Google Chrome (32-bit) 歷史版本列表
更新時間:2019-05-01
更新細節:
更新時間:2019-05-01
更新細節:
What's new in this version:
Cygwin 3.0.7 (64-bit)
- Change log not available for this version
Cygwin 3.0.6 (64-bit)
- Change log not available for this version
Cygwin 3.0.5 (64-bit)
- Fix /proc/version after uname change
- Addresses: https://cygwin.com/ml/cygwin/2019-03/msg00467.html
- Fix a crash in wcsxfrm_l if destination size is 0.
- Addresses: https://cygwin.com/ml/cygwin/2019-03/msg00492.html
- Fix a problem in process enumeration which led to `ps -W' showing Cygwin processes twice and potentially with incorrect Windows PID. Addresses: Report on IRC
Cygwin 3.0.3 (64-bit)
- Change log not available for this version
Cygwin 3.0.1 (64-bit)
New:
- New API: secure_getenv
Bug Fixes:
- Relax fork child permissions to avoid a potential fork failure
- Fix Command-line argument handling of kill(1) in terms of negative PID. Addresses: report on IRC
- Fix an accidentally introduced O_TEXT handling of pipes inherited from native Windows processes
- Re-enable creating user token from scratch in seteuid to allow user context switch on old systems not supporting MsV1_0S4ULogon
Cygwin 2.10.0 (64-bit)
New:
- New open(2) flags O_TMPFILE and O_NOATIME
- scanf/wscanf now handle the POSIX %m modifier
- scanf now handles the %l[ conversion
- Improved hostprogs compatibility for cross-compiling the Linux kernel
- New headers: <asm/bitsperlong.h>, <asm/posix_types.h>
- Built-in implementation of Stack Smashing Protection compiler feature
- New APIs: __stack_chk_fail, __stack_chk_guard
- Built-in implementation of POSIX.1-2001 message catalog support
- New APIs: catclose, catgets, catopen. New tool: gencat
- New APIs: sigtimedwait, wmempcpy
What changed:
- Standard headers no longer use macros to support K&R C
- confstr(3) and getconf(1) accept LFS_CFLAGS, LFS_LDFLAGS, etc
- The __always_inline and __nonnull macros in <sys/cdefs.h> are now compatible with glibc
- Feature Test Macros improvements in <fcntl.h>, <limits.h>, <netdb.h>, <strings.h>, and <unistd.h>
Bug Fixes:
- Fix a problem in unlink on NFS
- Addresses: Shows up in GAWK testsuite test "testext"
- Fix errno setting bug in posix_fadvise and posix_fallocate
- Fix two bugs in the limit of large numbers of sockets
- Fix a fork failure with private anonymous mmaps
- Remove a call to fflush from ftell{o}, which may result in wrong offsets
- Fix file pointer computation after short writes on block devices
更新時間:2019-04-24
更新細節:
更新時間:2019-04-24
更新細節:
What's new in this version:
vMix 22.0.0.56
- Added "preview" overlay flag to vMix XML API to identify the difference between an overlay displayed on the output vs preview
- Fixed WAV file recording not working when using new vMix AVI format
- Fixed large preview window showing up as blank when resetting camera input
- Fixed error when using Replay on inputs that disconnect/reconnect often
- Fixed Adobe Premiere import issue with vMix AVI when recording cameras without audio
vMix 22.0.0.54
- GT: Added Blink Continuous transition
- GT: Added Square/Rounded option for rectangle Stroke borders
- GT: Fixed issue where custom image in a preset did not always override the template image
- Added support for plug and play MIDI and X-Keys devices while vMix is still running. (Important note: this will not resolve issues where devices are disconnecting on their own, in these cases, this indicates a system fault that is outside of our control)
- Added additional caching in vMix Social to help with long photo download times on Facebook servers
- Updated Twitch streaming quality presets based on recommendations from Twitch team
- Added "Auto" thread setting in streaming quality, which will select the optimal number of threads to use on high-core machines. Not applicable to hardware encoding
vMix 22.0.0.52
- Fixed issue with Restart not working correctly with GT Tickers
- Fixed issue where some YouTube accounts reports duplicate Stream Now streams, causing an error in vMix
vMix 22.0.0.51
- Fix when starting overlay of GT templates that have had all animations removed
- GT animations will now only automatically trigger if autoplay/autopause are enabled
- Renamed Flash / RTMP input to Flash, as it is recommended to use Stream VLC input instead for RTMP
- Fixed stutter in VLC RTMP playback if frame rate is misreported by server
- Fixed Mark Out for some video formats occurring too early on some video formats
- Updated The Extreme scoreboard to work correctly when using countdown in clock fields
vMix 22.0.0.50
- VMix Social updated Facebook source to now show a dropdown box of all pages an account has access to. Previously a box was provided to type in a page name which may have caused confusion due to Facebook security policies of only allowing admin access to pages
- X-keys XKE-40 support added
- Fixed Live Pause not working on Desktop Capture input on some systems
- Fixed padding issue with VLC input when bringing in RTMP 1080p sources
- List input now provides better performance when using images
- Display -> Outputs dropdowns support up to 300 inputs
- Fixed issue with MultiCorder activator
- Fixed issue where Vimeo streaming destination did not show any streams when over 200 videos were in an account
vMix 22.0.0.49
- Virtual PTZ behaviour is now more consistent with a physical PTZ including edges of the frame being cropped out when used with MultiView and Overlays
- Added checkbox in PTZ settings to have PTZ thumbnails always displayed on input previews even while moving
- Fixed Audio Settings button displaying error if already open
- Fixed some Facebook pages/groups not showing up if user has a very large number on their account (> ~30)
- Facebook destination will now stop the stream on Facebook just prior to stopping in vMix, previously vMix would be stopped first which
depending on the processing time on Facebook may lead to a "stream has been interrupted" message on Facebook instead of an ended notice
- Fixed scrolling issue in input and mixer sections on some systems
- Improved sync on MP4 video playback
- Fixed Web Browser input audio not working on some systems
- Fixed typo in Scoreboard 3- Lineup 11 template leading to inconsistent data source auto assignment
vMix 22.0.0.48
GT - Easy to use, high-performance, animated graphics:
- Over 100+ animated title, scoreboard, ticker and social templates to choose from in HD and 4K
- Four way ticker support: create custom tickers with top, bottom, left or right scroll directions
- GT Designer Standard allows creating custom static titles and animated tickers in all vMix edition
- GT Designer Advanced allows creating custom animated titles along with the ability to import from Adobe Photoshop PSD files
- Spell check support added to built in vMix Title Editor
- New Clock dropdown box in Title Editor provides built in presets to add common clock formats to a title
MultiCorder (4K and Pro editions):
- Added support for recording Video Call sources in addition to Output1-4
- Individual MultiCorder settings can be saved in each preset
VMix Video Codec:
- High quality, fault tolerant, low CPU codec suitable for post production editing on Windows
- ProRes-like codec with support for Adobe Premiere, Magix Vegas Pro and most other Windows video editing programs
- Supported in both the Recorder and MultiCorder
Virtual PTZ (4K and Pro editions):
- Turns any input into a Virtual PZ camera with high quality, customisable digital zoom
Live Pause:
- Live Pause (Freeze Frame) Camera, NDI and Desktop Capture inputs by clicking the pause icon under the input
Outputs:
- New MultiView Output layout options
- Set the title bar either above or below the MultiView Output video previews
- Customise Preview/Output headings between fixed text and input names
NDI:
- Updated NDI support to latest 3.8 SDK
- Included vMix NDI Config tool allows toggling between UDP and TCP transmission to allow optimising performance based on network requirements
Shortcuts:
- SnapshotInput
- SetTickerSpeed
- TitleBeginAnimation
- LivePlayPause
Controllers:
- Stream Deck and Stream Deck mini support. Add the vMix plugin from the Stream Deck App store. Set buttons to live thumbnail previews via shortcuts, or colours via activators
- Joystick Z axis support
- Joystick pressure sensitive support. Allows variable speed pan/title/zoom on supports PTZ cameras including the new Virtual PTZ
- X-Keys HD15 GPIO support added
Devices:
- Support for AJA Kona 5
Other:
- New GPU memory % indicator in status bar. This refers to special memory shared between the CPU and GPU and can be used to identify potential performance problems when using a large number of inputs
- Vimeo streaming provider now supports selecting a previous setup event to stream to
- SlideShow Properties window (for Photos and PowerPoint inputs) can now be resized. Rearranged image orders is now saved in the vMix preset
- New Copy From button in Input Settings can be used to copy Triggers, MultiView and Colour Correction between inputs
- New cog buttons on Preview and Output to open up associated Input Settings
- Added ability to solo Bus A or Bus B through Headphones output. Click the [S] button in the Bus mixer to toggle on/off
- Added support for resizable VST3 plugins
vMix 22.0.0.47
GT - Easy to use, high-performance, animated graphics:
- Over 100+ animated title, scoreboard, ticker and social templates to choose from in HD and 4K
- Four way ticker support: create custom tickers with top, bottom, left or right scroll directions
- GT Designer Standard allows creating custom static titles and animated tickers in all vMix edition
- GT Designer Advanced allows creating custom animated titles along with the ability to import from Adobe Photoshop PSD files
- Spell check support added to built in vMix Title Editor
- New Clock dropdown box in Title Editor provides built in presets to add common clock formats to a title
MultiCorder (4K and Pro editions):
- Added support for recording Video Call sources in addition to Output1-4
- Individual MultiCorder settings can be saved in each preset
vMix Video Codec:
High quality, fault tolerant, low CPU codec suitable for post production editing on Windows.:
- ProRes-like codec with support for Adobe Premiere, Magix Vegas Pro and most other Windows video editing programs
- Supported in both the Recorder and MultiCorder
- Virtual PTZ (4K and Pro editions)
- Turns any input into a Virtual PZ camera with high quality, customisable digital zoom
Live Pause:
- Live Pause (Freeze Frame) Camera, NDI and Desktop Capture inputs by clicking the pause icon under the input
Outputs:
- New MultiView Output layout options
- Set the title bar either above or below the MultiView Output video previews
- Customise Preview/Output headings between fixed text and input names
NDI:
- Updated NDI support to latest 3.8 SDK
- Included vMix NDI Config tool allows toggling between UDP and TCP transmission to allow optimising performance based on network requirements.
- Shortcuts
- SnapshotInput
- SetTickerSpeed
- TitleBeginAnimation
- LivePlayPause
- Controllers
- Stream Deck and Stream Deck mini support. Add the vMix plugin from the Stream Deck App store. Set buttons to live thumbnail previews via shortcuts, or colours via activators.
- Joystick Z axis support
- Joystick pressure sensitive support. Allows variable speed pan/title/zoom on supports PTZ cameras including the new Virtual PTZ.
- X-Keys HD15 GPIO support added
Devices:
- Support for AJA Kona 5
Other:
- New GPU memory % indicator in status bar. This refers to special memory shared between the CPU and GPU and can be used to identify potential performance problems when using a large number of inputs
- Vimeo streaming provider now supports selecting a previous setup event to stream to
- SlideShow Properties window (for Photos and PowerPoint inputs) can now be resized. Rearranged image orders is now saved in the vMix preset
- New Copy From button in Input Settings can be used to copy Triggers, MultiView and Colour Correction between inputs
- New cog buttons on Preview and Output to open up associated Input Settings
- Added ability to solo Bus A or Bus B through Headphones output. Click the [S] button in the Bus mixer to toggle on/off
- Added support for resizable VST3 plugins
更新時間:2019-03-20
更新細節:
What's new in this version:
Google Chrome 73.0.3683.86 (32-bit)
- Change log not available for this version
Google Chrome 73.0.3683.75 (32-bit)
- Change log not available for this version
Google Chrome 72.0.3626.121 (32-bit)
- Change log not available for this version
Google Chrome 72.0.3626.119 (32-bit)
- Publish DEPS for 72.0.3626.119 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.119 by chrome-release-bot
- Fix webrequest.onAuthRequired not getting fired with network service in incognito windows. by John Abd-El-Malek
- Incrementing VERSION to 72.0.3626.118 by chrome-release-bot
- Stop using default_factory for AppCache and reduce RBPI::CreateDefaultURLLoaderFactoryBundle usage by Kinuko Yasuda
- Incrementing VERSION to 72.0.3626.117 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.116 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.115 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.114 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.113 by chrome-release-bot
- [Direct Land on 72 / Cowboy] Omnibox - Add missing include headers. by Tommy C. Li
- Revert "Restrict disable_discard_framebuffer to only Mali on ChromeOS" by Kristian H. Kristensen
- Revert "[iOS] Mitigate timing issues with Safe Browsing test." by Kurt Horimoto
- [Merge M72] Revert "Fix OEM app position issue" by Yury Khmel
- Incrementing VERSION to 72.0.3626.112 by chrome-release-bot
- [Merge 72] Omnibox: Add back vertical margin field trial by Tommy C. Li
- [Merge 72] Omnibox: Add back kUIExperimentShowSuggestionFavicons flag by Tommy C. Li
- [iOS] Mitigate timing issues with Safe Browsing test. by Kurt Horimoto
- Incrementing VERSION to 72.0.3626.111 by chrome-release-bo
- Incrementing VERSION to 72.0.3626.110 by chrome-release-bot
Google Chrome 72.0.3626.109 (32-bit)
- Publish DEPS for 72.0.3626.109 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.109 by chrome-release-bot
- Add a ForceNetworkInProcess policy to force networking to run in the browser process
- Incrementing VERSION to 72.0.3626.108 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.107 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.106 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.105 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.104 by chrome-release-bot
- Add target-sdk quirk for encoding '#'s in loadData
- Do not post task to IO when updating WebViewRendererState
- Incrementing VERSION to 72.0.3626.103 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.102 by chrome-release-bot
- cros: Fix mismatched enum values in mojo/js by Jacob Dufault
- Incrementing VERSION to 72.0.3626.101 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.100 by chrome-release-bot
- [ios] Correct cherry pick for crrev.com/c/1457473
- [ios] Don't load external URLs on the NTP if the NTP hasn't committed
- [ios] Prevent taps in the NTP if the underlying NTP hasn't committed
- Incrementing VERSION to 72.0.3626.99 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.98 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.97 by chrome-release-bot
- [Merge to M-72] Fix external displays switching to mirror mode unexpectedly
Google Chrome 72.0.3626.96 (32-bit)
- Change log not available for this version
Google Chrome 72.0.3626.81 (32-bit)
Security fixes:
- Critical CVE-2019-5754: Inappropriate implementation in QUIC Networking
- High CVE-2019-5782: Inappropriate implementation in V8
- High CVE-2019-5755: Inappropriate implementation in V8
- High CVE-2019-5756: Use after free in PDFium
- High CVE-2019-5757: Type Confusion in SVG
- High CVE-2019-5758: Use after free in Blink
- High CVE-2019-5759: Use after free in HTML select elements
- High CVE-2019-5760: Use after free in WebRTC
- High CVE-2019-5761: Use after free in SwiftShader
- High CVE-2019-5762: Use after free in PDFium
- High CVE-2019-5763: Insufficient validation of untrusted input in V8
- High CVE-2019-5764: Use after free in WebRTC
- High: Use after free in FileAPI
- High CVE-2019-5765: Insufficient policy enforcement in the browser
- High: Use after free in Mojo interface
- High: Use after free in Payments
- High: Use after free in Mojo interface
- High: Stack buffer overflow in Skia
- Medium CVE-2019-5766: Insufficient policy enforcement in Canvas
- Medium CVE-2019-5767: Incorrect security UI in WebAPKs
- Medium CVE-2019-5768: Insufficient policy enforcement in DevTools
- Medium CVE-2019-5769: Insufficient validation of untrusted input in Blink
- Medium CVE-2019-5770: Heap buffer overflow in WebGL
- Medium CVE-2019-5771: Heap buffer overflow in SwiftShader
- Medium CVE-2019-5772: Use after free in PDFium
- Medium CVE-2019-5773: Insufficient data validation in IndexedDB
- Medium CVE-2019-5775: Insufficient policy enforcement in Omnibox
- Medium CVE-2019-5776: Insufficient policy enforcement in Omnibox
- Medium CVE-2019-5777: Insufficient policy enforcement in Omnibox
- Low CVE-2019-5778: Insufficient policy enforcement in Extensions
- Low CVE-2019-5779: Insufficient policy enforcement in ServiceWorker
- Low CVE-2019-5780: Insufficient policy enforcement
- Low CVE-2019-5781: Insufficient policy enforcement in Omnibox
- We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel
Google Chrome 71.0.3578.98 (32-bit)
- Change log not available for this version
Google Chrome 71.0.3578.80 (32-bit)
Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- Out of bounds write in V8
- Use after frees in PDFium
- Heap buffer overflow in Skia
- Use after free in PDFium
- Use after free in Blink
- Heap buffer overflow in Canvas
- Use after free in WebAudio
- Use after free in MediaRecorder
- Heap buffer overflow in Blink
- Out of bounds write in V8
- Use after free in Skia
- Inappropriate implementation in Extensions
- Multiple issues in SQLite via WebSQL
- Inappropriate implementation in Site Isolation
- Incorrect security UI in Blink
- Inappropriate implementation in Navigation
- Inappropriate implementation in Omnibox
- Insufficient policy enforcement in Blink
- Insufficient policy enforcement in Blink
- Insufficient policy enforcement in Navigation
- Inappropriate implementation in Media
- Inappropriate implementation in Network Authentication
- Insufficient data validation in Shell Integration
- Insufficient policy enforcement in URL Formatter
- Use after free in Skia
- Insufficient policy enforcement in URL Formatter
- Insufficient policy enforcement in Proxy
- Out of bounds read in V8
- Inappropriate implementation in PDFium
- Use after free in Extensions
- Inappropriate implementation in Navigation
- Inappropriate implementation in Navigation
- Insufficient policy enforcement in Navigation
- Insufficient policy enforcement in URL Formatter
This bug was fixed in Chrome 69, but was incorrectly omitted from the release notes at the time:
- Medium To be allocated: Insufficient policy enforcement in Payments
Google Chrome 70.0.3538.110 (32-bit)
- Change log not available for this version
Google Chrome 70.0.3538.102 (32-bit)
- Change log not available for this version
Google Chrome 70.0.3538.77 (32-bit)
- Publish DEPS for 70.0.3538.77 by chrome-release-bot
- Incrementing VERSION to 70.0.3538.77 by chrome-release-bot
- Web Audio: fix two bugs in audibility detection in BaseAudioContext. by Becca Hughes
- cherry pick r601765 to M70 by Sahel Sharify
- [Picture in Picture] Show controls on mouseover on the window. by Jennifer Apacible
- [Picture in Picture] Fix controls timer issue by Becca Hughes
- Reland "Fling bubbles from OOPIF properly" without the tests. by Sahel Sharify
- [Merge M70][AF] Use 'Manage...' as footer string when popup type is unspecified by Fabio Tirelo
- Revert "Strengthen MITIGATION_DLL_SEARCH_ORDER on non-component builds." by Will Harris
- Incrementing VERSION to 70.0.3538.76 by chrome-release-bot
- [M70 branch] Roll ICU to 0b97836 by Jungshik Shin
- Fix text input on ARC++ Kiosk apps. by Yuichiro Hanada
- Revert "Network Service: Convert port_forwarding_controller.cc to mojo host resolver" by Jun Cai
- Turn off signin-allowed toggle after sign-out from dialog by Thomas Tangl
- Show sign-out dialog when signin-allowed is toggled off by Thomas Tangl
- ozone: Ensure we don't return invalid GbmBuffer objects by Alexandros Frantzis
- Revert "[M70 Merge][TPM Reporting] Add TPM status information to DeviceStatusCollector" by Ivan Sandrk
- Merge to 70: Fixes potential crash when toggling accessibility services by David Tseng
- Incrementing VERSION to 70.0.3538.75 by chrome-release-bot
- [ios] Check for nullptr NavigationItem before updating URL. by Danyao Wang
- Incrementing VERSION to 70.0.3538.74 by chrome-release-bot
- Incrementing VERSION to 70.0.3538.73 by chrome-release-bot
- [M70 merge] viz: Optimize pixel-moving renderpasses damage by wutao
- Incrementing VERSION to 70.0.3538.72 by chrome-release-bot
- Revert "Add a CHECK to non-DICE signin that it's only used for force-signin" by Jochen Eisinger
- Incrementing VERSION to 70.0.3538.71 by chrome-release-bot
- chrome_features: Set Usbguard feature flag to disabled by default. by Allen Webb
- Incrementing VERSION to 70.0.3538.70 by chrome-release-bot
- cros: Fix menus getting squished by Alex Newcomer
- Fix merge time window limit method by Henrique Grandinetti
- Make old time limit locks not be applied to the Chromebook by Henrique Grandinetti
- Fix a crash in TtsControllerImpl::VoicesChanged due to a use after free. by Sam McNally
- Incrementing VERSION to 70.0.3538.69 by chrome-release-bot
- Reland "Fix MessageListView crash on update during close." by Tetsui Ohkubo
- Revert "Fix MessageListView crash on update during close." by Tetsui Ohkubo
- Incrementing VERSION to 70.0.3538.68 by chrome-release-bot
- Fix naming issue when renaming files inside My files by Luciano Pacheco
- Store remaining usage time in milliseconds by Henrique Grandinetti
Google Chrome 70.0.3538.67 (32-bit)
Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- High CVE-2018-17462: Sandbox escape in AppCache
- High CVE-2018-17463: Remote code execution in V8
- High CVE to be assigned: Heap buffer overflow in Little CMS in PDFium
- High CVE-2018-17464: URL spoof in Omnibox
- High CVE-2018-17465: Use after free in V8
- High CVE-2018-17466: Memory corruption in Angle
- Medium CVE-2018-17467: URL spoof in Omnibox
- Medium CVE-2018-17468: Cross-origin URL disclosure in Blink
- Medium CVE-2018-17469: Heap buffer overflow in PDFium
- Medium CVE-2018-17470: Memory corruption in GPU Internals
- Medium CVE-2018-17471: Security UI occlusion in full screen mode
- Medium CVE-2018-17472: iframe sandbox escape on iOS
- Medium CVE-2018-17473: URL spoof in Omnibox
- Medium CVE-2018-17474: Use after free in Blink
- Low CVE-2018-17475: URL spoof in Omnibox
- Low CVE-2018-17476: Security UI occlusion in full screen mode
- Low CVE-2018-5179: Lack of limits on update() in ServiceWorker
- Low CVE-2018-17477: UI spoof in Extensions
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes:
- Various fixes from internal audits, fuzzing and other initiatives
Google Chrome 69.0.3497.100 (32-bit)
- Security Fixes and Rewards
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
This update includes 1 security fix from our ongoing internal security work:
- Fixes from internal audits, fuzzing and other initiatives
- Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL
Google Chrome 69.0.3497.92 (32-bit)
Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information
- [$3000][875322] High (CVE to be assigned): Function signature mismatch in WebAssembly. Reported by Kevin Cheung from Autodesk on 2018-08-17
- [$TBD][880759] Medium (CVE to be assigned): URL Spoofing in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-09-05
- We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel
- Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL
Google Chrome 69.0.3497.81 (32-bit)
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- This update includes 40 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information
- High CVE-2018-16065: Out of bounds write in V8
- High CVE-2018-16066:Out of bounds read in Blink
- High CVE-2018-16067: Out of bounds read in WebAudio
- High CVE-2018-16068: Out of bounds write in Mojo
- High CVE-2018-16069:Out of bounds read in SwiftShader
- High CVE-2018-16070: Integer overflow in Skia
- High CVE-2018-16071: Use after free in WebRTC
- Medium CVE-2018-16072: Cross origin pixel leak in Chrome's interaction with Android's MediaPlayer
- Medium CVE-2018-16073: Site Isolation bypass after tab restore
- Medium CVE-2018-16074: Site Isolation bypass using Blob URLS
- Medium: Out of bounds read in Little-CMS
- Medium CVE-2018-16075: Local file access in Blink
- Medium CVE-2018-16076: Out of bounds read in PDFium
- Medium CVE-2018-16077: Content security policy bypass in Blink
- Medium CVE-2018-16078: Credit card information leak in Autofill
- Medium CVE-2018-16079: URL spoof in permission dialogs
- Medium CVE-2018-16080: URL spoof in full screen mode
- Medium CVE-2018-16081: Local file access in DevTools
- Medium CVE-2018-16082: Stack buffer overflow in SwiftShader
- Medium CVE-2018-16083: Out of bounds read in WebRTC
- Low CVE-2018-16084: User confirmation bypass in external protocol handling
- Low CVE-2018-16085: Use after free in Memory Instrumentation
- Various fixes from internal audits, fuzzing and other initiatives
Google Chrome 68.0.3440.106 (32-bit)
- Change log not available for this version
Google Chrome 68.0.3440.84 (32-bit)
- Change log not available for this version
更新時間:2019-03-13
更新細節:
What's new in this version:
Google Chrome 73.0.3683.75 (32-bit)
- Change log not available for this version
Google Chrome 72.0.3626.121 (32-bit)
- Change log not available for this version
Google Chrome 72.0.3626.119 (32-bit)
- Publish DEPS for 72.0.3626.119 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.119 by chrome-release-bot
- Fix webrequest.onAuthRequired not getting fired with network service in incognito windows. by John Abd-El-Malek
- Incrementing VERSION to 72.0.3626.118 by chrome-release-bot
- Stop using default_factory for AppCache and reduce RBPI::CreateDefaultURLLoaderFactoryBundle usage by Kinuko Yasuda
- Incrementing VERSION to 72.0.3626.117 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.116 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.115 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.114 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.113 by chrome-release-bot
- [Direct Land on 72 / Cowboy] Omnibox - Add missing include headers. by Tommy C. Li
- Revert "Restrict disable_discard_framebuffer to only Mali on ChromeOS" by Kristian H. Kristensen
- Revert "[iOS] Mitigate timing issues with Safe Browsing test." by Kurt Horimoto
- [Merge M72] Revert "Fix OEM app position issue" by Yury Khmel
- Incrementing VERSION to 72.0.3626.112 by chrome-release-bot
- [Merge 72] Omnibox: Add back vertical margin field trial by Tommy C. Li
- [Merge 72] Omnibox: Add back kUIExperimentShowSuggestionFavicons flag by Tommy C. Li
- [iOS] Mitigate timing issues with Safe Browsing test. by Kurt Horimoto
- Incrementing VERSION to 72.0.3626.111 by chrome-release-bo
- Incrementing VERSION to 72.0.3626.110 by chrome-release-bot
Google Chrome 72.0.3626.109 (32-bit)
- Publish DEPS for 72.0.3626.109 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.109 by chrome-release-bot
- Add a ForceNetworkInProcess policy to force networking to run in the browser process
- Incrementing VERSION to 72.0.3626.108 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.107 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.106 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.105 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.104 by chrome-release-bot
- Add target-sdk quirk for encoding '#'s in loadData
- Do not post task to IO when updating WebViewRendererState
- Incrementing VERSION to 72.0.3626.103 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.102 by chrome-release-bot
- cros: Fix mismatched enum values in mojo/js by Jacob Dufault
- Incrementing VERSION to 72.0.3626.101 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.100 by chrome-release-bot
- [ios] Correct cherry pick for crrev.com/c/1457473
- [ios] Don't load external URLs on the NTP if the NTP hasn't committed
- [ios] Prevent taps in the NTP if the underlying NTP hasn't committed
- Incrementing VERSION to 72.0.3626.99 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.98 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.97 by chrome-release-bot
- [Merge to M-72] Fix external displays switching to mirror mode unexpectedly
Google Chrome 72.0.3626.96 (32-bit)
- Change log not available for this version
Google Chrome 72.0.3626.81 (32-bit)
Security fixes:
- Critical CVE-2019-5754: Inappropriate implementation in QUIC Networking
- High CVE-2019-5782: Inappropriate implementation in V8
- High CVE-2019-5755: Inappropriate implementation in V8
- High CVE-2019-5756: Use after free in PDFium
- High CVE-2019-5757: Type Confusion in SVG
- High CVE-2019-5758: Use after free in Blink
- High CVE-2019-5759: Use after free in HTML select elements
- High CVE-2019-5760: Use after free in WebRTC
- High CVE-2019-5761: Use after free in SwiftShader
- High CVE-2019-5762: Use after free in PDFium
- High CVE-2019-5763: Insufficient validation of untrusted input in V8
- High CVE-2019-5764: Use after free in WebRTC
- High: Use after free in FileAPI
- High CVE-2019-5765: Insufficient policy enforcement in the browser
- High: Use after free in Mojo interface
- High: Use after free in Payments
- High: Use after free in Mojo interface
- High: Stack buffer overflow in Skia
- Medium CVE-2019-5766: Insufficient policy enforcement in Canvas
- Medium CVE-2019-5767: Incorrect security UI in WebAPKs
- Medium CVE-2019-5768: Insufficient policy enforcement in DevTools
- Medium CVE-2019-5769: Insufficient validation of untrusted input in Blink
- Medium CVE-2019-5770: Heap buffer overflow in WebGL
- Medium CVE-2019-5771: Heap buffer overflow in SwiftShader
- Medium CVE-2019-5772: Use after free in PDFium
- Medium CVE-2019-5773: Insufficient data validation in IndexedDB
- Medium CVE-2019-5775: Insufficient policy enforcement in Omnibox
- Medium CVE-2019-5776: Insufficient policy enforcement in Omnibox
- Medium CVE-2019-5777: Insufficient policy enforcement in Omnibox
- Low CVE-2019-5778: Insufficient policy enforcement in Extensions
- Low CVE-2019-5779: Insufficient policy enforcement in ServiceWorker
- Low CVE-2019-5780: Insufficient policy enforcement
- Low CVE-2019-5781: Insufficient policy enforcement in Omnibox
- We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel
Google Chrome 71.0.3578.98 (32-bit)
- Change log not available for this version
Google Chrome 71.0.3578.80 (32-bit)
Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- Out of bounds write in V8
- Use after frees in PDFium
- Heap buffer overflow in Skia
- Use after free in PDFium
- Use after free in Blink
- Heap buffer overflow in Canvas
- Use after free in WebAudio
- Use after free in MediaRecorder
- Heap buffer overflow in Blink
- Out of bounds write in V8
- Use after free in Skia
- Inappropriate implementation in Extensions
- Multiple issues in SQLite via WebSQL
- Inappropriate implementation in Site Isolation
- Incorrect security UI in Blink
- Inappropriate implementation in Navigation
- Inappropriate implementation in Omnibox
- Insufficient policy enforcement in Blink
- Insufficient policy enforcement in Blink
- Insufficient policy enforcement in Navigation
- Inappropriate implementation in Media
- Inappropriate implementation in Network Authentication
- Insufficient data validation in Shell Integration
- Insufficient policy enforcement in URL Formatter
- Use after free in Skia
- Insufficient policy enforcement in URL Formatter
- Insufficient policy enforcement in Proxy
- Out of bounds read in V8
- Inappropriate implementation in PDFium
- Use after free in Extensions
- Inappropriate implementation in Navigation
- Inappropriate implementation in Navigation
- Insufficient policy enforcement in Navigation
- Insufficient policy enforcement in URL Formatter
This bug was fixed in Chrome 69, but was incorrectly omitted from the release notes at the time:
- Medium To be allocated: Insufficient policy enforcement in Payments
Google Chrome 70.0.3538.110 (32-bit)
- Change log not available for this version
Google Chrome 70.0.3538.102 (32-bit)
- Change log not available for this version
Google Chrome 70.0.3538.77 (32-bit)
- Publish DEPS for 70.0.3538.77 by chrome-release-bot
- Incrementing VERSION to 70.0.3538.77 by chrome-release-bot
- Web Audio: fix two bugs in audibility detection in BaseAudioContext. by Becca Hughes
- cherry pick r601765 to M70 by Sahel Sharify
- [Picture in Picture] Show controls on mouseover on the window. by Jennifer Apacible
- [Picture in Picture] Fix controls timer issue by Becca Hughes
- Reland "Fling bubbles from OOPIF properly" without the tests. by Sahel Sharify
- [Merge M70][AF] Use 'Manage...' as footer string when popup type is unspecified by Fabio Tirelo
- Revert "Strengthen MITIGATION_DLL_SEARCH_ORDER on non-component builds." by Will Harris
- Incrementing VERSION to 70.0.3538.76 by chrome-release-bot
- [M70 branch] Roll ICU to 0b97836 by Jungshik Shin
- Fix text input on ARC++ Kiosk apps. by Yuichiro Hanada
- Revert "Network Service: Convert port_forwarding_controller.cc to mojo host resolver" by Jun Cai
- Turn off signin-allowed toggle after sign-out from dialog by Thomas Tangl
- Show sign-out dialog when signin-allowed is toggled off by Thomas Tangl
- ozone: Ensure we don't return invalid GbmBuffer objects by Alexandros Frantzis
- Revert "[M70 Merge][TPM Reporting] Add TPM status information to DeviceStatusCollector" by Ivan Sandrk
- Merge to 70: Fixes potential crash when toggling accessibility services by David Tseng
- Incrementing VERSION to 70.0.3538.75 by chrome-release-bot
- [ios] Check for nullptr NavigationItem before updating URL. by Danyao Wang
- Incrementing VERSION to 70.0.3538.74 by chrome-release-bot
- Incrementing VERSION to 70.0.3538.73 by chrome-release-bot
- [M70 merge] viz: Optimize pixel-moving renderpasses damage by wutao
- Incrementing VERSION to 70.0.3538.72 by chrome-release-bot
- Revert "Add a CHECK to non-DICE signin that it's only used for force-signin" by Jochen Eisinger
- Incrementing VERSION to 70.0.3538.71 by chrome-release-bot
- chrome_features: Set Usbguard feature flag to disabled by default. by Allen Webb
- Incrementing VERSION to 70.0.3538.70 by chrome-release-bot
- cros: Fix menus getting squished by Alex Newcomer
- Fix merge time window limit method by Henrique Grandinetti
- Make old time limit locks not be applied to the Chromebook by Henrique Grandinetti
- Fix a crash in TtsControllerImpl::VoicesChanged due to a use after free. by Sam McNally
- Incrementing VERSION to 70.0.3538.69 by chrome-release-bot
- Reland "Fix MessageListView crash on update during close." by Tetsui Ohkubo
- Revert "Fix MessageListView crash on update during close." by Tetsui Ohkubo
- Incrementing VERSION to 70.0.3538.68 by chrome-release-bot
- Fix naming issue when renaming files inside My files by Luciano Pacheco
- Store remaining usage time in milliseconds by Henrique Grandinetti
Google Chrome 70.0.3538.67 (32-bit)
Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- High CVE-2018-17462: Sandbox escape in AppCache
- High CVE-2018-17463: Remote code execution in V8
- High CVE to be assigned: Heap buffer overflow in Little CMS in PDFium
- High CVE-2018-17464: URL spoof in Omnibox
- High CVE-2018-17465: Use after free in V8
- High CVE-2018-17466: Memory corruption in Angle
- Medium CVE-2018-17467: URL spoof in Omnibox
- Medium CVE-2018-17468: Cross-origin URL disclosure in Blink
- Medium CVE-2018-17469: Heap buffer overflow in PDFium
- Medium CVE-2018-17470: Memory corruption in GPU Internals
- Medium CVE-2018-17471: Security UI occlusion in full screen mode
- Medium CVE-2018-17472: iframe sandbox escape on iOS
- Medium CVE-2018-17473: URL spoof in Omnibox
- Medium CVE-2018-17474: Use after free in Blink
- Low CVE-2018-17475: URL spoof in Omnibox
- Low CVE-2018-17476: Security UI occlusion in full screen mode
- Low CVE-2018-5179: Lack of limits on update() in ServiceWorker
- Low CVE-2018-17477: UI spoof in Extensions
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes:
- Various fixes from internal audits, fuzzing and other initiatives
Google Chrome 69.0.3497.100 (32-bit)
- Security Fixes and Rewards
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
This update includes 1 security fix from our ongoing internal security work:
- Fixes from internal audits, fuzzing and other initiatives
- Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL
Google Chrome 69.0.3497.92 (32-bit)
Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information
- [$3000][875322] High (CVE to be assigned): Function signature mismatch in WebAssembly. Reported by Kevin Cheung from Autodesk on 2018-08-17
- [$TBD][880759] Medium (CVE to be assigned): URL Spoofing in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-09-05
- We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel
- Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL
Google Chrome 69.0.3497.81 (32-bit)
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- This update includes 40 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information
- High CVE-2018-16065: Out of bounds write in V8
- High CVE-2018-16066:Out of bounds read in Blink
- High CVE-2018-16067: Out of bounds read in WebAudio
- High CVE-2018-16068: Out of bounds write in Mojo
- High CVE-2018-16069:Out of bounds read in SwiftShader
- High CVE-2018-16070: Integer overflow in Skia
- High CVE-2018-16071: Use after free in WebRTC
- Medium CVE-2018-16072: Cross origin pixel leak in Chrome's interaction with Android's MediaPlayer
- Medium CVE-2018-16073: Site Isolation bypass after tab restore
- Medium CVE-2018-16074: Site Isolation bypass using Blob URLS
- Medium: Out of bounds read in Little-CMS
- Medium CVE-2018-16075: Local file access in Blink
- Medium CVE-2018-16076: Out of bounds read in PDFium
- Medium CVE-2018-16077: Content security policy bypass in Blink
- Medium CVE-2018-16078: Credit card information leak in Autofill
- Medium CVE-2018-16079: URL spoof in permission dialogs
- Medium CVE-2018-16080: URL spoof in full screen mode
- Medium CVE-2018-16081: Local file access in DevTools
- Medium CVE-2018-16082: Stack buffer overflow in SwiftShader
- Medium CVE-2018-16083: Out of bounds read in WebRTC
- Low CVE-2018-16084: User confirmation bypass in external protocol handling
- Low CVE-2018-16085: Use after free in Memory Instrumentation
- Various fixes from internal audits, fuzzing and other initiatives
Google Chrome 68.0.3440.106 (32-bit)
- Change log not available for this version
Google Chrome 68.0.3440.84 (32-bit)
- Change log not available for this version
更新時間:2019-03-01
更新細節:
What's new in this version:
Google Chrome 72.0.3626.121 (32-bit)
- Change log not available for this version
Google Chrome 72.0.3626.119 (32-bit)
- Publish DEPS for 72.0.3626.119 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.119 by chrome-release-bot
- Fix webrequest.onAuthRequired not getting fired with network service in incognito windows. by John Abd-El-Malek
- Incrementing VERSION to 72.0.3626.118 by chrome-release-bot
- Stop using default_factory for AppCache and reduce RBPI::CreateDefaultURLLoaderFactoryBundle usage by Kinuko Yasuda
- Incrementing VERSION to 72.0.3626.117 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.116 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.115 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.114 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.113 by chrome-release-bot
- [Direct Land on 72 / Cowboy] Omnibox - Add missing include headers. by Tommy C. Li
- Revert "Restrict disable_discard_framebuffer to only Mali on ChromeOS" by Kristian H. Kristensen
- Revert "[iOS] Mitigate timing issues with Safe Browsing test." by Kurt Horimoto
- [Merge M72] Revert "Fix OEM app position issue" by Yury Khmel
- Incrementing VERSION to 72.0.3626.112 by chrome-release-bot
- [Merge 72] Omnibox: Add back vertical margin field trial by Tommy C. Li
- [Merge 72] Omnibox: Add back kUIExperimentShowSuggestionFavicons flag by Tommy C. Li
- [iOS] Mitigate timing issues with Safe Browsing test. by Kurt Horimoto
- Incrementing VERSION to 72.0.3626.111 by chrome-release-bo
- Incrementing VERSION to 72.0.3626.110 by chrome-release-bot
Google Chrome 72.0.3626.109 (32-bit)
- Publish DEPS for 72.0.3626.109 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.109 by chrome-release-bot
- Add a ForceNetworkInProcess policy to force networking to run in the browser process
- Incrementing VERSION to 72.0.3626.108 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.107 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.106 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.105 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.104 by chrome-release-bot
- Add target-sdk quirk for encoding '#'s in loadData
- Do not post task to IO when updating WebViewRendererState
- Incrementing VERSION to 72.0.3626.103 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.102 by chrome-release-bot
- cros: Fix mismatched enum values in mojo/js by Jacob Dufault
- Incrementing VERSION to 72.0.3626.101 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.100 by chrome-release-bot
- [ios] Correct cherry pick for crrev.com/c/1457473
- [ios] Don't load external URLs on the NTP if the NTP hasn't committed
- [ios] Prevent taps in the NTP if the underlying NTP hasn't committed
- Incrementing VERSION to 72.0.3626.99 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.98 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.97 by chrome-release-bot
- [Merge to M-72] Fix external displays switching to mirror mode unexpectedly
Google Chrome 72.0.3626.96 (32-bit)
- Change log not available for this version
Google Chrome 72.0.3626.81 (32-bit)
Security fixes:
- Critical CVE-2019-5754: Inappropriate implementation in QUIC Networking
- High CVE-2019-5782: Inappropriate implementation in V8
- High CVE-2019-5755: Inappropriate implementation in V8
- High CVE-2019-5756: Use after free in PDFium
- High CVE-2019-5757: Type Confusion in SVG
- High CVE-2019-5758: Use after free in Blink
- High CVE-2019-5759: Use after free in HTML select elements
- High CVE-2019-5760: Use after free in WebRTC
- High CVE-2019-5761: Use after free in SwiftShader
- High CVE-2019-5762: Use after free in PDFium
- High CVE-2019-5763: Insufficient validation of untrusted input in V8
- High CVE-2019-5764: Use after free in WebRTC
- High: Use after free in FileAPI
- High CVE-2019-5765: Insufficient policy enforcement in the browser
- High: Use after free in Mojo interface
- High: Use after free in Payments
- High: Use after free in Mojo interface
- High: Stack buffer overflow in Skia
- Medium CVE-2019-5766: Insufficient policy enforcement in Canvas
- Medium CVE-2019-5767: Incorrect security UI in WebAPKs
- Medium CVE-2019-5768: Insufficient policy enforcement in DevTools
- Medium CVE-2019-5769: Insufficient validation of untrusted input in Blink
- Medium CVE-2019-5770: Heap buffer overflow in WebGL
- Medium CVE-2019-5771: Heap buffer overflow in SwiftShader
- Medium CVE-2019-5772: Use after free in PDFium
- Medium CVE-2019-5773: Insufficient data validation in IndexedDB
- Medium CVE-2019-5775: Insufficient policy enforcement in Omnibox
- Medium CVE-2019-5776: Insufficient policy enforcement in Omnibox
- Medium CVE-2019-5777: Insufficient policy enforcement in Omnibox
- Low CVE-2019-5778: Insufficient policy enforcement in Extensions
- Low CVE-2019-5779: Insufficient policy enforcement in ServiceWorker
- Low CVE-2019-5780: Insufficient policy enforcement
- Low CVE-2019-5781: Insufficient policy enforcement in Omnibox
- We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel
Google Chrome 71.0.3578.98 (32-bit)
- Change log not available for this version
Google Chrome 71.0.3578.80 (32-bit)
Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- Out of bounds write in V8
- Use after frees in PDFium
- Heap buffer overflow in Skia
- Use after free in PDFium
- Use after free in Blink
- Heap buffer overflow in Canvas
- Use after free in WebAudio
- Use after free in MediaRecorder
- Heap buffer overflow in Blink
- Out of bounds write in V8
- Use after free in Skia
- Inappropriate implementation in Extensions
- Multiple issues in SQLite via WebSQL
- Inappropriate implementation in Site Isolation
- Incorrect security UI in Blink
- Inappropriate implementation in Navigation
- Inappropriate implementation in Omnibox
- Insufficient policy enforcement in Blink
- Insufficient policy enforcement in Blink
- Insufficient policy enforcement in Navigation
- Inappropriate implementation in Media
- Inappropriate implementation in Network Authentication
- Insufficient data validation in Shell Integration
- Insufficient policy enforcement in URL Formatter
- Use after free in Skia
- Insufficient policy enforcement in URL Formatter
- Insufficient policy enforcement in Proxy
- Out of bounds read in V8
- Inappropriate implementation in PDFium
- Use after free in Extensions
- Inappropriate implementation in Navigation
- Inappropriate implementation in Navigation
- Insufficient policy enforcement in Navigation
- Insufficient policy enforcement in URL Formatter
This bug was fixed in Chrome 69, but was incorrectly omitted from the release notes at the time:
- Medium To be allocated: Insufficient policy enforcement in Payments
Google Chrome 70.0.3538.110 (32-bit)
- Change log not available for this version
Google Chrome 70.0.3538.102 (32-bit)
- Change log not available for this version
Google Chrome 70.0.3538.77 (32-bit)
- Publish DEPS for 70.0.3538.77 by chrome-release-bot
- Incrementing VERSION to 70.0.3538.77 by chrome-release-bot
- Web Audio: fix two bugs in audibility detection in BaseAudioContext. by Becca Hughes
- cherry pick r601765 to M70 by Sahel Sharify
- [Picture in Picture] Show controls on mouseover on the window. by Jennifer Apacible
- [Picture in Picture] Fix controls timer issue by Becca Hughes
- Reland "Fling bubbles from OOPIF properly" without the tests. by Sahel Sharify
- [Merge M70][AF] Use 'Manage...' as footer string when popup type is unspecified by Fabio Tirelo
- Revert "Strengthen MITIGATION_DLL_SEARCH_ORDER on non-component builds." by Will Harris
- Incrementing VERSION to 70.0.3538.76 by chrome-release-bot
- [M70 branch] Roll ICU to 0b97836 by Jungshik Shin
- Fix text input on ARC++ Kiosk apps. by Yuichiro Hanada
- Revert "Network Service: Convert port_forwarding_controller.cc to mojo host resolver" by Jun Cai
- Turn off signin-allowed toggle after sign-out from dialog by Thomas Tangl
- Show sign-out dialog when signin-allowed is toggled off by Thomas Tangl
- ozone: Ensure we don't return invalid GbmBuffer objects by Alexandros Frantzis
- Revert "[M70 Merge][TPM Reporting] Add TPM status information to DeviceStatusCollector" by Ivan Sandrk
- Merge to 70: Fixes potential crash when toggling accessibility services by David Tseng
- Incrementing VERSION to 70.0.3538.75 by chrome-release-bot
- [ios] Check for nullptr NavigationItem before updating URL. by Danyao Wang
- Incrementing VERSION to 70.0.3538.74 by chrome-release-bot
- Incrementing VERSION to 70.0.3538.73 by chrome-release-bot
- [M70 merge] viz: Optimize pixel-moving renderpasses damage by wutao
- Incrementing VERSION to 70.0.3538.72 by chrome-release-bot
- Revert "Add a CHECK to non-DICE signin that it's only used for force-signin" by Jochen Eisinger
- Incrementing VERSION to 70.0.3538.71 by chrome-release-bot
- chrome_features: Set Usbguard feature flag to disabled by default. by Allen Webb
- Incrementing VERSION to 70.0.3538.70 by chrome-release-bot
- cros: Fix menus getting squished by Alex Newcomer
- Fix merge time window limit method by Henrique Grandinetti
- Make old time limit locks not be applied to the Chromebook by Henrique Grandinetti
- Fix a crash in TtsControllerImpl::VoicesChanged due to a use after free. by Sam McNally
- Incrementing VERSION to 70.0.3538.69 by chrome-release-bot
- Reland "Fix MessageListView crash on update during close." by Tetsui Ohkubo
- Revert "Fix MessageListView crash on update during close." by Tetsui Ohkubo
- Incrementing VERSION to 70.0.3538.68 by chrome-release-bot
- Fix naming issue when renaming files inside My files by Luciano Pacheco
- Store remaining usage time in milliseconds by Henrique Grandinetti
Google Chrome 70.0.3538.67 (32-bit)
Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- High CVE-2018-17462: Sandbox escape in AppCache
- High CVE-2018-17463: Remote code execution in V8
- High CVE to be assigned: Heap buffer overflow in Little CMS in PDFium
- High CVE-2018-17464: URL spoof in Omnibox
- High CVE-2018-17465: Use after free in V8
- High CVE-2018-17466: Memory corruption in Angle
- Medium CVE-2018-17467: URL spoof in Omnibox
- Medium CVE-2018-17468: Cross-origin URL disclosure in Blink
- Medium CVE-2018-17469: Heap buffer overflow in PDFium
- Medium CVE-2018-17470: Memory corruption in GPU Internals
- Medium CVE-2018-17471: Security UI occlusion in full screen mode
- Medium CVE-2018-17472: iframe sandbox escape on iOS
- Medium CVE-2018-17473: URL spoof in Omnibox
- Medium CVE-2018-17474: Use after free in Blink
- Low CVE-2018-17475: URL spoof in Omnibox
- Low CVE-2018-17476: Security UI occlusion in full screen mode
- Low CVE-2018-5179: Lack of limits on update() in ServiceWorker
- Low CVE-2018-17477: UI spoof in Extensions
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes:
- Various fixes from internal audits, fuzzing and other initiatives
Google Chrome 69.0.3497.100 (32-bit)
- Security Fixes and Rewards
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
This update includes 1 security fix from our ongoing internal security work:
- Fixes from internal audits, fuzzing and other initiatives
- Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL
Google Chrome 69.0.3497.92 (32-bit)
Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information
- [$3000][875322] High (CVE to be assigned): Function signature mismatch in WebAssembly. Reported by Kevin Cheung from Autodesk on 2018-08-17
- [$TBD][880759] Medium (CVE to be assigned): URL Spoofing in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-09-05
- We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel
- Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL
Google Chrome 69.0.3497.81 (32-bit)
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- This update includes 40 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information
- High CVE-2018-16065: Out of bounds write in V8
- High CVE-2018-16066:Out of bounds read in Blink
- High CVE-2018-16067: Out of bounds read in WebAudio
- High CVE-2018-16068: Out of bounds write in Mojo
- High CVE-2018-16069:Out of bounds read in SwiftShader
- High CVE-2018-16070: Integer overflow in Skia
- High CVE-2018-16071: Use after free in WebRTC
- Medium CVE-2018-16072: Cross origin pixel leak in Chrome's interaction with Android's MediaPlayer
- Medium CVE-2018-16073: Site Isolation bypass after tab restore
- Medium CVE-2018-16074: Site Isolation bypass using Blob URLS
- Medium: Out of bounds read in Little-CMS
- Medium CVE-2018-16075: Local file access in Blink
- Medium CVE-2018-16076: Out of bounds read in PDFium
- Medium CVE-2018-16077: Content security policy bypass in Blink
- Medium CVE-2018-16078: Credit card information leak in Autofill
- Medium CVE-2018-16079: URL spoof in permission dialogs
- Medium CVE-2018-16080: URL spoof in full screen mode
- Medium CVE-2018-16081: Local file access in DevTools
- Medium CVE-2018-16082: Stack buffer overflow in SwiftShader
- Medium CVE-2018-16083: Out of bounds read in WebRTC
- Low CVE-2018-16084: User confirmation bypass in external protocol handling
- Low CVE-2018-16085: Use after free in Memory Instrumentation
- Various fixes from internal audits, fuzzing and other initiatives
Google Chrome 68.0.3440.106 (32-bit)
- Change log not available for this version
Google Chrome 68.0.3440.84 (32-bit)
- Change log not available for this version
更新時間:2019-03-01
更新細節:
What's new in this version:
Mobirise 4.9.4
- Change log not available for this version
Mobirise 4.9.3
- 'Update All' button for extensions with a progress bar
- Adding images by drag and drop in Image Media
- Adding multiple images at once to sliders and galleries (non-AMP themes)
- Updated M4 themes to latest Bootstrap v4.2.1
- Updated free MobiriseAMP theme - 20 new blocks: gallery, slider, accordion, contact forms, testimonials, google maps.
- Code Editor loading speed improved
- Bug fixes for Google Maps
- Fixes for editing menu colors
- Fixe with page cloning
Mobirise 4.9.1
Code Editor update:
- Mobirise mentions removal - clear the HTML code from "made with Mobirise" etc.
- New color schemes - light and contrast
- Undo-Redo buttons
PayPal Shopping Cart update:
- Support for AMP themes
- Subscribe and Donate options
- Info on "How to add shipping, VAT, and tax"
Mobirise 4.8.10
- Change log not available for this version
Mobirise 4.8.8
- Bug fixes: parallax in M4 themes, AMP sliders
Mobirise 4.8.6
- Mobirise Icons are available for AMP themes now
- Mobirise 2 Icons added
Mobirise 4.8.5
- Mobirise Icons are available for AMP themes now
- Mobirise 2 Icons added
Mobirise 4.8.1
- Custom subdomain on mobirisesite.com
- SSL certificate (url with https)
- Lightning-fast global CDN (Content Delivery Network)
- Unlimited pages
- Unlimited space and bandwidth
Mobirise 4.8.0
- Change log not available for this version
Mobirise 4.7.9
- Bug Fixes for AMP Themes: video autoplay, map layout, video lightbox
Mobirise 4.7.8
- Change log not available for this version
Mobirise 4.7.7
- Improved app loading
- Fixed inserting icons in menu in m3 themes
- Fixed and updated translations
- Fixed disappearance of text placeholders
- Select all text on first click
- Fixed font dropdown panel height
Mobirise 4.7.2
- Cookie Alert Extension updated - now it is "Cookie Alert and GDPR Compliance" - After activating GDPR compliance, all web forms on your website will have checkbox for agreeing to your Terms and Privacy Policy.
- Code Editor Extension updated - some fixes
- Different fixes in translation engine
- New AMP themes - StartupAMP and SpaceAMP
Mobirise 4.7.1
- Change log not available for this version
Mobirise 4.7.0
- Change log not available for this version
Mobirise 4.6.7
- Change log not available for this version
Mobirise 4.6.6
- Change log not available for this version
Mobirise 4.6.5
- Languages: Polish
Bug fixes:
- Issue with missing projects fixed
- Issue with missing user blocks fixed
- Mobirise 3: sliders
- Alignment in AgencyM4 and LawyerM4
- Text style for forms in StoreM4
Mobirise 4.6.4
- Themes optimization
- Languages: Romanian, Portuguese
Bug fixes:
- Mobirise 3: broken iconfonts
Mobirise 4.6.3
- New languages added: Dutch, Bulgarian, Russian, Chinese, Spanish, Italian
- Bootstrap is updated to v4.0.0 (stable) for all M4 themes
Mobirise 4.6.0
- Hotkey: if your Sites list is empty, you can load the list of previously used projects: open your Sites list and press Ctrl+Alt+L when it opened
- Now you can load your empty or broken project in the app to restore a previously saved site version from Site History
- SEO Extension updated: bug fixes
更新時間:2019-02-22
更新細節:
What's new in this version:
Google Chrome 72.0.3626.119 (32-bit)
- Publish DEPS for 72.0.3626.119 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.119 by chrome-release-bot
- Fix webrequest.onAuthRequired not getting fired with network service in incognito windows. by John Abd-El-Malek
- Incrementing VERSION to 72.0.3626.118 by chrome-release-bot
- Stop using default_factory for AppCache and reduce RBPI::CreateDefaultURLLoaderFactoryBundle usage by Kinuko Yasuda
- Incrementing VERSION to 72.0.3626.117 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.116 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.115 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.114 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.113 by chrome-release-bot
- [Direct Land on 72 / Cowboy] Omnibox - Add missing include headers. by Tommy C. Li
- Revert "Restrict disable_discard_framebuffer to only Mali on ChromeOS" by Kristian H. Kristensen
- Revert "[iOS] Mitigate timing issues with Safe Browsing test." by Kurt Horimoto
- [Merge M72] Revert "Fix OEM app position issue" by Yury Khmel
- Incrementing VERSION to 72.0.3626.112 by chrome-release-bot
- [Merge 72] Omnibox: Add back vertical margin field trial by Tommy C. Li
- [Merge 72] Omnibox: Add back kUIExperimentShowSuggestionFavicons flag by Tommy C. Li
- [iOS] Mitigate timing issues with Safe Browsing test. by Kurt Horimoto
- Incrementing VERSION to 72.0.3626.111 by chrome-release-bo
- Incrementing VERSION to 72.0.3626.110 by chrome-release-bot
Google Chrome 72.0.3626.109 (32-bit)
- Publish DEPS for 72.0.3626.109 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.109 by chrome-release-bot
- Add a ForceNetworkInProcess policy to force networking to run in the browser process
- Incrementing VERSION to 72.0.3626.108 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.107 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.106 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.105 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.104 by chrome-release-bot
- Add target-sdk quirk for encoding '#'s in loadData
- Do not post task to IO when updating WebViewRendererState
- Incrementing VERSION to 72.0.3626.103 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.102 by chrome-release-bot
- cros: Fix mismatched enum values in mojo/js by Jacob Dufault
- Incrementing VERSION to 72.0.3626.101 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.100 by chrome-release-bot
- [ios] Correct cherry pick for crrev.com/c/1457473
- [ios] Don't load external URLs on the NTP if the NTP hasn't committed
- [ios] Prevent taps in the NTP if the underlying NTP hasn't committed
- Incrementing VERSION to 72.0.3626.99 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.98 by chrome-release-bot
- Incrementing VERSION to 72.0.3626.97 by chrome-release-bot
- [Merge to M-72] Fix external displays switching to mirror mode unexpectedly
Google Chrome 72.0.3626.96 (32-bit)
- Change log not available for this version
Google Chrome 72.0.3626.81 (32-bit)
Security fixes:
- Critical CVE-2019-5754: Inappropriate implementation in QUIC Networking
- High CVE-2019-5782: Inappropriate implementation in V8
- High CVE-2019-5755: Inappropriate implementation in V8
- High CVE-2019-5756: Use after free in PDFium
- High CVE-2019-5757: Type Confusion in SVG
- High CVE-2019-5758: Use after free in Blink
- High CVE-2019-5759: Use after free in HTML select elements
- High CVE-2019-5760: Use after free in WebRTC
- High CVE-2019-5761: Use after free in SwiftShader
- High CVE-2019-5762: Use after free in PDFium
- High CVE-2019-5763: Insufficient validation of untrusted input in V8
- High CVE-2019-5764: Use after free in WebRTC
- High: Use after free in FileAPI
- High CVE-2019-5765: Insufficient policy enforcement in the browser
- High: Use after free in Mojo interface
- High: Use after free in Payments
- High: Use after free in Mojo interface
- High: Stack buffer overflow in Skia
- Medium CVE-2019-5766: Insufficient policy enforcement in Canvas
- Medium CVE-2019-5767: Incorrect security UI in WebAPKs
- Medium CVE-2019-5768: Insufficient policy enforcement in DevTools
- Medium CVE-2019-5769: Insufficient validation of untrusted input in Blink
- Medium CVE-2019-5770: Heap buffer overflow in WebGL
- Medium CVE-2019-5771: Heap buffer overflow in SwiftShader
- Medium CVE-2019-5772: Use after free in PDFium
- Medium CVE-2019-5773: Insufficient data validation in IndexedDB
- Medium CVE-2019-5775: Insufficient policy enforcement in Omnibox
- Medium CVE-2019-5776: Insufficient policy enforcement in Omnibox
- Medium CVE-2019-5777: Insufficient policy enforcement in Omnibox
- Low CVE-2019-5778: Insufficient policy enforcement in Extensions
- Low CVE-2019-5779: Insufficient policy enforcement in ServiceWorker
- Low CVE-2019-5780: Insufficient policy enforcement
- Low CVE-2019-5781: Insufficient policy enforcement in Omnibox
- We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel
Google Chrome 71.0.3578.98 (32-bit)
- Change log not available for this version
Google Chrome 71.0.3578.80 (32-bit)
Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- Out of bounds write in V8
- Use after frees in PDFium
- Heap buffer overflow in Skia
- Use after free in PDFium
- Use after free in Blink
- Heap buffer overflow in Canvas
- Use after free in WebAudio
- Use after free in MediaRecorder
- Heap buffer overflow in Blink
- Out of bounds write in V8
- Use after free in Skia
- Inappropriate implementation in Extensions
- Multiple issues in SQLite via WebSQL
- Inappropriate implementation in Site Isolation
- Incorrect security UI in Blink
- Inappropriate implementation in Navigation
- Inappropriate implementation in Omnibox
- Insufficient policy enforcement in Blink
- Insufficient policy enforcement in Blink
- Insufficient policy enforcement in Navigation
- Inappropriate implementation in Media
- Inappropriate implementation in Network Authentication
- Insufficient data validation in Shell Integration
- Insufficient policy enforcement in URL Formatter
- Use after free in Skia
- Insufficient policy enforcement in URL Formatter
- Insufficient policy enforcement in Proxy
- Out of bounds read in V8
- Inappropriate implementation in PDFium
- Use after free in Extensions
- Inappropriate implementation in Navigation
- Inappropriate implementation in Navigation
- Insufficient policy enforcement in Navigation
- Insufficient policy enforcement in URL Formatter
This bug was fixed in Chrome 69, but was incorrectly omitted from the release notes at the time:
- Medium To be allocated: Insufficient policy enforcement in Payments
Google Chrome 70.0.3538.110 (32-bit)
- Change log not available for this version
Google Chrome 70.0.3538.102 (32-bit)
- Change log not available for this version
Google Chrome 70.0.3538.77 (32-bit)
- Publish DEPS for 70.0.3538.77 by chrome-release-bot
- Incrementing VERSION to 70.0.3538.77 by chrome-release-bot
- Web Audio: fix two bugs in audibility detection in BaseAudioContext. by Becca Hughes
- cherry pick r601765 to M70 by Sahel Sharify
- [Picture in Picture] Show controls on mouseover on the window. by Jennifer Apacible
- [Picture in Picture] Fix controls timer issue by Becca Hughes
- Reland "Fling bubbles from OOPIF properly" without the tests. by Sahel Sharify
- [Merge M70][AF] Use 'Manage...' as footer string when popup type is unspecified by Fabio Tirelo
- Revert "Strengthen MITIGATION_DLL_SEARCH_ORDER on non-component builds." by Will Harris
- Incrementing VERSION to 70.0.3538.76 by chrome-release-bot
- [M70 branch] Roll ICU to 0b97836 by Jungshik Shin
- Fix text input on ARC++ Kiosk apps. by Yuichiro Hanada
- Revert "Network Service: Convert port_forwarding_controller.cc to mojo host resolver" by Jun Cai
- Turn off signin-allowed toggle after sign-out from dialog by Thomas Tangl
- Show sign-out dialog when signin-allowed is toggled off by Thomas Tangl
- ozone: Ensure we don't return invalid GbmBuffer objects by Alexandros Frantzis
- Revert "[M70 Merge][TPM Reporting] Add TPM status information to DeviceStatusCollector" by Ivan Sandrk
- Merge to 70: Fixes potential crash when toggling accessibility services by David Tseng
- Incrementing VERSION to 70.0.3538.75 by chrome-release-bot
- [ios] Check for nullptr NavigationItem before updating URL. by Danyao Wang
- Incrementing VERSION to 70.0.3538.74 by chrome-release-bot
- Incrementing VERSION to 70.0.3538.73 by chrome-release-bot
- [M70 merge] viz: Optimize pixel-moving renderpasses damage by wutao
- Incrementing VERSION to 70.0.3538.72 by chrome-release-bot
- Revert "Add a CHECK to non-DICE signin that it's only used for force-signin" by Jochen Eisinger
- Incrementing VERSION to 70.0.3538.71 by chrome-release-bot
- chrome_features: Set Usbguard feature flag to disabled by default. by Allen Webb
- Incrementing VERSION to 70.0.3538.70 by chrome-release-bot
- cros: Fix menus getting squished by Alex Newcomer
- Fix merge time window limit method by Henrique Grandinetti
- Make old time limit locks not be applied to the Chromebook by Henrique Grandinetti
- Fix a crash in TtsControllerImpl::VoicesChanged due to a use after free. by Sam McNally
- Incrementing VERSION to 70.0.3538.69 by chrome-release-bot
- Reland "Fix MessageListView crash on update during close." by Tetsui Ohkubo
- Revert "Fix MessageListView crash on update during close." by Tetsui Ohkubo
- Incrementing VERSION to 70.0.3538.68 by chrome-release-bot
- Fix naming issue when renaming files inside My files by Luciano Pacheco
- Store remaining usage time in milliseconds by Henrique Grandinetti
Google Chrome 70.0.3538.67 (32-bit)
Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- High CVE-2018-17462: Sandbox escape in AppCache
- High CVE-2018-17463: Remote code execution in V8
- High CVE to be assigned: Heap buffer overflow in Little CMS in PDFium
- High CVE-2018-17464: URL spoof in Omnibox
- High CVE-2018-17465: Use after free in V8
- High CVE-2018-17466: Memory corruption in Angle
- Medium CVE-2018-17467: URL spoof in Omnibox
- Medium CVE-2018-17468: Cross-origin URL disclosure in Blink
- Medium CVE-2018-17469: Heap buffer overflow in PDFium
- Medium CVE-2018-17470: Memory corruption in GPU Internals
- Medium CVE-2018-17471: Security UI occlusion in full screen mode
- Medium CVE-2018-17472: iframe sandbox escape on iOS
- Medium CVE-2018-17473: URL spoof in Omnibox
- Medium CVE-2018-17474: Use after free in Blink
- Low CVE-2018-17475: URL spoof in Omnibox
- Low CVE-2018-17476: Security UI occlusion in full screen mode
- Low CVE-2018-5179: Lack of limits on update() in ServiceWorker
- Low CVE-2018-17477: UI spoof in Extensions
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes:
- Various fixes from internal audits, fuzzing and other initiatives
Google Chrome 69.0.3497.100 (32-bit)
- Security Fixes and Rewards
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
This update includes 1 security fix from our ongoing internal security work:
- Fixes from internal audits, fuzzing and other initiatives
- Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL
Google Chrome 69.0.3497.92 (32-bit)
Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information
- [$3000][875322] High (CVE to be assigned): Function signature mismatch in WebAssembly. Reported by Kevin Cheung from Autodesk on 2018-08-17
- [$TBD][880759] Medium (CVE to be assigned): URL Spoofing in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-09-05
- We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel
- Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL
Google Chrome 69.0.3497.81 (32-bit)
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- This update includes 40 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information
- High CVE-2018-16065: Out of bounds write in V8
- High CVE-2018-16066:Out of bounds read in Blink
- High CVE-2018-16067: Out of bounds read in WebAudio
- High CVE-2018-16068: Out of bounds write in Mojo
- High CVE-2018-16069:Out of bounds read in SwiftShader
- High CVE-2018-16070: Integer overflow in Skia
- High CVE-2018-16071: Use after free in WebRTC
- Medium CVE-2018-16072: Cross origin pixel leak in Chrome's interaction with Android's MediaPlayer
- Medium CVE-2018-16073: Site Isolation bypass after tab restore
- Medium CVE-2018-16074: Site Isolation bypass using Blob URLS
- Medium: Out of bounds read in Little-CMS
- Medium CVE-2018-16075: Local file access in Blink
- Medium CVE-2018-16076: Out of bounds read in PDFium
- Medium CVE-2018-16077: Content security policy bypass in Blink
- Medium CVE-2018-16078: Credit card information leak in Autofill
- Medium CVE-2018-16079: URL spoof in permission dialogs
- Medium CVE-2018-16080: URL spoof in full screen mode
- Medium CVE-2018-16081: Local file access in DevTools
- Medium CVE-2018-16082: Stack buffer overflow in SwiftShader
- Medium CVE-2018-16083: Out of bounds read in WebRTC
- Low CVE-2018-16084: User confirmation bypass in external protocol handling
- Low CVE-2018-16085: Use after free in Memory Instrumentation
- Various fixes from internal audits, fuzzing and other initiatives
Google Chrome 68.0.3440.106 (32-bit)
- Change log not available for this version
Google Chrome 68.0.3440.84 (32-bit)
- Change log not available for this version
更新時間:2019-02-22
更新細節:
What's new in this version:
Plex Media Player 2.28.0.952
- Added subtitle color and position options
- We've updated our tooling to provide an improved user experience
- AAC audio streams are no longer automatically converted to AC3, EAC3, or DTS during Direct Stream or Transcode when the related Settings > Audio setting is enabled. Instead they will play without conversion" items_fixed
- Fixed loss of focus when going to an empty web shows page
- Fixed navigation order after switching to the admin user
- Fixed News and Podcasts directories so they don't touch navigation bar
- Fixed extended info poster not positioned properly"
Plex Media Player 2.27.0.950
- Change log not available for this version
Plex Media Player 2.27.0.949
- Desktop web-client updated to 3.83.1
- Support translation of relative time strings
- Adjusted library page jump bar so more characters can be shown
- Changed user menu from dropdown to full screen modal"
Plex Media Player 2.26.0.947
- Added actions menu to Web Shows and Podcasts show preplay pagesrn
- Added Chapter Selection title to chapter selection menurn
- Don't show 'More...' button when there is only one more item
- Fixed possible error on user switcher screenrn
- Fixed chapter selection sometimes losing focus at the end of the listrn
- Fixed Live TV restarting from another position when enabling or disabling Closed Captioningrn
- Fixed some issues with video transcoding when it can direct stream"
Plex Media Player 2.25.0.940
- Change log not available for this version
Plex Media Player 2.24.0.926
- Change log not available for this version
Plex Media Player 2.24.0.924
- Fixed an issue where signing out or switching users could cause the app to freeze
- Fixed an issue where the app could crash when loading a type view
- Fixed an issue where focus would be lost after removing the last item from a listFixed as issue where enabling recording all episodes for certain shows could return in nothing getting added to the priority list
- Fixed an issue that could cause a blank screen to appear after playback
- Fixed loss of focus on episode preplay in some cases"
Plex Media Player 2.23.0.920
- Change log not available for this version
Plex Media Player 2.22.1.917
- Change log not available for this version
Plex Media Player 2.21.0.914
- Improvements to subtitles search results titles
- Added new music player UI for podcasts
- Added Related Episodes hub underneath the Podcasts player
- Watch Later and Recommended support has been removed.
- Fixed occasional loss of focus on library page when applying "unplayed" filter
- Fixed settings failing to open in some circumstances
- Fixed zip code not disappearing in News settings after selecting a country that doesn't have zip codes
- Fixed selecting a play queue item occasionally not starting playback"
Plex Media Player 2.20.0.909
- Change log not available for this version
Plex Media Player 2.19.1.904
- Fixed an issue connecting to Plex Cloud servers
Plex Media Player 2.19.0.902
Added:
- Chapter titles to the chapter selectionrn
- Added the ability to focus the progress bar and move the playhead to seek more accuratelyrn
- Added preview thumbnails while seeking (when available)rn
- Adjusted rewind and fast-foward behavior to move the playhead automatically at 1x, 2x or 3x speedrn
- Added new music mini playerrn
- Added new user button design in the application headerrn
- Added split fullscreen and layout switching controls
- Fixed shuffle commands received from companion apps not being recognizedrn- Fixed dashboard hubs sometimes failing to load when switching between Home usersrn
- Fixed advancing to the same item as the one currently playing putting the player in a broken statern
- Fixed focus not being restored when returning to playlists list pagern
- Fixed missing placeholder for chapter selection preview thumbnailsrn
- Fixed broken focus behaviour when pressing right twice quickly on settingsrn
- Fixed missing 'Collections' and 'Albums' links from dashboards
Plex Media Player 2.18.0.893
- Change log not available for this version
Plex Media Player 2.17.0.890
- Change log not available for this version
Plex Media Player 2.16.0.885
- Change log not available for this version
Plex Media Player 2.15.0.882
- Desktop web-client updated to 3.61.1rn
- Added soft subtitles with direct play (requires PMS 1.13.4 or above)
- Added missing unwatched triangles to Watch Later/Recommendedrn
- Fixed sometimes only the background showing when going back to the pre-play pagern
- Fixed items in On Right Now starting playback immediately after going to Watch Nowrn
- Fixed icon for server and source listsrn
- Fixed an issue where pressing left or right while video is paused causes you to go to previous/next video instead of seeking"
Plex Media Player 2.14.1.880
- Fixed error showing when recording is post processing
- Fixed troubles selecting embedded subtitle streams in videos without audio streams
- Fixed grid view programs getting duplicated when refreshing EPG with grid view open
- Fixed video quality setting does not properly show user selection
Plex Media Player 2.13.0.877
- Fixed focus disappearing after selecting a different news clip from the play queue
- Fixed missing jump bars when viewing Artists and Albums from Quick Links
- Don't show 'Browse by Folder' option when not applicable
- Fixed missing shuffle button from Collections PrePlay
Plex Media Player 2.12.1.871
- Change log not available for this version
Plex Media Player 2.12.0.869
- Restored ability to delete Watch Later/Recommended items
- Fixed Browse by Folder showing unwatched flags on folders
- Fixed cursor getting lost when navigating up to menu on Live TV Watch Now
- Fixed metadata being displayed behind episode thumbnail in some cases
- Fixed smooth scroll behaviour on some dashboard pages
- Fixed audio & subtitle preference changes not being reflected immediately on the preplay page
- Removed “Discover” and “Watch Now” buttons from Live TV Browse All"
Plex Media Player 2.11.1.870
Added:
- TV web-client updated to 3.54.2
Fixed:
- Removed non-functional Channel provider
Plex Media Player 2.11.0.867
Items added:
- Desktop web-client updated to 3.52.2
- Qt updated to 5.9.5
- Updated "(Un)Watched" text to "(Un)Played"
Items fixed:
- Restored ability to delete Watch Later/Recommended items
- Fixed several possible situations where focus could disappear
- Fixed an issue where shuffling a TV season would result in a play queue containing episodes from outside of that season
- Fixed an issue where the order in which items on a show page are focused could sometimes be inconsistent
- Ensured quality setting is respected when autoplaying next video
- Fixed HLS videos in Watch Later not playing in some cases
- Fixed some occurrences of "Repeat All" not repeating single video play queues
- Fixed Live TV type buttons cutoff in list view
- Fixed inconsistent queue behavior when playing season with no unwatched episodes
- Fixed music play queues not correctly restoring on app start
- Fixed an issue that prevented playing content from a Controller while the app is in the PIN entry screen
Plex Media Player 2.10.0.849
- Added Privacy Policy and Terms of Service viewing in settings
- Added quick links action buttons for type discovery pages
- (Xbox One) HDR support for Xbox One S and Xbox One
- (Xbox One) Automatic display mode switching to match video resolution and refresh rate
- Fixed the app not loading if plex.tv was unavailable
- Fixed the version badge not updating after deleting a version
- Fixed missing videos in a photo library failing silently
- Fixed the OSD not hiding when resuming playback after the screensaver was shown
- (PMP) Fixed high CPU usage during music playback
- Fixed deleting of file with multiple versions
- Fix missing video titles on photo album pages
- Fix the rest of the episodes in the play queue after selecting play from the show level
Plex Media Player 2.9.0.824
Items added:
- Desktop web-client updated to 3.47.1
- Added automatic fallback to transcode if direct playing music fails
- Updated translations
Items fixed:
- Fixed an issue that prevented toggling between timed and untimed lyrics
- Fixed library lists sometimes not scrolling to the end correctly
- Fixed the dashboard type list sometimes not scrolling to the end correctly
- Don't show the library list if there are no libraries available
- Fixed a rare bug that could cause pointer-only UI elements to appear while not controlling the app with a pointer
- Fixed an issue with news tags sometimes appearing offscreen
- Fixed an issue where going to an empty recording schedule page would make the application unresponsive to input
- Fixed UI sounds
Plex Media Player 2.8.0.813
- Change log not available for this version
Plex Media Player 2.7.0.806
- Added scrolling to dashboard header type buttons when more than 5 buttons are visible
- Swapped the Record and Play buttons on Live TV item screens
- Desktop web-client updated to 3.41.2
- Fixed possible endless buffering at start of playback
- Fixed short movie/episode summary alignment
- Fixed version count not showing up on poster lists
- Fixed the recording schedule not displaying an empty message when no events are displayed
- Fixed the next airing wrapping to two lines on the recording priority page
- Selecting "Sign Out" after selecting "Switch User" from the app's home screen no longer shows homescreen content below the confirmation modal
Plex Media Player 2.6.0.803
- Desktop web-client updated to 3.37.2
- Added subtitle support for videos in the photo player
- Remember last active library when switching between dashboard types"
- Fixed the type dropdown showing collections for Live TV
- Fixed missing separator line for Online Content in libraries
- Fixed an issue with the player controls sometimes unexpectedly disappearing after changing playing item
- Fixed video restarting from offset when changing the audio or subtitle streams
- Fixed movie filters dropdown getting cut off on certain screen sizes
- Fixed an issue where it wasn't possible to close the player until the content finished loading
- Fixed the player remaining paused after changing an item in the play queue
- Fixed title getting cut off on Live TV preplay pages
- Fixed the player controls briefly appearing when closing the player
- Fixed seeking in Live TV playback in desktop mode
- Fixed a rare bug that could cause the app to become unresponsive to key input after signing in
- Fixed some issues with item actions for some older servers
- Fixed an issue that prevented using keyboard shortcuts to mark an item as unwatched
Plex Media Player 2.5.0.792
- Updated translations
- Fixed the titles for recently added TV shows
- Fixed the player sometimes not being able to play watch later/recommended videos
- Fixed bug that could cause app to fail to load
- Fixed cases where playback would error or fallback to a transcode near the end of a video
- Fixed issues with Apple IR remotes on High Sierra