본문 바로가기

Digital_Computer

구글 크롬 20.0.1132.43 업데이트 (Google Chrome 20.0.1132.43)


구글 크롬 20.0.1132.43 업데이트 (Google Chrome 20.0.1132.43)


구글에서 제공되는 오픈소스 브라우저인 구글 크롬 브라우저가  20.0.1132.43 으로 업데이트 되었습니다.


19 버전에서 20 으로 버전이 업데이트 되어서인지 픽스된 버그도 상당히 많네요..


Security fixes and rewards:


Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

[118633] Low CVE-2012-2815: Leak of iframe fragment id. Credit to Elie Bursztein of Google.

[Windows only] [119150] [119250] High CVE-2012-2816: Prevent sandboxed processes interfering with each other. Credit to Google Chrome Security Team (Justin Schuh).

[$1000] [120222] High CVE-2012-2817: Use-after-free in table section handling. Credit to miaubiz.

[$1000] [120944] High CVE-2012-2818: Use-after-free in counter layout. Credit to miaubiz.

[120977] High CVE-2012-2819: Crash in texture handling. Credit to Ken “gets” Russell of the Chromium development community.

[121926] Medium CVE-2012-2820: Out-of-bounds read in SVG filter handling. Credit to Atte Kettunen of OUSPG.

[122925] Medium CVE-2012-2821: Autofill display problem. Credit to “simonbrown60”.

[various] Medium CVE-2012-2822: Misc. lower severity OOB read issues in PDF. Credit to awesome ASAN and various Googlers (Kostya Serebryany, Evgeniy Stepanov, Mateusz Jurczyk, Gynvael Coldwind).

[$1000] [124356] High CVE-2012-2823: Use-after-free in SVG resource handling. Credit to miaubiz.

[$1000] [125374] High CVE-2012-2824: Use-after-free in SVG painting. Credit to miaubiz.

[128688] Medium CVE-2012-2826: Out-of-bounds read in texture conversion. Credit to Google Chrome Security Team (Inferno).

[Mac only] [129826] Low CVE-2012-2827: Use-after-free in Mac UI. Credit to the Chromium development community (Dharani Govindan).

[129857] High CVE-2012-2828: Integer overflows in PDF. Credit to Mateusz Jurczyk of Google Security Team and Google Chrome Security Team (Chris Evans).

[$1000] [129947] High CVE-2012-2829: Use-after-free in first-letter handling. Credit to miaubiz.

[$1000] [129951] High CVE-2012-2830: Wild pointer in array value setting. Credit to miaubiz.

[Windows only] [130276] Low CVE-2012-2764: Unqualified load of metro DLL. Credit to Moshe Zioni of Comsec Consulting.

[$1000] [130356] High CVE-2012-2831: Use-after-free in SVG reference handling. Credit to miaubiz.

[131553] High CVE-2012-2832: Uninitialized pointer in PDF image codec. Credit to Mateusz Jurczyk of Google Security Team.

[132156] High CVE-2012-2833: Buffer overflow in PDF JS API. Credit to Mateusz Jurczyk of Google Security Team.

[$1000] [132779] High CVE-2012-2834: Integer overflow in Matroska container. Credit to Jüri Aedla.


And some additional rewards for issues with a wider scope than Chrome:


[$500] [127417] Medium CVE-2012-2825: Wild read in XSL handling. Credit to Nicholas Gregoire.

[64-bit Linux only] [$3000] [129930] High CVE-2012-2807: Integer overflows in libxml. Credit to Jüri Aedla.



크롬 사용하시는 분들은 설정 > Chrome 정보를 누르면 업데이트가 됩니다.


릴리즈노트 : http://googlechromereleases.blogspot.kr/