作者FongChen (楓塵)
看板Browsers
標題[-GC-] Stable Channel Update 29.0.1547.57
時間Wed Aug 21 13:07:26 2013
Stable Channel Update
TUESDAY, AUGUST 20, 2013
http://googlechromereleases.blogspot.tw/2013/08/stable-channel-update.html
The Chrome team is excited to announce the promotion of Chrome 29 to the
Stable channel for Windows, Mac, Linux and Chrome Frame. Chrome 29.0.1547.57
contains a number of fixes and improvments, including:
‧Improved Omnibox suggestions based on the recency of sites you have visited
‧Ability to reset your profile back to its original state
‧Many new apps and extensions APIs
‧Lots of stability and performance improvements
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority
of users are updated with a fix. This commonly occurs if the bug exists in a
third party library that other projects similarly depend on, but haven’t yet
fixed.
This update includes 25 security fixes. Below, we highlight some fixes that
were either contributed by external researchers or particularly interesting.
Please see the Chromium security page for more information.
‧[$1337] [181617] High CVE-2013-2900: Incomplete path sanitization in file
handling. Credit to Krystian Bigaj.
‧[$500] [254159] Low CVE-2013-2905: Information leak via overly broad
permissions on shared memory files. Credit to Christian Jaeger.
‧[$1337] [257363] High CVE-2013-2901: Integer overflow in ANGLE. Credit to
Alex Chapman.
‧[$1000] [260105] High CVE-2013-2902: Use after free in XSLT. Credit to
cloudfuzzer.
‧[$1000] [260156] High CVE-2013-2903: Use after free in media element.
Credit to cloudfuzzer.
‧[$1000] [260428] High CVE-2013-2904: Use after free in document parsing.
Credit to cloudfuzzer.
In addition, our ongoing internal security work was as usual responsible for
a wide range of fixes:
‧[274602] CVE-2013-2887: Various fixes from internal audits, fuzzing and
other initiatives (Chrome 29).
--
※ 發信站: 批踢踢實業坊(ptt.cc)
◆ From: 1.161.171.80
推 sb107912:push 08/21 17:51
推 sasox03:看來Omnibox兩邊的詭異空白不是bug,還以為電腦怪怪的... 08/22 08:11