Google Chrome 22.0.1229.79

Naviga SWZ: Home Page » News
News del 26 Settembre 12 Autore: Gianplugged
Google Chrome 22.0.1229.79

Note di rilascio:

The Chrome Team is excited to announce the promotion of Chrome 22 to the stable channel.  Chrome 22.0.1229.79 (also now available on the beta channel) has a number of new and exciting updates including:

Mouse Lock API availability for Javascript
Additional Windows 8 enhancements
Continued polish for users of HiDPI/Retina screens

You can find out more about Chrome 22 on the Official Chrome Blog.

Security fixes and rewards:

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.Occasionally, we issue special rewards for bugs outside of Chrome, particularly where the bug is very severe and/or we are able to partially work around the issue:

  • [$5000] [146254] Critical CVE-2012-2897: Windows kernel memory corruption. Credit to Eetu Luodemaa and Joni Vähämäki, both from Documill.
  • And back to your regular scheduled rewards, including some at the new higher levels:
  • [$10000] [143439] High CVE-2012-2889: UXSS in frame handling. Credit to Sergey Glazunov.
  • [$5000] [143437] High CVE-2012-2886: UXSS in v8 bindings. Credit to Sergey Glazunov.
  • [$2000] [139814] High CVE-2012-2881: DOM tree corruption with plug-ins. Credit to Chamal de Silva.
  • [$1000] [135432] High CVE-2012-2876: Buffer overflow in SSE2 optimizations. Credit to Atte Kettunen of OUSPG.
  • [$1000] [140803] High CVE-2012-2883: Out-of-bounds write in Skia. Credit to Atte Kettunen of OUSPG.
  • [$1000] [143609] High CVE-2012-2887: Use-after-free in onclick handling. Credit to Atte Kettunen of OUSPG.
  • [$1000] [143656] High CVE-2012-2888: Use-after-free in SVG text references. Credit to miaubiz.
  • [$1000] [144899] High CVE-2012-2894: Crash in graphics context handling. Credit to Sławomir Błażek.
  • [Mac only]
    [$1000] [145544] High CVE-2012-2896: Integer overflow in WebGL. Credit to miaubiz.
  • [$500] [137707] Medium CVE-2012-2877: Browser crash with extensions and modal dialogs. Credit to Nir Moshe.
  • [$500] [139168] Low CVE-2012-2879: DOM topology corruption. Credit to pawlkt.
  • [$500] [141651] Medium CVE-2012-2884: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.
  • [132398] High CVE-2012-2874: Out-of-bounds write in Skia. Credit to Google Chrome Security Team (Inferno).
  • [134955] [135488] [137106] [137288] [137302] [137547] [137556] [137606] [137635] [137880] [137928] [144579] [145079] [145121] [145163] [146462] Medium CVE-2012-2875: Various lower severity issues in the PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.
  • [137852] High CVE-2012-2878: Use-after-free in plug-in handling. Credit to Fermin Serna of Google Security Team.
  • [139462] Medium CVE-2012-2880: Race condition in plug-in paint buffer. Credit to Google Chrome Security Team (Cris Neckar).
  • [140647] High CVE-2012-2882: Wild pointer in OGG container handling. Credit to Google Chrome Security Team (Inferno).
  • [142310] Medium CVE-2012-2885: Possible double free on exit. Credit to the Chromium development community.
  • [143798] [144072] [147402] High CVE-2012-2890: Use-after-free in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.
  • [144051] Low CVE-2012-2891: Address leak over IPC. Credit to Lei Zhang of the Chromium development community.
  • [144704] Low CVE-2012-2892: Pop-up block bypass. Credit to Google Chrome Security Team (Cris Neckar).
  • [144799] High CVE-2012-2893: Double free in XSL transforms. Credit to Google Chrome Security Team (Cris Neckar).
  • [145029] [145157] [146460] High CVE-2012-2895: Out-of-bounds writes in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

  • Many of the above bugs were detected using AddressSanitizer.
  • We’d also like to thank Arthur Gerkis for working with us during the development cycle and preventing security regressions from ever reaching the stable channel.

  • Full details about what´s in this release are available in the SVN revision log. Found a bug? Report it! On a different channel, but want to join us on the Beta train? The Chromium wiki has you covered.
  • Inserisci un commento sul forum Commenta la News sul Forum

    Voto:

    Categoria: P2P e Web

    Licenza: Open source

    OS: Windows, Linux, OS X

    La Community di SWZone.it

    La community con le risposte che cerchi ! Partecipa é gratis !
    Iscrizione ForumIscriviti al Forum

    Newsletter

    Vuoi ricevere tutti gli aggiornamenti di SWZone direttamente via mail ?
    Iscrizione NewsletterIscriviti alla Newsletter

    NOTIZIE CORRELATE