Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 58 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
[$7500][914497] Critical CVE-2019-5754: Inappropriate implementation in QUIC Networking. Reported by Klzgrad on 2018-12-12
[$N/A][906043] High CVE-2019-5782: Inappropriate implementation in V8. Reported by Qixun Zhao of Qihoo 360 Vulcan Team via Tianfu Cup on 2018-11-16
[$5000][913296] High CVE-2019-5755: Inappropriate implementation in V8. Reported by Jay Bosamiya on 2018-12-10
[$5000][895152] High CVE-2019-5756: Use after free in PDFium. Reported by Anonymous on 2018-10-14
[$3000][915469] High CVE-2019-5757: Type Confusion in SVG. Reported by Alexandru Pitis, Microsoft Browser Vulnerability Research on 2018-12-15
[$3000][913970] High CVE-2019-5758: Use after free in Blink. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-11
[$3000][912211] High CVE-2019-5759: Use after free in HTML select elements. Reported by Almog Benin on 2018-12-05
[$3000][912074] High CVE-2019-5760: Use after free in WebRTC. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-05
[$3000][904714] High CVE-2019-5761: Use after free in SwiftShader. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-11-13
[$3000][900552] High CVE-2019-5762: Use after free in PDFium. Reported by Anonymous on 2018-10-31
[$1000][914731] High CVE-2019-5763: Insufficient validation of untrusted input in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2018-12-13
[$1000][913246] High CVE-2019-5764: Use after free in WebRTC. Reported by Eyal Itkin from Check Point Software Technologies on 2018-12-09
[$N/A][922677] High: Use after free in FileAPI. Reported by Mark Brand of Google Project Zero on 2019-01-16
[$TBD][922627] High CVE-2019-5765: Insufficient policy enforcement in the browser. Reported by Sergey Toshin (@bagipro) on 2019-01-16
[$N/A][916080] High: Use after free in Mojo interface. Reported by Mark Brand of Google Project Zero on 2018-12-18
[$N/A][912947] High: Use after free in Payments. Reported by Mark Brand of Google Project Zero on 2018-12-07
[$N/A][912520] High: Use after free in Mojo interface. Reported by Mark Brand of Google Project Zero on 2018-12-06
[$N/A][899689] High CVE-2019-5785: Stack buffer overflow in Skia. Reported by Ivan Fratric of Google Project Zero on 2018-10-29
[$4000][907047] Medium CVE-2019-5766: Insufficient policy enforcement in Canvas. Reported by David Erceg on 2018-11-20
[$2000][902427] Medium CVE-2019-5767: Incorrect security UI in WebAPKs. Reported by Haoran Lu, Yifan Zhang, Luyi Xing, and Xiaojing Liao from Indiana University Bloomington on 2018-11-06
[$2000][805557] Medium CVE-2019-5768: Insufficient policy enforcement in DevTools. Reported by Rob Wu on 2018-01-24
[$1000][913975] Medium CVE-2019-5769: Insufficient validation of untrusted input in Blink. Reported by Guy Eshel on 2018-12-11
[$1000][908749] Medium CVE-2019-5770: Heap buffer overflow in WebGL. Reported by hemidallt@ on 2018-11-27
[$1000][904265] Medium CVE-2019-5771: Heap buffer overflow in SwiftShader. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-11-12
[$500][908292] Medium CVE-2019-5772: Use after free in PDFium. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-11-26
[$N/A][917668] Medium CVE-2019-5773: Insufficient data validation in IndexedDB. Reported by Yongke Wang of Tencent's Xuanwu Lab (xlab.tencent.com) on 2018-12-24
[$N/A][904182] Medium CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing. Reported by Junghwan Kang (ultract) and Juno Im on 2018-11-11
[$N/A][896722] Medium CVE-2019-5775: Insufficient policy enforcement in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-10-18
[$N/A][863663] Medium CVE-2019-5776: Insufficient policy enforcement in Omnibox. Reported by Lnyas Zhang on 2018-07-14
[$N/A][849421] Medium CVE-2019-5777: Insufficient policy enforcement in Omnibox. Reported by Khalil Zhani on 2018-06-04
[$500][918470] Low CVE-2019-5778: Insufficient policy enforcement in Extensions. Reported by David Erceg on 2019-01-02
[$500][904219] Low CVE-2019-5779: Insufficient policy enforcement in ServiceWorker. Reported by David Erceg on 2018-11-11
[$500][891697] Low CVE-2019-5780: Insufficient policy enforcement. Reported by Andreas Hegenberg (folivora.AI GmbH) on 2018-10-03
[$500][895081] Low CVE-2019-5783: Insufficient validation of untrusted input in DevTools. Reported by Shintaro Kobori on 2018-10-13
[$N/A][896725] Low CVE-2019-5781: Insufficient policy enforcement in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-10-18
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
As usual, our ongoing internal security work was responsible for a wide range of fixes:
- [926238] Various fixes from internal audits, fuzzing and other initiatives
Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
Thank you,
Abdul Syed
18 comments :
We have major issues when updating to chrome 72...
Images are not sized properly and performance are super bad on initial load?
It feels like rendering stopps untill all images are loaded?
F12 doesn't open the dev tools anymore :|
THis version is very buggy, unstable and slow.
takes 2-3 seconds to activate adressbar when clicked upon, eats 1000mb of ram, with no tabs open and no extension loaded.
Literaly not working.
/Kenneth
My AV, Comodo, tells me that Chrome.exe is trying to change me settings. I have declined, twice. I wish I knew what was going on. Just trust Google Chrome???
Charles Levy Oakland CA
We are having Major issue with RTCPeerConnectionIceEvent since browsers got updated to Chrome version 72.0.3626.81, seems not to be compatible. With With chrome prior version 71.0.3578.98 it worked fine.
updating to this 72 version then got black screen when streaming video on youtube.com
chrome://gpu
Log Messages
GpuProcessHostUIShim:
GpuProcessHostUIShim:
[4668:1384:0131/113912.602:ERROR:gles2_cmd_decoder.cc(15917)] : Context lost because SwapBuffers failed.
[4668:1384:0131/113912.602:ERROR:gles2_cmd_decoder.cc(5792)] : Error: 5 for Command kPostSubBufferCHROMIUM
[4668:1384:0131/113912.602:ERROR:gpu_channel_manager.cc(218)] : Exiting GPU process because some drivers cannot recover from problems.
GpuProcessHostUIShim: The GPU process exited normally. Everything is okay.
===========================================================================
Processor AMD A10-9600P
GPU0 VENDOR = 0x1002, DEVICE= 0x9874 *ACTIVE*
GPU1 VENDOR = 0x1002, DEVICE= 0x6900
Aw, this was an extremely good post.
صبا باتری
Crystal report and chrome print preview is not compatible anymore. Page unresponsive message appears in print preview of crystal report.
===================================
SVG ISSUE!!!!!!
===================================
I'm not sure if this has been done on purpose or not.
However the fact is that utf-8 encoded svg is not shown on browser since chrome 72 version updated on windows10, ubuntu 18.04, Mac.
I have already tested this for those 3 OS systems and 71 version chrome as well.
If there is any way to use utf-8 format. plz let me know.
If there is any reason for this issue. plz let me know as well.
There is an example below: same svg
from http://tutorials.jenkov.com/svg/simple-svg-example.html
[UTF-8]
data:image/svg+xml;utf-8,
[base64]
data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIj4gPHJlY3QgeD0iMTAiIHk9IjEwIiBoZWlnaHQ9IjEwMCIgd2lkdGg9IjEwMCIgc3R5bGU9InN0cm9rZTojZmYwMDAwOyBmaWxsOiAjMDAwMGZmIi8+IDwvc3ZnPg==
Can confirm the SVG UTF-8 issue.
Found more information as to why they may have removed it here: https://stackoverflow.com/questions/54453987/did-chrome-72-break-dataimage-svgxmlutf8-for-css-background-svgs
Clear browsing data hangs with latest version.
Steps
1) Browser through the day or couple of days
2) Clear browsing data and chrome browser hangs.
3) Restart chrome and then clear browsing works.
Google Chrome 72.0.3626.81 (Official Build) (64-bit)
Revision ac8b982e05014492d1bd7d317628a4f22a97ffa0-refs/branch-heads/3626@{#796}
OS Mac OS X
JavaScript V8 7.2.502.24
Flash 32.0.0.114 /Users/mjhanji/Library/Application Support/Google/Chrome/PepperFlash/32.0.0.114/PepperFlashPlayer.plugin
User Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.81 Safari/537.36
if you Uncheck "Use hardware acceleration when available" and have your browser in Fullscreen mode there is a lot of screen lag when you move other windows around.
Something like following screenshot
https://i.stack.imgur.com/BJGBH.png
When you enable hardware acceleration or do not have chrome in Fullscreen mode there is nog more screen lag.
new version cost much more cpu!!!!
Is there any known fix to the SVG issue. This has completely destroyed the formatting of SVG images in our navigation and caused the application to become nearly unusable.
There was a solution around # characters not encoding correctly in this response from Robert Longson
https://stackoverflow.com/questions/30676125/svg-as-data-uri-triggers-xml-parsing-error-in-firefox/30676203#30676203
However, this doesn't seem to be working in my case. Any ideas on how to work around this. Would be awesome if Google could publish some migration solutions when releasing a breaking change such as this.
This version is bringing my computer to a crawl, and I'm having the same issue as "mikeoke" earlier in the comments section. Would like a fix to this version ASAP.
Post a Comment