Jump to content

Google Chrome 88.0.4224.86 Dual x86x64 Silent


Recommended Posts

 

Chrome-navegar.jpg

 

Google released Chrome 88 to the stable channel on January 19, 2021. The new browser version includes some cool changes, including an improved dark theme for Windows 10 and the beginning of less intrusive permission prompts. Here are the highlights.

 

Better Dark Theme Support on Windows 10

chrome 88 dark scroll bars

Chrome has supported Windows 10’s system-wide dark theme for a while, but Chrome 88 makes it a little better. Dark Theme now applies to scroll bars on many of Chrome’s internal pages. That includes Settings, Bookmarks, History, New Tab Page, and more. It’s not yet present on websites that support dark themes.

No More FTP in Google Chrome

With Chrome 88, Google Chrome no longer supports FTP URLs—in other words, ftp:// addresses.

FTP support is a legacy feature that has no support for encrypted connections (no FTPS). An attacker could modify files you’re downloading in transit, unlike with encrypted HTTPS or FTPS where this isn’t possible. As Chrome and other browsers are shifting toward an always-encrypted web, dropping old protocols like this makes sense.

Google has been working on removing FTP from Chrome for a while, but it was still available for some people—and a flag could enable it. Google’s usage data showed that very few people used FTP. Now, all FTP support is disabled. If you want to use FTP, you’ll need a separate FTP app.

No More Support for Mac OS X Yosemite

Google is officially dropping support for Mac OS X 10.10 Yosemite in Chrome 88. Mac users will need OS X 10.11 El Capitan or newer to use Chrome 88. This shouldn’t come as a shock, since Apple hasn’t supported Yosemite since 2017.

Legacy Browser Add-on Gone for Good

With Chrome 85, Google removed its Legacy Browser Support add-on as the functionality became baked into Chrome. Chrome 88 takes it a step further and disables all installed instances of the add-on.

LBS was designed for IT admins to call up Microsoft Internet Explorer in Chrome for older apps written for that browser as well as intranet sites. Since it’s now built into Chrome, the add-on is unnecessary.

Less Intrusive Permission Requests

permission chip

Chrome 88 is experimenting with a smaller and less intrusive way to ask for permissions. Instead of the pop-up that covers the website content, a new “chip” appears to the left of the URL.

The chip first appears with full text such as “Use Your Location?” After a few seconds, it minimizes to simply a small icon. Clicking the chip, which appears as a blue oval, brings up the permission prompt you’re used to seeing.

You can try out the new permission “chips” right now by enabling the flag at chrome://flags/#permission-chip

Testing Light & Dark Themes for Chrome OS

chrome os light and dark theme

Google is testing more defined light and dark themes for Chromebooks. The theme can be toggled from the Quick Settings menu. Themes affect the Shelf, App Launcher, and Quick Settings panel. Not everything is working 100% right now.

If you’d like to try this out on a Chrome OS system, the flag can be enabled at chrome://flags/#dark-light-mode. After you reboot, the Theme toggle will appear in the Quick Settings.

Tab Search Comes to Desktop

search in the top of the pop up

Chrome 87 brought a handy Tab Search feature to Chromebooks, but it wasn’t available on Windows, Mac, or Linux. Chrome 88 brings it to those platforms via a Chrome flag.

When it’s enabled, you get a drop-down arrow in the top tab bar that shows all of your open tabs when selected. You can then use the integrated search bar to find the tab you’re looking for.

To get this feature in Chrome 88, enable the Tab Search flag at chrome://flags/#enable-tab-search.

Google Chrome 88.0.4224.86  Dual x86x64 Silent 

Password: damas

 

Quote

 

 

 
Edited by 大†Shinegumi†大
Link to post
Share on other sites
  • 3 weeks later...

The stable channel has been updated to 78.0.3904.87 for Windows, Mac, and Linux, which will roll out over the coming days/weeks.

 

Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
 
This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
 
[$7500][1013868] High CVE-2019-13721: Use-after-free in PDFium. Reported by banananapenguin on 2019-10-12
[$TBD][1019226] High CVE-2019-13720: Use-after-free in audio. Reported by Anton Ivanov and Alexey Kulaev at Kaspersky Labs on 2019-10-29
 
Google is aware of reports that an exploit for CVE-2019-13720 exists in the wild.

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
 
 

 

A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
 
 
Srinivas Sista
Google Chrome
Link to post
Share on other sites

56 security vulnerabilities fixed

The Chrome 80 release fixes 56 security vulnerabilities, with the following discovered by external researchers:

• High CVE-2020-6381: Integer overflow in JavaScript. Reported by The UK's National Cyber Security Centre (NCSC) on 2019-12-09
• High CVE-2020-6382: Type Confusion in JavaScript. Reported by Soyeon Park and Wen Xu from SSLab, Gatech on 2019-12-08
• High CVE-2019-18197: Multiple vulnerabilities in XML. Reported by BlackBerry Security Incident Response Team on 2019-11-01
• High CVE-2019-19926: Inappropriate implementation in SQLite. Reported by Richard Lorenz, SAP on 2020-01-16
• High CVE-2020-6385: Insufficient policy enforcement in storage. Reported by Sergei Glazunov of Google Project Zero on 2019-12-18
• High CVE-2019-19880, CVE-2019-19925: Multiple vulnerabilities in SQLite. Reported by Richard Lorenz, SAP on 2020-01-03
• High CVE-2020-6387: Out of bounds write in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2020-01-16
• High CVE-2020-6388: Out of bounds memory access in WebAudio. Reported by Sergei Glazunov of Google Project Zero on 2020-01-16
• High CVE-2020-6389: Out of bounds write in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2020-01-16
• High CVE-2020-6390: Out of bounds memory access in streams. Reported by Sergei Glazunov of Google Project Zero on 2020-01-27
• Medium CVE-2020-6391: Insufficient validation of untrusted input in Blink. Reported by Michał Bentkowski of Securitum on 2019-10-24
• Medium CVE-2020-6392: Insufficient policy enforcement in extensions. Reported by Microsoft Edge Team on 2019-12-03
• Medium CVE-2020-6393: Insufficient policy enforcement in Blink. Reported by Mark Amery on 2019-12-17
• Medium CVE-2020-6394: Insufficient policy enforcement in Blink. Reported by Phil Freo on 2019-10-15
• Medium CVE-2020-6395: Out of bounds read in JavaScript. Reported by Pierre Langlois from Arm on 2019-11-08
• Medium CVE-2020-6396: Inappropriate implementation in Skia. Reported by William Luc Ritchie on 2019-12-18
• Medium CVE-2020-6397: Incorrect security UI in sharing. Reported by Khalil Zhani on 2019-11-22
• Medium CVE-2020-6398: Uninitialized use in PDFium. Reported by pdknsk on 2019-12-09
• Medium CVE-2020-6399: Insufficient policy enforcement in AppCache. Reported by Luan Herrera (@lbherrera_) on 2020-01-07
• Medium CVE-2020-6400: Inappropriate implementation in CORS. Reported by Takashi Yoneuchi (@y0n3uchy) on 2019-12-27
• Medium CVE-2020-6401: Insufficient validation of untrusted input in Omnibox. Reported by Tzachy Horesh on 2019-10-24
• Medium CVE-2020-6402: Insufficient policy enforcement in downloads. Reported by Vladimir Metnew (@vladimir_metnew) on 2019-11-28
• Medium CVE-2020-6403: Incorrect security UI in Omnibox. Reported by Khalil Zhani on 2019-09-19
• Medium CVE-2020-6404: Inappropriate implementation in Blink. Reported by kanchi on 2019-11-13
• Medium CVE-2020-6405: Out of bounds read in SQLite. Reported by Yongheng Chen(Ne0) & Rui Zhong(zr33) on 2020-01-15
• Medium CVE-2020-6406: Use after free in audio. Reported by Sergei Glazunov of Google Project Zero on 2020-01-15
• Medium CVE-2019-19923: Out of bounds memory access in SQLite. Reported by Richard Lorenz, SAP on 2020-01-16
• Low CVE-2020-6408: Insufficient policy enforcement in CORS. Reported by Zhong Zhaochen of andsecurity.cn on 2019-11-20
• Low CVE-2020-6409: Inappropriate implementation in Omnibox. Reported by Divagar S and Bharathi V from Karya Technologies on 2019-12-26
• Low CVE-2020-6410: Insufficient policy enforcement in navigation. Reported by evi1m0 of Bilibili Security Team on 2018-09-07
• Low CVE-2020-6411: Insufficient validation of untrusted input in Omnibox. Reported by Khalil Zhani on 2019-02-07
• Low CVE-2020-6412: Insufficient validation of untrusted input in Omnibox. Reported by Zihan Zheng (@zzh1996) of University of Science and Technology of China on 2019-05-30
• Low CVE-2020-6413: Inappropriate implementation in Blink. Reported by Michał Bentkowski of Securitum on 2019-09-19
• Low CVE-2020-6414: Insufficient policy enforcement in Safe Browsing. Reported by Lijo A.T on 2019-11-06
• Low CVE-2020-6415: Inappropriate implementation in JavaScript. Reported by Avihay Cohen @ SeraphicAlgorithms on 2019-11-30
• Low CVE-2020-6416: Insufficient data validation in streams. Reported by Woojin Oh(@pwn_expoit) of STEALIEN on 2019-12-08
• Low CVE-2020-6417: Inappropriate implementation in installer. Reported by Renato "Wrath" Moraes and Altieres "FallenHawk" Rohr on 2019-12-13

Link to post
Share on other sites

The stable channel has been updated to 80.0.3987.122 for Windows, Mac, and Linux, which will roll out over the coming days/weeks.



 

A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

 
Security Fixes and Rewards

 
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
 
This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
 
[$5000][1044570] High: Integer overflow in ICU. Reported by André Bargull on 2020-01-22
[N/A][1045931] High CVE-2020-6407: Out of bounds memory access in streams. Reported by Sergei Glazunov of Google Project Zero on 2020-01-27
 
This release also contains:
[N/A][1053604] High CVE-2020-6418: Type confusion in V8. Reported by Clement Lecigne of Google's Threat Analysis Group on 2020-02-18
 
Google is aware of reports that an exploit for CVE-2020-6418 exists in the wild.
 
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
Link to post
Share on other sites

The stable channel has been updated to 80.0.3987.162 for Windows, Mac, and Linux, which will roll out over the coming days/weeks.




 

A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
 
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
 
This update includes 8 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
 
[$TBD][1062247] High CVE-2020-6450: Use after free in WebAudio. Reported by Man Yue Mo of Semmle Security Research Team on 2020-03-17
[$TBD][1061018] High CVE-2020-6451: Use after free in WebAudio. Reported by Man Yue Mo of Semmle Security Research Team on 2020-03-12
[$N/A][1059764] High CVE-2020-6452: Heap buffer overflow in media. Reported by asnine on 2020-03-09
 
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1066247] Various fixes from internal audits, fuzzing and other initiatives
Link to post
Share on other sites

The stable channel has been updated to 80.0.3987.163 for Windows, Mac, and Linux, which will roll out over the coming days/weeks.


 

A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
Link to post
Share on other sites

The Chrome team is delighted to announce the promotion of Chrome 81 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.


Chrome 81.0.4044.92 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 81.


 

Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.


 

This update includes 32 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.


 

[$7500][1019161] High CVE-2020-6454: Use after free in extensions. Reported by Leecraso and Guang Gong of Alpha Lab, Qihoo 360 on 2019-10-29
[$5000][1043446] High CVE-2020-6423: Use after free in audio. Reported by Anonymous on 2020-01-18
[$3000][1059669] High CVE-2020-6455: Out of bounds read in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of Alpha Lab, Qihoo 360 on 2020-03-09
[$2000][1031479] Medium CVE-2020-6430: Type Confusion in V8. Reported by Avihay Cohen @ SeraphicAlgorithms on 2019-12-06
[$2000][1040755] Medium CVE-2020-6456: Insufficient validation of untrusted input in clipboard. Reported by Michał Bentkowski of Securitum on 2020-01-10
[$1000][852645] Medium CVE-2020-6431: Insufficient policy enforcement in full screen. Reported by Luan Herrera (@lbherrera_) on 2018-06-14
[$1000][965611] Medium CVE-2020-6432: Insufficient policy enforcement in navigations. Reported by David Erceg on 2019-05-21
[$1000][1043965] Medium CVE-2020-6433: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-01-21
[$500][1048555] Medium CVE-2020-6434: Use after free in devtools. Reported by HyungSeok Han (DaramG) of Theori on 2020-02-04
[$N/A][1032158] Medium CVE-2020-6435: Insufficient policy enforcement in extensions. Reported by Sergei Glazunov of Google Project Zero on 2019-12-09
[$TBD][1034519] Medium CVE-2020-6436: Use after free in window management. Reported by Igor Bukanov from Vivaldi on 2019-12-16
[$500][639173] Low CVE-2020-6437: Inappropriate implementation in WebView. Reported by Jann Horn on 2016-08-19
[$500][714617] Low CVE-2020-6438: Insufficient policy enforcement in extensions. Reported by Ng Yik Phang on 2017-04-24
[$500][868145] Low CVE-2020-6439: Insufficient policy enforcement in navigations. Reported by remkoboonstra on 2018-07-26
[$500][894477] Low CVE-2020-6440: Inappropriate implementation in extensions. Reported by David Erceg on 2018-10-11
[$500][959571] Low CVE-2020-6441: Insufficient policy enforcement in omnibox. Reported by David Erceg on 2019-05-04
[$500][1013906] Low CVE-2020-6442: Inappropriate implementation in cache. Reported by B@rMey on 2019-10-12
[$500][1040080] Low CVE-2020-6443: Insufficient data validation in developer tools. Reported by @lovasoa (Ophir LOJKINE) on 2020-01-08
[$N/A][922882] Low CVE-2020-6444: Uninitialized Use in WebRTC. Reported by mlfbrown on 2019-01-17
[$N/A][933171] Low CVE-2020-6445: Insufficient policy enforcement in trusted types. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-02-18
[$N/A][933172] Low CVE-2020-6446: Insufficient policy enforcement in trusted types. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-02-18
[$N/A][991217] Low CVE-2020-6447: Inappropriate implementation in developer tools. Reported by David Erceg on 2019-08-06
[$N/A][1037872] Low CVE-2020-6448: Use after free in V8. Reported by Guang Gong of Alpha Lab, Qihoo 360 on 2019-12-26


 

Thanks also to Hosein Askari for identifying a vulnerability with the Chromium website.


 

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1067891] Various fixes from internal audits, fuzzing and other initiatives


 

Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.
 
Interested in switching release channels?  Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
 
Thank you,
Prudhvikumar Bommana
Link to post
Share on other sites

The stable channel has been updated to 81.0.4044.113 for Windows, Mac, and Linux, which will roll out over the coming days/weeks.
 A list of all changes is available in the log. Interested in switching release channels?  Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
 Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
 This update includes 1 security fix. Please see the Chrome Security Page for more information.
 [$TBD][1067851] Critical CVE-2020-6457: Use after free in speech recognizer. Reported by Leecraso and Guang Gong of Alpha Lab, Qihoo 360 on 2020-04-04
 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

Link to post
Share on other sites

The stable channel has been updated to 81.0.4044.122 for Windows, Mac, and Linux, which will roll out over the coming days/weeks.





A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

 
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
 
This update includes 8 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
 
[$20000][1065298] High CVE-2020-6459: Use after free in payments. Reported by Zhe Jin from cdsrc of Qihoo 360 on 2020-03-27
[$15000][1063566] High CVE-2020-6460: Insufficient data validation in URL formatting. Reported by Anonymous on 2020-03-21
[$5000][1067270] High CVE-2020-6458: Out of bounds read and write in PDFium. Reported by Aleksandar Nikolic of Cisco Talos on 2020-04-02
 
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1072815] Various fixes from internal audits, fuzzing and other initiatives
Link to post
Share on other sites

The stable channel has been updated to 81.0.4044.138 for Windows, Mac, and Linux, which will roll out over the coming days/weeks.





A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
 

Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

 

This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

 

[$N/A][1073602] High CVE-2020-6831: Stack buffer overflow in SCTP. Reported by Natalie Silvanovich of Google Project Zero on 2020-04-22
[$7500][1071059] High CVE-2020-6464: Type Confusion in Blink. Reported by Looben Yang on 2020-04-15

 

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1077866] Various fixes from internal audits, fuzzing and other initiatives
Link to post
Share on other sites

Other developer features in this release include:

  • ARIA Annotations: New ARIA annotations support screen reader accessibility for comments, suggestions, and text highlights with semantic meanings (similar to <mark>). Additionally, related information can now be tied semantically to an element allowing descriptions, definitions, footnotes, and comments to be tied to another element.
  • ‘auto’ keyword for ‘-webkit-appearance’ CSS property: The -webkit-appearance CSS property has a new auto keyword, which indicates the default appearance of the target element. This is a step on the way to replacing the nonstandard -webkit-appearance property with a future fully standardized appearance property.
  • Barcode Detection API: Chrome now supports the Barcode Detection API, a subset of the Shape Detection API which provides the ability to detect and decode barcodes in an image provided by a script. The image may come from any type of image buffer source such as an <image>, <video>, or <canvas>tag. Previously, supporting barcode detection on a web page required inclusion of a large third-party library. This API is only available on devices with Google Play Services installed and is not available on uncertified devices.
  • CSS contain-intrinsic-size: The contain-intrinsic-size property allows developers to specify a placeholder size which would be used while contain: size is applied. With contain-intrinsic-size specified, elements lay out as if they had a single child with fixed size, the one specified by this property, unless they have an explicit width/height. The motivation for the property is to provide a placeholder sizing for subtree content which is either not yet available or not rendered. There was previously no way to provide this other than sizing the element itself which may not be desirable as it affects how the element lays out in its container. Examples are available from the WICG.
  • CSS Color Adjust: Many operating systems now have a “dark mode” preference. Some browsers already offer an option to transform web pages into a dark theme. The prefers-color-scheme media query lets authors support their own dark theme so they have full control over experiences they build. The meta tag lets a site explicitly opt-in to fully supporting a dark theme so that the browser loads a different user agent sheet and not ever apply transformations.
  • display:inline-grid/grid/inline-flex/flex for <button>: The display keywords inline-grid, grid, inline-flex, and flex now function with the <button>element when the align property is applied. (Demo)
  • ES Modules for shared workers (‘module’ type option): JavaScript now supports modules in shared workers. Setting module type by the constructor’s type attribute, worker scripts are loaded as ES modules and the import statement is available in worker contexts. With this feature, web developers can more easily write programs in a composable way and share them among a page and workers.
  • Improvements to font-display: A few changes have been made to the way font-display works on Chrome. Setting font-display to optional no longer causes relayout. Web font preloading is allowed to slightly block rendering (for all font-display values), so that if the font loads fast enough, Chrome doesn’t need to render with fallback.
  • IndexedDB relaxed durability transactions: IDBDatabase.transaction() now accepts an optional durability argument to control flushing of data to storage. This allows developers to explicitly trade off durability for performance. Previously after writing an IndexedDB transaction, Firefox did not flush to disk but Chrome did. This provided increased durability by guaranteeing that data is written to the device’s disk rather than merely to an intermediate OS cache. Unfortunately, this comes with a significant performance cost. Valid options are "default", "strict", and "relaxed". The "default" option uses whatever behavior is provided by the user agent and is currently the default. An example is shown below. The current value may be read using IDBTransaction.durability.
  • Out-Of-Renderer Cross-Origin Resource Sharing: Out-Of-Renderer Cross-Origin Resource Sharing (OOR-CORS) is a new CORS implementation that inspects network accesses. Chrome’s previous CORS implementation was only available to Blink core parts, XHR, and Fetch APIs, while a simplified implementation was used in other parts of the application. HTTP requests made by some internal modules could not be inspected for CORS at all. The new implementation addresses these shortcomings.
  • Reversed range for <input type=time>: Chrome now supports reversed ranges for <input> elements whose type is time, allowing developers to express time inputs that cross midnight. A reversed range is one where the maximum is less than the minimum. In this state, the input allows values that are less than the minimum or greater than the maximum, but not between them. This functionality has been in the specification for many years, but has not yet been implemented in Chrome.
  • Support “JIS-B5” and “JIS-B4” @page: Chrome now supports two page sizes for the @page rule, both listed in the CSS Paged Media Module Level 3 spec.
  • @supports selector() feature query function: The new @supports function provides feature detection for CSS selectors. Web authors can use this feature to query whether the UA supports the selector before they actually try to apply the specified style rules matching the selector.
  • RTCPeerConnection.canTrickleIceCandidates: The canTrickleIceCandidatesboolean property indicates whether a remote peer is capable of handling trickle candidates. It exposes information from the SDP session description.
  • RTCRtpEncodingParameters.maxFramerate: This encoding parameter allows developers to limit the framerate on a video layer before sending. Use RTCRtpSender.setParameters() to set the new framerate, which takes effect after the current picture is complete. Read it back using RTCRtpEncodingParameters.maxFramerate. Setting maxFramerate to 0 freezes the video on the next frame.
  • RTCRtpSendParameters.degradationPreference: A new attribute for RTCRtpSendParameters called degradationPreference allows developers to control how quality degrades when constraints such as bandwidth or CPU prevent encoding at the configured frame rate and resolution. For example, on a screen share app, users will probably prefer screen legibility over animations. On a video conference users likely prefer a smooth frame rate over a higher resolution. Valid values for degradationPreference are "maintain-framerate", "maintain-resolution", and "balanced".
  • WebXR DOM Overlay: DOM overlay is a feature for immersive AR on handheld devices that lets two-dimensional page content be shown as an interactive transparent layer on top of the WebXR content and camera image. With this feature, developers can use the DOM to create user interfaces for WebXR experiences. For VR, inline sessions are by definition within the DOM. For AR, though, there is no inline mode, making this particularly important for certain use cases. To try the feature, use one of the two samples in Chrome 83. This feature is currently only available on ARCore-based handheld devices.

For a full rundown of what’s new, check out the Chrome 83 milestone hotlist.

Link to post
Share on other sites

This update includes 38 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. 

  • [$TBD][1103195] Critical CVE-2020-6510: Heap buffer overflow in background fetch. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-07-08
  • [$5000][1074317] High CVE-2020-6511: Side-channel information leakage in content security policy. Reported by Mikhail Oblozhikhin on 2020-04-24
  • [$5000][1084820] High CVE-2020-6512: Type Confusion in V8. Reported by nocma, leogan, cheneyxu of WeChat Open Platform Security Team on 2020-05-20
  • [$2000][1091404] High CVE-2020-6513: Heap buffer overflow in PDFium. Reported by Aleksandar Nikolic of Cisco Talos on 2020-06-04
  • [$TBD][1076703] High CVE-2020-6514: Inappropriate implementation in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2020-04-30 
  • [$TBD][1082755] High CVE-2020-6515: Use after free in tab strip. Reported by DDV_UA on 2020-05-14
  • [$TBD][1092449] High CVE-2020-6516: Policy bypass in CORS. Reported by Yongke Wang of Tencent's Xuanwu Lab (xlab.tencent.com) on 2020-06-08
  • [$TBD][1095560] High CVE-2020-6517: Heap buffer overflow in history. Reported by ZeKai Wu (@hellowuzekai) of Tencent Security Xuanwu Lab on 2020-06-16
  • [$3000][986051] Medium CVE-2020-6518: Use after free in developer tools. Reported by David Erceg on 2019-07-20
  • [$3000][1064676] Medium CVE-2020-6519: Policy bypass in CSP. Reported by Gal Weizman (@WeizmanGal) of PerimeterX on 2020-03-25
  • [$1000][1092274] Medium CVE-2020-6520: Heap buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2020-06-08
  • [$500][1075734] Medium CVE-2020-6521: Side-channel information leakage in autofill. Reported by Xu Lin (University of Illinois at Chicago), Panagiotis Ilia (University of Illinois at Chicago), Jason Polakis (University of Illinois at Chicago) on 2020-04-27
  • [$TBD][1052093] Medium CVE-2020-6522: Inappropriate implementation in external protocol handlers. Reported by Eric Lawrence of Microsoft on 2020-02-13
  • [$N/A][1080481] Medium CVE-2020-6523: Out of bounds write in Skia. Reported by Liu Wei and Wu Zekai of Tencent Security Xuanwu Lab on 2020-05-08
  • [$N/A][1081722] Medium CVE-2020-6524: Heap buffer overflow in WebAudio. Reported by Sung Ta (@Mipu94) of SEFCOM Lab, Arizona State University on 2020-05-12
  • [$N/A][1091670] Medium CVE-2020-6525: Heap buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2020-06-05
  • [$1000][1074340] Low CVE-2020-6526: Inappropriate implementation in iframe sandbox. Reported by Jonathan Kingston on 2020-04-24
  • [$500][992698] Low CVE-2020-6527: Insufficient policy enforcement in CSP. Reported by Zhong Zhaochen of andsecurity.cn on 2019-08-10
  • [$500][1063690] Low CVE-2020-6528: Incorrect security UI in basic auth. Reported by Rayyan Bijoora on 2020-03-22
  • [$N/A][978779] Low CVE-2020-6529: Inappropriate implementation in WebRTC. Reported by kaustubhvats7 on 2019-06-26
  • [$N/A][1016278] Low CVE-2020-6530: Out of bounds memory access in developer tools. Reported by myvyang on 2019-10-21
  • [$TBD][1042986] Low CVE-2020-6531: Side-channel information leakage in scroll to text. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-01-17
  • [$N/A][1069964] Low CVE-2020-6533: Type Confusion in V8. Reported by Avihay Cohen @ SeraphicAlgorithms on 2020-04-11
  • [$N/A][1072412] Low CVE-2020-6534: Heap buffer overflow in WebRTC. Reported by Anonymous on 2020-04-20
  • [$TBD][1073409] Low CVE-2020-6535: Insufficient data validation in WebUI. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-04-22
  • [$TBD][1080934] Low CVE-2020-6536: Incorrect security UI in PWAs. Reported by Zhiyang Zeng of Tencent security platform department on 2020-05-09
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible for a wide range of fixes: 
  • [1105224] Various fixes from internal audits, fuzzing and other initiatives
Link to post
Share on other sites

Correcciones de seguridad

Chrome 85 implementa 20 correcciones de seguridad. Investigadores externos encontraron lo siguiente:

  • [$ N / A] [ 1109120 ] Alto CVE-2020-6558: Cumplimiento de políticas insuficiente en iOS. Reportado por Alison Huffman, Microsoft Browser Vulnerability Research el 2020-07-24
  • [$ TBD] [ 1116706 ] Alto CVE-2020-6559: usar después de la API gratuita en la presentación. Reportado por Liu Wei y Wu Zekai de Tencent Security Xuanwu Lab el 2020-08-15
  • [$ 5000] [ 1108181 ] Medio CVE-2020-6560: Cumplimiento de políticas insuficiente en la función de autocompletar. Reportado por Nadja Ungethuem de www.unnex.de el 2020-07-22
  • [$ 1000] [ 932892 ] Medio CVE-2020-6561: Implementación inapropiada en la Política de seguridad de contenido. Reportado por Rob Wu el 2019-02-16
  • [$ 1000] [ 1086845 ] Medio CVE-2020-6562: Cumplimiento de políticas insuficiente en Blink. Reportado por Masato Kinugawa el 2020-05-27
  • [$ 1000] [ 1104628 ] Medio CVE-2020-6563: Cumplimiento de políticas insuficiente en el manejo de intenciones. Reportado por Pedro Oliveira el 2020-07-12
  • [$ 500] [ 841622 ] Medio CVE-2020-6564: IU de seguridad incorrecta en los permisos. Reportado por Khalil Zhani el 2018-05-10
  • [$ 500] [ 1029907 ] Medio CVE-2020-6565: IU de seguridad incorrecta en Omnibox. Reportado por Khalil Zhani el 2019-12-02
  • [$ N / A] [ 1065264 ] Medio CVE-2020-6566: Cumplimiento de políticas insuficiente en los medios. Reportado por Jun Kokatsu, Microsoft Browser Vulnerability Research el 2020-03-27
  • [$ 500] [ 937179 ] Bajo CVE-2020-6567: validación insuficiente de la entrada no confiable en el manejo de la línea de comandos. Reportado por Joshua Graham de TSS el 2019-03-01
  • [$ 500] [ 1092451 ] CVE-2020-6568 bajo: Cumplimiento de políticas insuficiente en el manejo de intenciones. Informado por Yongke Wang (@Rudykewang) y Aryb1n (@ aryb1n) de Tencent Security Xuanwu Lab (Tencent Security Xuanwu Lab) el 2020-06 -08
  • [$ N / A] [ 995732 ] Bajo CVE-2020-6569: Desbordamiento de enteros en WebUSB. Reportado por guaixiaomei el 2019-08-20
  • [$ N / A] [ 1084699 ] Bajo CVE-2020-6570: Fuga de información de canal lateral en WebRTC. Reportado por Signal / Tenable el 2020-05-19
  • [$ N / A] [ 1085315 ] CVE-2020-6571 bajo: IU de seguridad incorrecta en el cuadro multifunción. Reportado por Rayyan Bijoora el 2020-05-21
  • [ 1121299 ] Varias correcciones de auditorías internas, fuzzing y otras iniciativas

Por lo tanto, Google gastó al menos $ 10,000 en recompensas por errores para esta versión, una pequeña cantidad en comparación con su gasto habitual. Como siempre, las correcciones de seguridad por sí solas deberían ser un incentivo suficiente para que actualice.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...