Digital_Computer

구글 크롬 20.0.1132.43 업데이트 (Google Chrome 20.0.1132.43)

BVLGARIAN 2012. 6. 27. 10:50


구글 크롬 20.0.1132.43 업데이트 (Google Chrome 20.0.1132.43)


구글에서 제공되는 오픈소스 브라우저인 구글 크롬 브라우저가  20.0.1132.43 으로 업데이트 되었습니다.


19 버전에서 20 으로 버전이 업데이트 되어서인지 픽스된 버그도 상당히 많네요..


Security fixes and rewards:


Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

[118633] Low CVE-2012-2815: Leak of iframe fragment id. Credit to Elie Bursztein of Google.

[Windows only] [119150] [119250] High CVE-2012-2816: Prevent sandboxed processes interfering with each other. Credit to Google Chrome Security Team (Justin Schuh).

[$1000] [120222] High CVE-2012-2817: Use-after-free in table section handling. Credit to miaubiz.

[$1000] [120944] High CVE-2012-2818: Use-after-free in counter layout. Credit to miaubiz.

[120977] High CVE-2012-2819: Crash in texture handling. Credit to Ken “gets” Russell of the Chromium development community.

[121926] Medium CVE-2012-2820: Out-of-bounds read in SVG filter handling. Credit to Atte Kettunen of OUSPG.

[122925] Medium CVE-2012-2821: Autofill display problem. Credit to “simonbrown60”.

[various] Medium CVE-2012-2822: Misc. lower severity OOB read issues in PDF. Credit to awesome ASAN and various Googlers (Kostya Serebryany, Evgeniy Stepanov, Mateusz Jurczyk, Gynvael Coldwind).

[$1000] [124356] High CVE-2012-2823: Use-after-free in SVG resource handling. Credit to miaubiz.

[$1000] [125374] High CVE-2012-2824: Use-after-free in SVG painting. Credit to miaubiz.

[128688] Medium CVE-2012-2826: Out-of-bounds read in texture conversion. Credit to Google Chrome Security Team (Inferno).

[Mac only] [129826] Low CVE-2012-2827: Use-after-free in Mac UI. Credit to the Chromium development community (Dharani Govindan).

[129857] High CVE-2012-2828: Integer overflows in PDF. Credit to Mateusz Jurczyk of Google Security Team and Google Chrome Security Team (Chris Evans).

[$1000] [129947] High CVE-2012-2829: Use-after-free in first-letter handling. Credit to miaubiz.

[$1000] [129951] High CVE-2012-2830: Wild pointer in array value setting. Credit to miaubiz.

[Windows only] [130276] Low CVE-2012-2764: Unqualified load of metro DLL. Credit to Moshe Zioni of Comsec Consulting.

[$1000] [130356] High CVE-2012-2831: Use-after-free in SVG reference handling. Credit to miaubiz.

[131553] High CVE-2012-2832: Uninitialized pointer in PDF image codec. Credit to Mateusz Jurczyk of Google Security Team.

[132156] High CVE-2012-2833: Buffer overflow in PDF JS API. Credit to Mateusz Jurczyk of Google Security Team.

[$1000] [132779] High CVE-2012-2834: Integer overflow in Matroska container. Credit to Jüri Aedla.


And some additional rewards for issues with a wider scope than Chrome:


[$500] [127417] Medium CVE-2012-2825: Wild read in XSL handling. Credit to Nicholas Gregoire.

[64-bit Linux only] [$3000] [129930] High CVE-2012-2807: Integer overflows in libxml. Credit to Jüri Aedla.



크롬 사용하시는 분들은 설정 > Chrome 정보를 누르면 업데이트가 됩니다.


릴리즈노트 : http://googlechromereleases.blogspot.kr/