Google Chrome v71.0.3578.80 正式版发布
- cnbeta
- 2018-12-05 20:14
谷歌浏览器Google Chrome稳定版迎来v71首个版本发布,详细版本号为v71.0.3578.80,上一个正式版v70.0.3538.110发布于10月17日,时隔15天Google又发布了新版Chrome浏览器,本次升级主要是更新了43项安全修复和稳定性改进及用户体验。
谷歌浏览器v70正式版引入了诸多新的功能,包括画中画功能,禁用谷歌绑定登陆,在Windows平台支持Progressive Web Apps,允许用户严苛限制扩展可访问的网站白名单,此外还有AV1解码器等。
官方更新日志
Chrome稳定版已经更新到v71.0.3578.80
安全修复程序和奖励
更新包括43项安全修复
[$N/A][905940] High CVE-2018-17480: Out of bounds write in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 via Tianfu Cup on 2018-11-16
[$6000][901654] High CVE-2018-17481: Use after frees in PDFium. Reported by Anonymous on 2018-11-04
[$5000][895362] High CVE-2018-18335: Heap buffer overflow in Skia. Reported by Anonymous on 2018-10-15
[$5000][898531] High CVE-2018-18336: Use after free in PDFium. Reported by Huyna at Viettel Cyber Security on 2018-10-24
[$3000][886753] High CVE-2018-18337: Use after free in Blink. Reported by cloudfuzzer on 2018-09-19
[$3000][890576] High CVE-2018-18338: Heap buffer overflow in Canvas. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-09-29
[$3000][891187] High CVE-2018-18339: Use after free in WebAudio. Reported by cloudfuzzer on 2018-10-02
[$3000][896736] High CVE-2018-18340: Use after free in MediaRecorder. Reported by Anonymous on 2018-10-18
[$3000][901030] High CVE-2018-18341: Heap buffer overflow in Blink. Reported by cloudfuzzer on 2018-11-01
[$3000][906313] High CVE-2018-18342: Out of bounds write in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2018-11-17
[$1000][882423] High CVE-2018-18343: Use after free in Skia. Reported by Tran Tien Hung (@hungtt28) of Viettel Cyber Security on 2018-09-10
[$TBD][866426] High CVE-2018-18344: Inappropriate implementation in Extensions. Reported by Jann Horn of Google Project Zero on 2018-07-23
[$TBD][900910] High To be allocated: Multiple issues in SQLite via WebSQL. Reported by Wenxiang Qian of Tencent Blade Team on 2018-11-01
[$8000][886976] Medium CVE-2018-18345: Inappropriate implementation in Site Isolation. Reported by Masato Kinugawa and Jun Kokatsu (@shhnjk) on 2018-09-19
[$2000][606104] Medium CVE-2018-18346: Incorrect security UI in Blink. Reported by Luan Herrera (@lbherrera_) on 2016-04-23
[$2000][850824] Medium CVE-2018-18347: Inappropriate implementation in Navigation. Reported by Luan Herrera (@lbherrera_) on 2018-06-08
[$2000][881659] Medium CVE-2018-18348: Inappropriate implementation in Omnibox. Reported by Ahmed Elsobky (@0xsobky) on 2018-09-07
[$2000][894399] Medium CVE-2018-18349: Insufficient policy enforcement in Blink. Reported by David Erceg on 2018-10-11
[$1000][799747] Medium CVE-2018-18350: Insufficient policy enforcement in Blink. Reported by Jun Kokatsu (@shhnjk) on 2018-01-06
[$1000][833847] Medium CVE-2018-18351: Insufficient policy enforcement in Navigation. Reported by Jun Kokatsu (@shhnjk) on 2018-04-17
[$1000][849942] Medium CVE-2018-18352: Inappropriate implementation in Media. Reported by Jun Kokatsu (@shhnjk) on 2018-06-06
[$1000][884179] Medium CVE-2018-18353: Inappropriate implementation in Network Authentication. Reported by Wenxu Wu (@ma7h1as) of Tencent Security Xuanwu Lab on 2018-09-14
[$1000][889459] Medium CVE-2018-18354: Insufficient data validation in Shell Integration. Reported by Wenxu Wu (@ma7h1as) of Tencent Security Xuanwu Lab on 2018-09-26
[$500][896717] Medium CVE-2018-18355: Insufficient policy enforcement in URL Formatter. Reported by evi1m0 of Bilibili Security Team on 2018-10-18
[$TBD][883666] Medium CVE-2018-18356: Use after free in Skia. Reported by Tran Tien Hung (@hungtt28) of Viettel Cyber Security on 2018-09-13
[$TBD][895207] Medium CVE-2018-18357: Insufficient policy enforcement in URL Formatter. Reported by evi1m0 of Bilibili Security Team on 2018-10-15
[$TBD][899126] Medium CVE-2018-18358: Insufficient policy enforcement in Proxy. Reported by Jann Horn of Google Project Zero on 2018-10-26
[$TBD][907714] Medium CVE-2018-18359: Out of bounds read in V8. Reported by cyrilliu of Tencent Zhanlu Lab on 2018-11-22
[$500][851821] Low To be allocated: Inappropriate implementation in PDFium. Reported by Salem Faisal Elmrayed on 2018-06-12
[$500][856135] Low To be allocated: Use after free in Extensions. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-06-25
[$500][879965] Low To be allocated: Inappropriate implementation in Navigation. Reported by Luan Herrera (@lbherrera_) on 2018-09-03
[$500][882270] Low To be allocated: Inappropriate implementation in Navigation. Reported by Jesper van den Ende on 2018-09-09
[$500][890558] Low To be allocated: Insufficient policy enforcement in Navigation. Reported by Ryan Pickren (ryanpickren.com) on 2018-09-29
[$TBD][895885] Low To be allocated: Insufficient policy enforcement in URL Formatter. Reported by evi1m0 of Bilibili Security Team on 2018-10-16
This bug was fixed in Chrome 69, but was incorrectly omitted from the release notes at the time:
[$3000][853937] Medium To be allocated: Insufficient policy enforcement in Payments. Reported by Jun Kokatsu (@shhnjk) on 2018-06-18
[911706] Various fixes from internal audits, fuzzing and other initiatives
- Chrome
相关文章
资讯
- 7天前
讯飞智作超拟人数字人功能全面开放,开启全民定制新潮流
- 2周前
探索未来之路 激发AI创新 “天翼云·息壤杯”高校AI大赛北京区域赛开赛
- 2周前
亚马逊向Anthropic追加40亿美元投资 加速人工智能创新与应用
- 2周前
科大讯飞:拟推首期员工持股计划
- 3周前
彰显青年风采 传承科学家精神 中国科技青年风采荟在浙江温州举行
- 4周前
2024AI+研发数字(AiDD)峰会深圳站圆满收官!
- 1个月前
200余支队伍蓉城“百模论剑”,“人工智能+”全国性赛事报名倒计时3天
- 1个月前
三个老发明家献给盛世的礼物---“录味机”
- 1个月前
颠覆传统 新味十足 ——2024首届海南智能餐饮烹饪大赛成功举办
- 1个月前
首届中国智能锁科技创新大会:德施曼核心科技引领行业,发起科创基金
- 1个月前
ODC24 AI服务生态分论坛:全新智慧服务引擎 带动服务分发增长
- 1个月前
2024 OPPO开发者大会召开,以技术为基石共建AI智能体新生态
- 2个月前
中国移动发布“四驱两翼” 低空经济高质量发展能力体系
- 2个月前
品胜闪耀 GITEX Global 2024:国民 3C 品牌在中东迪拜的卓越之旅
- 2个月前
2024中国移动全球合作伙伴大会盛大启幕 政企领域前沿创新成果成为焦点
原创
荐读
-
5G+AR加持 晨星机器人掀起“智能化+人机交互”制造新趋势
2021世界制造业大会于11月22日在合肥落下帷幕。为期四天的大会中,作为向世界展示智能制造全面能力的窗口,联想展示了一系列让人惊喜的创新产品。现场展示的ThinkPad X1 Fold整体重量仅有1公斤,折叠起来之后的厚度大约为24毫米。当保持半开状态时,可以像拿本书一样握住,并且能同时运行两个应用程序。使用固定在中间的键盘之后,瞬间变...
-
智能手机竞争中失败,日本在联网汽车领域举步维艰
据外媒报道,在制造带有数字联网服务的汽车的竞争中,丰田汽车和日产汽车面临着被本土市场拖累的风险。与美国和欧洲的汽车消费者不同的是,日本消费者不愿意为这些联网功能和服务买单。结果就是:日本只有10%的汽车...
-
2020年河南省将推广应用3万台工业机器人
到2020年,推广应用3万台工业机器人,建设1000条智能生产线、300个智能车间、150个智能工厂……4月16日,在2018两岸智能装备制造郑州论坛上,河南省工信委发布了《2017年河南省智能制造白皮书》,河南智能制造的2020...