版本號:
69.0.3497.81

更新項目:

  • UI 改進 (外觀很圓…)
  • 40個安全性修復
    • [$5000][867776] High CVE-2018-16065: Out of bounds write in V8. Reported by Brendon Tiszka on 2018-07-26
    • [$3000][847570] High CVE-2018-16066:Out of bounds read in Blink. Reported by cloudfuzzer on 2018-05-29
    • [$500][860522] High CVE-2018-16067: Out of bounds read in WebAudio. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-07-05
    • [N/A][877182] High CVE-2018-16068: Out of bounds write in Mojo. Reported by Mark Brand of Google Project Zero on 2018-08-23
    • [N/A][848238] High CVE-2018-16069:Out of bounds read in SwiftShader. Reported by Mark Brand of Google Project Zero on 2018-05-31
    • [N/A][848716] High CVE-2018-16070: Integer overflow in Skia. Reported by Ivan Fratric of Google Project Zero on 2018-06-01
    • [N/A][855211] High CVE-2018-16071: Use after free in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-06-21
    • [$4000][864283] Medium CVE-2018-16072: Cross origin pixel leak in Chrome’s interaction with Android’s MediaPlayer. Reported by Jun Kokatsu (@shhnjk) on 2018-07-17
    • [$3000][863069] Medium CVE-2018-16073: Site Isolation bypass after tab restore. Reported by Jun Kokatsu (@shhnjk) on 2018-07-12
    • [$3000][863623] Medium CVE-2018-16074: Site Isolation bypass using Blob URLS. Reported by Jun Kokatsu (@shhnjk) on 2018-07-13
    • [$2500][864932] Medium: Out of bounds read in Little-CMS. Reported by Quang Nguyễn (@quangnh89) of Viettel Cyber Security on 2018-07-18
    • [$2000][788936] Medium CVE-2018-16075: Local file access in Blink. Reported by Pepe Vila (@cgvwzq) on 2017-11-27
    • [$2000][867501] Medium CVE-2018-16076: Out of bounds read in PDFium. Reported by Aleksandar Nikolic of Cisco Talos on 2018-07-25
    • [$2000][848123] Medium: Cross origin read. Reported by Luan Herrera (@lbherrera_) on 2018-05-31
    • [848535] Low CVE-2018-16087: Multiple download restriction bypass.
    • [848531] Low CVE-2018-16088: User gesture requirement bypass.
    • [$1000][377995] Medium CVE-2018-16077: Content security policy bypass in Blink. Reported by Manuel Caballero on 2014-05-27
    • [$1000][858820] Medium CVE-2018-16078: Credit card information leak in Autofill. Reported by Cailan Sacks on 2018-06-28
    • [$500][723503] Medium CVE-2018-16079: URL spoof in permission dialogs. Reported by Markus Vervier and Michele Orrù (antisnatchor) on 2017-05-17
    • [$500][858929] Medium CVE-2018-16080: URL spoof in full screen mode. Reported by Khalil Zhani on 2018-06-29
    • [N/A][666299] Medium CVE-2018-16081: Local file access in DevTools. Reported by Jann Horn of Google Project Zero on 2016-11-17
    • [N/A][851398] Medium CVE-2018-16082: Stack buffer overflow in SwiftShader. Reported by Omair on 2018-06-11
    • [N/A][856823] Medium CVE-2018-16083: Out of bounds read in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-06-26
    • [$1000][865202] Low CVE-2018-16084: User confirmation bypass in external protocol handling. Reported by Jun Kokatsu (@shhnjk) on 2018-07-18
    • [$500][844428] Low CVE-2018-16086: Script injection in New Tab Page. Reported by Alexander Shutov (Dark Reader extension) on 2018-05-18
    • [N/A][856578] Low CVE-2018-16085: Use after free in Memory Instrumentation. Reported by Roman Kuksin of Yandex on 2018-06-26
  • 新API,請參閱:https://developers.google.com/web/updates/2018/09/nic69

參考資料:

https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html

Google Chrome 官方下載點

廣告

發表迴響

在下方填入你的資料或按右方圖示以社群網站登入:

WordPress.com 標誌

您的留言將使用 WordPress.com 帳號。 登出 /  變更 )

Google photo

您的留言將使用 Google 帳號。 登出 /  變更 )

Twitter picture

您的留言將使用 Twitter 帳號。 登出 /  變更 )

Facebook照片

您的留言將使用 Facebook 帳號。 登出 /  變更 )

連結到 %s