Chrome, Sammelthema für alle Chrome Versionen Einstellungen

[KasperskyFreaky]

Neue Version is draussn : Google Chrome 17.0.963.46

[73478] Low CVE-2011-3953: Avoid clipboard monitoring after paste event. Credit to Daniel Cheng of the Chromium development community.
[92550] Low CVE-2011-3954: Crash with excessive database usage. Credit to Collin Payne.
[93106] High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit to David Grogan of the Chromium development community.
[103630] Low CVE-2011-3956: Incorrect handling of sandboxed origins inside extensions. Credit to Devdatta Akhawe, UC Berkeley.
[$1000] [104056] High CVE-2011-3957: Use-after-free in PDF garbage collection. Credit to Aki Helin of OUSPG.
[$2000] [105459] High CVE-2011-3958: Bad casts with column spans. Credit to miaubiz.
[$1000] [106441] High CVE-2011-3959: Buffer overflow in locale handling. Credit to Aki Helin of OUSPG.
[$500] [108416] Medium CVE-2011-3960: Out-of-bounds read in audio decoding. Credit to Aki Helin of OUSPG.
[$1000] [108871] Critical CVE-2011-3961: Race condition after crash of utility process. Credit to Shawn Goertzen.
[$500] [108901] Medium CVE-2011-3962: Out-of-bounds read in path clipping. Credit to Aki Helin of OUSPG.
[109094] Medium CVE-2011-3963: Out-of-bounds read in PDF fax image handling. Credit to Atte Kettunen of OUSPG.
[109245] Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to Code Audit Labs of VulnHunt.com.
[109664] Low CVE-2011-3965: Crash in signature check. Credit to Sławomir Błażek.
[$1000] [109716] High CVE-2011-3966: Use-after-free in stylesheet error handling. Credit to Aki Helin of OUSPG.
[109717] Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben Carrillo.
[$1000] [109743] High CVE-2011-3968: Use-after-free in CSS handling. Credit to Arthur Gerkis.
[$1000] [110112] High CVE-2011-3969: Use-after-free in SVG layout. Credit to Arthur Gerkis.
[$500] [110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to Aki Helin of OUSPG.
[$1000] [110374] High CVE-2011-3971: Use-after-free with mousemove events. Credit to Arthur Gerkis.
[110559] Medium CVE-2011-3972: Out-of-bounds read in shader translator. Credit to Google Chrome Security Team (Inferno).

Klick

Gruß

Der Beitrag wurde von KasperskyFreaky bearbeitet: 08.02.2012, 21:57

[KasperskyFreaky]

Neue Version : Google Chrome 17.0.963.56

[105803] High CVE-2011-3015: Integer overflows in PDF codecs. Credit to Google Chrome Security Team (scarybeasts).
[$500] [106336] Medium CVE-2011-3016: Read-after-free with counter nodes. Credit to miaubiz.
[$1000] [108695] High CVE-2011-3017: Possible use-after-free in database handling. Credit to miaubiz.
[$1000] [110172] High CVE-2011-3018: Heap overflow in path rendering. Credit to Aki Helin of OUSPG.
[110849] High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit to Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk of the Google Security Team.
[111575] Medium CVE-2011-3020: Native client validator error. Credit to Nick Bray of the Chromium development community.
[$1000] [111779] High CVE-2011-3021: Use-after-free in subframe loading. Credit to Arthur Gerkis.
[112236] Medium CVE-2011-3022: Inappropriate use of http for translation script. Credit to Google Chrome Security Team (Jorge Obes).
[$500] [112259] Medium CVE-2011-3023: Use-after-free with drag and drop. Credit to pa_kt.
[112451] Low CVE-2011-3024: Browser crash with empty x509 certificate. Credit to chrometot.
[$500] [112670] Medium CVE-2011-3025: Out-of-bounds read in h.264 parsing. Credit to Sławomir Błażek.
[$1337] [112822] High CVE-2011-3026: Integer overflow / truncation in libpng. Credit to Jüri Aedla.
[$1000] [112847] High CVE-2011-3027: Bad cast in column handling.

Klick

[Tiranon]

Neue Version Google Chrome: 17.0.963.66

Cursors and backgrounds sometimes do not load (bug 111218)
Plugins not loading on some pages (bug 108228)
Text paste includes trailing spaces (bug 106551)
Websites using touch controls break (bug 110332)

[$1000] [105867] High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit to Chamal de Silva.
[$1000] [108037] High CVE-2011-3032: Use-after-free in SVG value handling. Credit to Arthur Gerkis.
[$2000] [108406] [115471] High CVE-2011-3033: Buffer overflow in the Skia drawing library. Credit to Aki Helin of OUSPG.
[$1000] [111748] High CVE-2011-3034: Use-after-free in SVG document handling. Credit to Arthur Gerkis.
[$2000] [112212] High CVE-2011-3035: Use-after-free in SVG use handling. Credit to Arthur Gerkis.
[$1000] [113258] High CVE-2011-3036: Bad cast in line box handling. Credit to miaubiz.
[$3000] [113439] [114924] [115028] High CVE-2011-3037: Bad casts in anonymous block splitting. Credit to miaubiz.
[$1000] [113497] High CVE-2011-3038: Use-after-free in multi-column handling. Credit to miaubiz.
[$1000] [113707] High CVE-2011-3039: Use-after-free in quote handling. Credit to miaubiz.
[$500] [114054] Medium CVE-2011-3040: Out-of-bounds read in text handling. Credit to miaubiz.
[$1000] [114068] High CVE-2011-3041: Use-after-free in class attribute handling. Credit to miaubiz.
[$1000] [114219] High CVE-2011-3042: Use-after-free in table section handling. Credit to miaubiz.
[$1000] [115681] High CVE-2011-3043: Use-after-free in flexbox with floats. Credit to miaubiz.
[$1000] [116093] High CVE-2011-3044: Use-after-free with SVG animation elements. Credit to Arthur Gerkis.

PLUS "Problem im DOM" behoben

[Tiranon]

Es gibt wieder eine neue Google Chrome Version! Die neue version lautet 17.0.963.83. Sie behebt Probleme mit Flash-Spielen und spielt einige Sicherheits-Hotfixes ein.

Some of the items listed below represent the start of hardening measures based on study of the exploits submitted to the Pwnium competition.

[$1000] [113902] High CVE-2011-3050: Use-after-free with first-letter handling. Credit to miaubiz.
[116162] High CVE-2011-3045: libpng integer issue from upstream. Credit to Glenn Randers-Pehrson of the libpng project.
[$1000] [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling. Credit to Arthur Gerkis.
[116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling. Credit to Ben Vanik of Google.
[$1000] [116746] High CVE-2011-3053: Use-after-free in block splitting. Credit to miaubiz.
[117418] Low CVE-2011-3054: Apply additional isolations to webui privileges. Credit to Sergey Glazunov.
[117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked extension installation. Credit to PinkiePie.
[$2000] [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”. Credit to Sergey Glazunov.
[$500] [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian Holler.

Also, this single low severity issue was fixed in a previous patch but we forgot to issue proper credit:

[108648] Low CVE-2011-3049: Extension web request API can interfere with system requests. Credit to Michael Gundlach.

[KasperskyFreaky]

Neue Version: 18.0.1025.142

[$500] [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in EUC-JP. Credit to Masato Kinugawa.
[$500] [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling. Credit to Arthur Gerkis.
[$500] [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment handling. Credit to miaubiz.
[116398] Medium CVE-2011-3061: SPDY proxy certificate checking error. Credit to Leonidas Kontothanassis of Google.
[116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to Mateusz Jurczyk of the Google Security Team.
[117417] Low CVE-2011-3063: Validate navigation requests from the renderer more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie and scarybeasts (Google Chrome Security Team).
[$1000] [117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to Atte Kettunen of OUSPG.
[$1000] [117588] High CVE-2011-3065: Memory corruption in Skia. Credit to Omair.
[$500] [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian Holler.

Gruß

[Tiranon]

Es gibt ein neues Update bei Google Chrome 18.0.1025.152!

[Denny]

Mittlerweile die 18.0.1025.162 ^^

[Deluxe]

Wird wohl nochmal was kommen, denn eine neue Version vom Flash Player ist erschienen.

[Xeon]

Mittlerweile die 18.0.1025.162 ^^

Mit der Version habe ich (immer wieder mal) ein Problem bei Youtube, wenn ich mir dort ein Video anschaue dauert es eine Zeit dann unterbricht mein Router die Verbindung.
Das ist reproduzierbar, mit der aktuellen Firefox Version habe ich hier kein Problem, alles läuft stabil.

Der Beitrag wurde von Xeon bearbeitet: 15.04.2012, 12:21

[Herbert der PC-L...]

Hallo,

als ganz normaler User verfüge ich über einen intakten „Internet Explorer 9“ und über einen intakten „Firefox 12.0“ und bin - immer noch - felsenfest davon überzeugt, dass ich mit 2. Browser doch recht gut versorgt - oder vielleicht doch schon überversorgt - bin. Ich bin kein „Spieler“ und „Musik“ oder gar „Filme“ lade ich schon gar nicht herunter.

Frage:
Wozu benötige ich dann noch einen 3. Browser?

Gruß
Herbert

[Gast_J4U_*]

Wozu benötige ich dann noch einen 3. Browser?

Wenn Du das nicht weißt....

[Herbert der PC-L...]

Hallo,

zwecks „Entscheidungsfindung“ benötige ich eine sachliche- und konkrete Antwort auf meine Frage.

Gruß
Herbert

[Gast_J4U_*]

Das ist sachlich und konkret.
Woher soll hier irgend jemand wissen, ob Du 1, 2, 3 oder was weiß ich wie viele Brauser benötigst.
Mir reicht einer.

[Hexo]

Jeder Browser hat seine vor und Nachteile.
Es gibt neben den zwei von Dir verwendeten Browser noch viele weitere.

Chrome z.b. besticht mit einer sehr guten Performance, einer vermeindlich hohen Sicherheit und sehr guten Stabilität.
Sicherheitslücken werden SEHR schnell beseitigt usw.

Welchen Browser jemand verwendet.... ist geschmacksache
[Sarkasmus on]
Warum gibt es verschiedene Betriebssysteme? Warum gibt es verschiedene Autos? Warum gibt es verschiedene Player?
Warum gibt es überhaupt Konkurrenz :-)
[Sarkasmus off]

[Herbert der PC-L...]

Hallo J4U,

na, das ist doch eine „unmissverständliche“ Antwort auf meine Frage. Danke.

Gruß
Herbert

[Gast_J4U_*]

Ist im übrigen der Opera. Klar hab ich auch den IE auf dem Rechner, allerdings verwende ich den (nahezu) nie.
Mit dem Mix aus IE und FF solltest Du bestens aufgestellt sein.

J4U

[Hexo]

Chrome ist seid heute in der Version 19 Verfügbar.
Neu in dieser Version ist, dass man offene Tabs Synchronisieren kann.
Mehr dazu: http://chrome.blogspot.de/2012/05/keeping-...-your-tabs.html
Es wurden auch diverse Sicherheitslücken geschlossen.

Security fixes and rewards:

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
[112983] Low CVE-2011-3083: Browser crash with video + FTP. Credit to Aki Helin of OUSPG.
[113496] Low CVE-2011-3084: Load links from internal pages in their own process. Credit to Brett Wilson of the Chromium development community.
[118374] Medium CVE-2011-3085: UI corruption with long autofilled values. Credit to “psaldorn”.
[$1000] [118642] High CVE-2011-3086: Use-after-free with style element. Credit to Arthur Gerkis.
[118664] Low CVE-2011-3087: Incorrect window navigation. Credit to Charlie Reis of the Chromium development community.
[$500] [120648] Medium CVE-2011-3088: Out-of-bounds read in hairline drawing. Credit to Aki Helin of OUSPG.
[$1000] [120711] High CVE-2011-3089: Use-after-free in table handling. Credit to miaubiz.
[$500] [121223] Medium CVE-2011-3090: Race condition with workers. Credit to Arthur Gerkis.
[121734] High CVE-2011-3091: Use-after-free with indexed DB. Credit to Google Chrome Security Team (Inferno).
[$1000] [122337] High CVE-2011-3092: Invalid write in v8 regex. Credit to Christian Holler.
[$500] [122585] Medium CVE-2011-3093: Out-of-bounds read in glyph handling. Credit to miaubiz.
[122586] Medium CVE-2011-3094: Out-of-bounds read in Tibetan handling. Credit to miaubiz.
[$1000] [123481] High CVE-2011-3095: Out-of-bounds write in OGG container. Credit to Hannu Heikkinen.
[Linux only] [123530] Low CVE-2011-3096: Use-after-free in GTK omnibox handling. Credit to Arthur Gerkis.
[123733] [124182] High CVE-2011-3097: Out-of-bounds write in sampled functions with PDF. Credit to Kostya Serebryany of Google and Evgeniy Stepanov of Google.
[Windows only] [124216] Low CVE-2011-3098: Bad search path for Windows Media Player plug-in. Credit to Haifei Li of Microsoft and MSVR (MSVR:159).
[124479] High CVE-2011-3099: Use-after-free in PDF with corrupt font encoding name. Credit to Mateusz Jurczyk of Google Security Team and Gynvael Coldwind of Google Security Team.
[124652] Medium CVE-2011-3100: Out-of-bounds read drawing dash paths. Credit to Google Chrome Security Team (Inferno).

[Snoggi]

Was mir noch schmerzlich an Chrome fehlt, ist ein Addon a la "FlashGot" bei Firefox, mit dem man Medien einer Webseite laden kann.
Und ja ... es geht um Youtube

[Deluxe]

Chrome 21 kam grad rein mit einer Flash Player Version 11,3,31,222 ..

Aber warum wird dabei eine alte Version vom Flash Player installiert?

[Deluxe]

Könnte das etwa die angekündigte Pepper Flash-Version sein?