Google Chrome 28.0 Stable (28.0.1500.71) for Windows and Mac has been released. Release notes and download links of offline installers (Standalone installer) for Windows and Mac are given below.
Google Chrome is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier. Chrome offers lightning fast and safe browsing, private browsing, plugins to make browsing easier, sync with other devices to access your settings anywhere and more features. Chrome is an open source browser available for Windows, Linux, Mac, Chrome Frame, Android and iOS. Screen readers like Jaws and NVDA is accessible with Chrome.
Google Chrome is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier. Chrome offers lightning fast and safe browsing, private browsing, plugins to make browsing easier, sync with other devices to access your settings anywhere and more features. Chrome is an open source browser available for Windows, Linux, Mac, Chrome Frame, Android and iOS. Screen readers like Jaws and NVDA is accessible with Chrome.
Security Fixes:
- [$21,500] A special reward for Andrey Labunets for his combination of CVE-2013-2879 and CVE-2013-2868 along with some (since fixed) server-side bugs.
- Block pop-unders in various scenarios.
- Confusion setting up sign-in and sync. Credit to Andrey Labunets.
- Incorrect sync of NPAPI extension component. Credit to Andrey Labunets.
- Out-of-bounds read in JPEG2000 handling. Credit to Felix Groebert of Google Security Team.
- Use-after-free with network sockets. Credit to Collin Payne.
- Man-in-the-middle attack against HTTP in SSL. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco at INRIA
Paris. - Use-after-free in input handling. Credit to miaubiz.
- Mac only: Possible lack of entropy in renderers. Credit to Eric Rescorla.
- Use-after-free in resource loading. Credit to miaubiz.
- Windows + NVIDIA only: Screen data leak with GL textures. Credit to “danguafer”.
- Out-of-bounds-read in SVG. Credit to miaubiz.
- Extensions permissions confusion with interstitials. Credit to Dev Akhawe.
- Out-of-bounds read in XML parsing. Credit to Aki Helin of OUSPG.
- None: Remove the “viewsource” attribute on iframes. Credit to Collin Jackson.
- Out-of-bounds read in text handling. Credit to Atte Kettunen of OUSPG.
- Various fixes from internal audits, fuzzing and other initiatives (Chrome 28).
No comments:
Post a Comment