1. Вы находитесь в архивной версии форума xaker.name. Здесь собраны темы с 2007 по 2012 год, большинство инструкций и мануалов уже неактуальны.

Google Chrome

  1. Google Chrome 3.0.196.2 Beta
    Changelog:
    Код:
    3.0.196.2 has been release which contains only a single change that reverts the tab focus experiment.
    Скачать (10.6Mb)
     
    1 человеку нравится это.
  2. chezzy
    Вышло одно из масштабных обновлений стабильной версии веб-браузера Google Chrome 5.0.375.70. Масштабность обновления заключается в количестве и характере устраняемых уязвимостей. В новой стабильной версии исправлено 11 уязвимостей, 9 из которых являются критическими.

    Практически все уязвимости обладают кроссплатформленностью, присущей уязвимому браузеру Google Chrome, тем самым уравнивая безопасность веб-серфинга пользователей Linux, Mac и Windows. Однако, одна из уязвимостей ориентирована лишь на Linux платформы и позволяет злоумышленнику обойти ограничения "песочницы", считающейся основой безопасного веб-серфинга с использованием веб-браузера Google Chrome.

    Два сторонних исследователя безопасности получат вознаграждение общей суммой 2500 долларов США по программе Chromium Security Reward за сообщение об обнаруженных уязвимостях. Всем пользователям Google Chrome 5 рекомендуется выполнить обновление до текущей стабильной версии веб-браузера через официальный веб-сайт или средство автоматического обновления.
     
    1 человеку нравится это.
  3. Новая стабильная версия: Google Chrome 8.0.552.215 Stable




    [+] Changelog
    * [17655] Low Possible pop-up blocker bypass. Credit to Google Chrome Security Team (SkyLined).
    * [55745] Medium Cross-origin video theft with canvas. Credit to Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR).
    * [56237] Low Browser crash with HTML5 databases. Credit to Google Chrome Security Team (Inferno).
    * [58319] Low Prevent excessive file dialogs, possibly leading to browser crash. Credit to Cezary Tomczak (gosu.pl).
    * [$500] [59554] High Use after free in history handling. Credit to Stefan Troger.
    * [Linux / Mac] [59817] Medium Make sure the “dangerous file types” list is uptodate with the Windows platforms. Credit to Billy Rios of the Google Security Team.
    * [61701] Low Browser crash with HTTP proxy authentication. Credit to Mohammed Bouhlel.
    * [61653] Medium Out-of-bounds read regression in WebM video support. Credit to Google Chrome Security Team (Chris Evans), based on earlier testcases from Mozilla and Microsoft (MSVR).
    * [$1000] [62127] High Crash due to bad indexing with malformed video. Credit to miaubiz.
    * [62168] Medium Possible browser memory corruption via malicious privileged extension. Credit to kuzzcc.
    * [$1000] [62401] High Use after free with SVG animations. Credit to Sławomir Błażek.
    * [$500] [63051] Medium Use after free in mouse dragging event handling. Credit to kuzzcc.
    * [$1000] [63444] High Double free in XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.

    [свернуть]


    скачать
     
    1 человеку нравится это.
  4. Google Chrome 8.0.552.237

    Changelog

    Код:
    [58053] Medium Browser crash in extensions notification handling. Credit to Eric Roman of the Chromium development community.
    [65764] High Bad pointer handling in node iteration. Credit to Sergey Glazunov.
    [66334] High Crashes when printing multi-page PDFs. Credit to Google Chrome Security Team (Chris Evans).
    [66560] High Stale pointer with CSS + canvas. Credit to Sergey Glazunov.
    [66748] High Stale pointer with CSS + cursors. Credit to Jan Tošovský.
    [67100] High Use after free in PDF page handling. Credit to Google Chrome Security Team (Chris Evans).
    [67208] High Stack corruption after PDF out-of-memory condition. Credit to Jared Allar of CERT.
    [67303] High Bad memory access with mismatched video frame sizes. Credit to Aki Helin of OUSPG; plus independent discovery by Google Chrome Security Team (SkyLined) and David Warren of CERT.
    [67363] High Stale pointer with SVG use element. Credited anonymously; plus indepdent discovery by miaubiz.
    [67393] Medium Uninitialized pointer in the browser triggered by rogue extension. Credit to kuzzcc.
    [68115] High Vorbis decoder buffer overflows. Credit to David Warren of CERT.
    [68170] High Buffer overflow in PDF shading. Credit to Aki Helin of OUSPG.
    [68178] High Bad cast in anchor handling. Credit to Sergey Glazunov.
    [68181] High Bad cast in video handling. Credit to Sergey Glazunov.
    [68439] High Stale rendering node after DOM node removal. Credit to Martin Barbella; plus independent discovery by Google Chrome Security Team (SkyLined).
    [68666] Critical Stale pointer in speech handling. Credit to Sergey Glazunov. 
    скачать
     
  5. Google Chrome 9.0.597.84

    [+] Changelog
    [Mac only] [42989] Low Minor sandbox leak via stat(). Credit to Daniel Cheng of the Chromium development community.
    [55831] High Use-after-free in image loading. Credit to Aki Helin of OUSPG.
    [59081] Low Apply some restrictions to cross-origin drag + drop. Credit to Google Chrome Security Team (SkyLined) and the Google Security Team (Michal Zalewski, David Bloom).
    [62791] Low Browser crash with extension with missing key. Credit to Brian Kirchoff.
    [64051] High Crashing when printing in PDF event handler. Credit to Aki Helin of OUSPG.
    [65669] Low Handle merging of autofill profiles more gracefully. Credit to Google Chrome Security Team (Inferno).
    [Mac only] [66931] Low Work around a crash in the Mac OS 10.5 SSL libraries. Credit to Dan Morrison.
    [68244] Low Browser crash with bad volume setting. Credit to Matthew Heidermann.
    [69195] Critical Race condition in audio handling. Credit to the gamers of Reddit!
    [свернуть]


    скачать
     
  6. Google Chrome 9.0.597.94

    [​IMG]

    Changelog

    Код:
    [67234] High Stale pointer in animation event handling. Credit to Rik Cabanier.
    [68120] High Use-after-free in SVG font faces. Credit to miaubiz.
    [69556] High Stale pointer with anonymous block handling. Credit to Martin Barbella.
    [69970] Medium Out-of-bounds read in plug-in handling. Credit to Bill Budge of Google.
    [70456] Medium Possible failure to terminate process on out-of-memory condition. Credit to David Warren of CERT/CC. 
    Скачать
     
  7. Google Chrome 9.0.597.98

    [​IMG]

    Changelog

    Код:
    [67234] High Stale pointer in animation event handling. Credit to Rik Cabanier.
    [68120] High Use-after-free in SVG font faces. Credit to miaubiz.
    [69556] High Stale pointer with anonymous block handling. Credit to Martin Barbella.
    [69970] Medium Out-of-bounds read in plug-in handling. Credit to Bill Budge of Google.
    [70456] Medium Possible failure to terminate process on out-of-memory condition. Credit to David Warren of CERT/CC. 
    скачать
     
    1 человеку нравится это.
  8. Google Chrome 9.0.597.107

    [​IMG]

    Changelog
    Код:
    [$1000] [54262] High URL bar spoof. Credit to Jordi Chancel.
    [$500] [63732] High Crash with javascript dialogs. Credit to Sergey Radchenko.
    [$1000] [68263] High Stylesheet node stale pointer. Credit to Sergey Glazunov.
    [$1000] [68741] High Stale pointer with key frame rule. Credit to Sergey Glazunov.
    [$500] [70078] High Crash with forms controls. Credit to Stefan van Zanden.
    [$1000] [70244] High Crash in SVG rendering. Credit to Sławomir Błażek.
    [64-bit Linux only] [70376] Medium Out-of-bounds read in pickle deserialization. Credit to Evgeniy Stepanov of the Chromium development community.
    [$1000] [71114] High Stale node in table handling. Credit to Martin Barbella.
    [$1000] [71115] High Stale pointer in table rendering. Credit to Martin Barbella.
    [$1000] [71296] High Stale pointer in SVG animations. Credit to miaubiz.
    [$1000] [71386] High Stale nodes in XHTML. Credit to wushi of team509.
    [$1000] [71388] High Crash in textarea handling. Credit to wushi of team509.
    [$1000] [71595] High Stale pointer in device orientation. Credit to Sergey Glazunov.
    [71717] Medium Out-of-bounds read in WebGL. Credit to miaubiz.
    [$1000] [71855] High Integer overflow in textarea handling. Credit to miaubiz.
    [71960] Medium Out-of-bounds read in WebGL. Credit to Google Chrome Security Team (Inferno).
    [72214] High Accidental exposure of internal extension functions. Credit to Tavis Ormandy of the Google Security Team.
    [$1000] [72437] High Use-after-free with blocked plug-ins. Credit to Chamal de Silva.
    [$1000] [73235] High Stale pointer in layout. Credit to Martin Barbella.
    скачать
     
  9. Google Chrome 10.0.648.204 (стабильная версия)

    [+] Changelog
    [$500] [72517] High CVE-2011-1291: Buffer error in base string handling. Credit to Alex Turpin.
    [$1000] [73216] High CVE-2011-1292: Use-after-free in the frame loader. Credit to Sławomir Błażek.
    [$2000] [73595] High CVE-2011-1293: Use-after-free in HTMLCollection. Credit to Sergey Glazunov.
    [$1500] [74562] High CVE-2011-1294: Stale pointer in CSS handling. Credit to Sergey Glazunov.
    [$2000] [74991] High CVE-2011-1295: DOM tree corruption with broken node parentage. Credit to Sergey Glazunov.
    [$1500] [75170] High CVE-2011-1296: Stale pointer in SVG text handling. Credit to Sergey Glazunov.

    [свернуть]


    скачать
     
  10. Google Chrome 11.0.696.65

    Changelog
    - After deleting bookmarks on the Bookmark managers, the bookmark bar doesn't display properly with existing bookmarks. (Issue 80580).
    - About Google Chrome window shows unknown channel for 11.0.696.57 (Issue 80683).
    - Chrome/Mac seems to clobber focus when uploading attachments to Gmail with the flash-based uploader (Issue 77172).
    - Also included is an updated version of Flash Player 10.2.


    Скачать/Download
     
  11. Google Chrome 11.0.696.71 Stable
    [+] Changelog
    [72189] Low CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De Silva.
    [$1000] [82546] High CVE-2011-1804: Stale pointer in floats rendering. Credit to Martin Barbella.
    [82873] Critical CVE-2011-1806: Memory corruption in GPU command buffer. Credit to Google Chrome Security Team (Cris Neckar).
    [82903] Critical CVE-2011-1807: Out-of-bounds write in blob handling. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community.


    The following bugs were fixed:

    REGRESSION: selection extended by arrow keys flickers on LinkedIn.com. (Issue 83197).
    Have ConnectBackupJob try IPv4 first to hide potential long IPv6 connect timeout (Issue 81686).
    Mac plugin crashes are too low in stats (Issue 82172).
    Incorrect ACLs on the archived copy of setup.exe (Issue 82424)

    [свернуть]


    Download
     
  12. Google Chrome 12.0.742.100 Stable


    [+] Изменения:
    [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues in float handling. Credit to miaubiz.
    [75496] Medium CVE-2011-1809: Use-after-free in accessibility support. Credit to Google Chrome Security Team (SkyLined).
    [75643] Low CVE-2011-1810: Visit history information leak in CSS. Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability Research (MSVR).
    [76034] Low CVE-2011-1811: Browser crash with lots of form submissions. Credit to “DimitrisV22”.
    [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to kuzzcc.
    [78516] High CVE-2011-1813: Stale pointer in extension framework. Credit to Google Chrome Security Team (Inferno).
    [79362] Medium CVE-2011-1814: Read from uninitialized pointer. Credit to Eric Roman of the Chromium development community.
    [79862] Low CVE-2011-1815: Extension script injection into new tab page. Credit to kuzzcc.
    [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit to kuzzcc.
    [81916] Medium CVE-2011-1817: Browser memory corruption in history deletion. Credit to Collin Payne.
    [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to miaubiz.
    [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages. Credit to Vladislavas Jarmalis, plus subsequent independent discovery by Sergey Glazunov.
    [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey Glazunov.
    [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey Glazunov.
    [свернуть]


    скачать
     
  13. Google Chrome 12.0.742.112 Stable

    [​IMG]



    Изменения:
    Код:
    [77493] Medium CVE-2011-2345: Out-of-bounds read in NPAPI string handling. Credit to Philippe Arteau.
    [84355] High CVE-2011-2346: Use-after-free in SVG font handling. Credit to miaubiz.
    [85003] High CVE-2011-2347: Memory corruption in CSS parsing. Credit to miaubiz.
    [85102] High CVE-2011-2350: Lifetime and re-entrancy issues in the HTML parser. Credit to miaubiz.
    [85177] High CVE-2011-2348: Bad bounds check in v8. Credit to Aki Helin of OUSPG.
    [85211] High CVE-2011-2351: Use-after-free with SVG use element. Credit to miaubiz.
    [85418] High CVE-2011-2349: Use-after-free in text selection. Credit to miaubiz. 
    скачать/download
     
  14. [​IMG]

    Google Chrome 15.0.874.102


    Changelog
    Код:
    [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi Chancel.
    [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to Jordi Chancel.
    [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of download filenames. Credit to Marc Novak.
    [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to Google Chrome Security Team (Tom Sepez) plus independent discovery by Juho Nurminen.
    [94487] Medium CVE-2011-3878: Race condition in worker process initialization. Credit to miaubiz.
    [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to Masato Kinugawa.
    [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit to Vladimir Vorontsov, ONsec company.
    [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin policy violations. Credit to Sergey Glazunov.
    [96292] High CVE-2011-3882: Use-after-free in media buffer handling. Credit to Google Chrome Security Team (Inferno).
    [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to miaubiz.
    [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian Ryner of the Chromium development community.
    [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale style bugs leading to use-after-free. Credit to miaubiz.
    [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler.
    [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to Sergey Glazunov.
    [99138] High CVE-2011-3888: Use-after-free with plug-in and editing. Credit to miaubiz.
    [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
    [99553] High CVE-2011-3890: Use-after-free in video source handling. Credit to Ami Fischman of the Chromium development community.
    [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to Steven Keuchel of the Chromium development community plus independent discovery by Daniel Divricean.
    Downloads
     
  15. Google Chrome "исполнилось" 20.0​







    Уязвимости которые были закрыты
    __http://googlechromereleases.blogspot.in/2012/06/stable-channel-update_26.html
     
    1 человеку нравится это.