Thursday, October 10, 2019

Stable Channel Update for Desktop

The Stable channel has been updated to 77.0.3865.120 for Windows, Mac, and Linux. This will roll out over the coming days/weeks. A list of all changes is available in the log.



Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 8 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$20500][1005753] High CVE-2019-13693: Use-after-free in IndexedDB.
Reported by Guang Gong of Alpha Team, Qihoo 360 on 2019-09-19
[$TBD][1005251] High CVE-2019-13694: Use-after-free in WebRTC.
Reported by banananapenguin on 2019-09-18
[$15000][1004730] High CVE-2019-13695: Use-after-free in audio.
Reported by Man Yue Mo of Semmle Security Research Team on 2019-09-17
[$7500][1000635] High CVE-2019-13696: Use-after-free in V8.
Reported by Guang Gong of Alpha Team, Qihoo 360 on 2019-09-04

[$2000][990849] High CVE-2019-13697: Cross-origin size leak.
Reported by Luan Herrera @lbherrera_ on 2019-08-05

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the Stable channel.

As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1011875] Various fixes from internal audits, fuzzing and other initiatives



Interested in switching release channels?  Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.


Lakshmana Pamarthy
Google Chrome

Labels: ,

6 Comments:

Blogger fluo said...

Agencia de Marketing Digital em São Paulo SP, desenvolvemos todo marketing digital para sua empresa, SEO, Links Patrocinados, Mídias Sociais, Agencia de Marketing Digital Sp

Agencia de Marketing Digital em São Paulo SP, desenvolvemos todo marketing digital para sua empresa, SEO, Links Patrocinados, Mídias Sociais, Agencia de Marketing Digital Sp

4:51 PM, October 11, 2019  
Blogger raphaelbm said...

The above entry from "fluo said..." is blatant advertising and not relevant to the the conversation. Stop it. Kindly remove it...

See guidelines:
"You are welcome to contribute comments, but they should be relevant to the conversation. We reserve the right to remove off-topic remarks in the interest of keeping the conversation focused and engaging. Shameless self-promotion is well, shameless, and will get canned."

8:36 AM, October 12, 2019  
Blogger katmv said...

Re: Alerts from CISA - Google Chrome Security Updates
Does Google Chrome apply these updates automatically in the background?
How does user confirm updates applied?

2:00 PM, October 13, 2019  
Blogger raphaelbm said...

This comment has been removed by the author.

1:53 AM, October 14, 2019  
Blogger raphaelbm said...

All fixes are in the log (see the link above). It helps to have the bug reference number.

For example: I have an interest in bug:
"Issue 1005747: Dragend event fires before Drop Event"

Searching the log for 1005747 reveals that this bug is in the release and FIXED. It is for the owner/developer of the bug to verify the fix in this stable update.
Hope that helps.

8:32 AM, October 14, 2019  
Blogger exametoxicologicos said...

Empresa de Segurança:MultiSafe Empresa de Monitoramento - Alarmes - Alarmes residenciais Monitoramento e Segurança Eletrônica

1:49 PM, October 14, 2019  

Post a Comment

Subscribe to Post Comments [Atom]

<< Home