to announce the promotion of Chrome 25 to the Stable Channel. Chrome 25.0.1364.97 for Windows and Linux, and 25.0.1364.99 for Mac contain a number of new items including:
Improvements in managing and securing your extensions
Better support for HTML5 time/date inputs
JavaScript Web Speech API support
Better WebGL error handling
And lots of other features for developers
Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
[$1000][172243]High CVE-2013-0879: Memory corruption with web audio node. Credit to Atte Kettunen of OUSPG.
[$1000][171951]High CVE-2013-0880: Use-after-free in database handling. Credit to Chamal de Silva.
[$500][167069]Medium CVE-2013-0881: Bad read in Matroska handling. Credit to Atte Kettunen of OUSPG.
[$500][165432]High CVE-2013-0882: Bad memory access with excessive SVG parameters. Credit to Renata Hodovan.
[$500][142169]Medium CVE-2013-0883: Bad read in Skia. Credit to Atte Kettunen of OUSPG.
[172984]Low CVE-2013-0884: Inappropriate load of NaCl. Credit to Google Chrome Security Team (Chris Evans).
[172369]Medium CVE-2013-0885: Too many API permissions granted to web store.
[Mac only][171569]Medium CVE-2013-0886: Incorrect NaCl signal handling. Credit to Mark Seaborn of the Chromium development community.
[171065][170836]Low CVE-2013-0887: Developer tools process has too many permissions and places too much trust in the connected server.
[170666]Medium CVE-2013-0888: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno).
[170569]Low CVE-2013-0889: Tighten user gesture check for dangerous file downloads.
[169973][169966]High CVE-2013-0890: Memory safety issues across the IPC layer. Credit to Google Chrome Security Team (Chris Evans).
[169685]High CVE-2013-0891: Integer overflow in blob handling. Credit to Google Chrome Security Team (Jüri Aedla).
[169295][168710][166493][165836][165747][164958][164946]Medium CVE-2013-0892: Lower severity issues across the IPC layer. Credit to Google Chrome Security Team (Chris Evans).
[168570]Medium CVE-2013-0893: Race condition in media handling. Credit to Andrew Scherkus of the Chromium development community.
[168473]High CVE-2013-0894: Buffer overflow in vorbis decoding. Credit to Google Chrome Security Team (Inferno).
[Linux / Mac][167840]High CVE-2013-0895: Incorrect path handling in file copying. Credit to Google Chrome Security Team (Jüri Aedla).
[166708]High CVE-2013-0896: Memory management issues in plug-in message handling. Credit to Google Chrome Security Team (Cris Neckar).
[165537]Low CVE-2013-0897: Off-by-one read in PDF. Credit to Mateusz Jurczyk, with contributions by Gynvael Coldwind, both from Google Security Team.
[164643]High CVE-2013-0898: Use-after-free in URL handling. Credit to Alexander Potapenko of the Chromium development community.
[160480]Low CVE-2013-0899: Integer overflow in Opus handling. Credit to Google Chrome Security Team (Jüri Aedla).
[152442]Medium CVE-2013-0900: Race condition in ICU. Credit to Google Chrome Security Team (Inferno).
Źródło:
[Aby zobaczyć linki, zarejestruj się tutaj]