204 replies to this topic

[AplusWebMaster]

FYI...

Google Chrome v10.0.648.151 released
- http://googlechromer.....table updates
March 17, 2011 - "... updated to 10.0.648.151 for Windows, Mac, Linux and Chrome Frame. This release blacklists a small number of HTTPS certificates..."
- http://googlechromer...updates_15.html
March 15, 2011 - "The Chrome Stable and Beta channels have been updated to 10.0.648.134 for Windows, Mac, Linux and Chrome Frame. This release contains an updated version of the Adobe Flash player..."

- http://techblog.avir...-than-adobe/en/
March 17, 2011 - "... new Chrome version 10.0.648.134 for Windows, Mac and Linux. It only includes a new version of the Flash Player where the recently found zero day vulnerability is already fixed..."

- http://secunia.com/advisories/43757/
Last Update: 2011-03-16 ...
Solution: Update to version 10.0.648.134.
___

- http://www.us-cert.g...es_chrome_10_02
March 17, 2011

Edited by AplusWebMaster, 18 March 2011 - 12:27 PM.

[AplusWebMaster]

FYI...

Google Chrome v10.0.648.204 released
- http://secunia.com/advisories/43859/
Release Date: 2011-03-25
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s): CVE-2011-1291, CVE-2011-1292, CVE-2011-1293, CVE-2011-1294, CVE-2011-1295, CVE-2011-1296 ...
Solution: Update to version 10.0.648.204.
Original Advisory:
http://googlechromer...nel-update.html
___

When clicking on the tool symbol and choosing the 'About Google Chrome' menu entry, the version check should show that Chrome is already on the current release – or offer to download and install the update.

Edited by AplusWebMaster, 25 March 2011 - 12:08 PM.

[AplusWebMaster]

FYI...

Google Chrome v10.0.648.205 released
- http://googlechromer...nel-update.html
April 14, 2011 - "The Chrome Stable channel has been updated to 10.0.648.205 for Windows, Mac, Linux and Chrome Frame. This release contains a new version of Adobe Flash..."

- http://www.securityt....com/id/1025377
Date: Apr 15 2011
- http://web.nvd.nist....d=CVE-2011-1300
- http://web.nvd.nist....d=CVE-2011-1301
- http://web.nvd.nist....d=CVE-2011-1302
Last revised: 04/18/2011
[ALL] ... CVSS v2 Base Score: 10.0 (HIGH)

- http://www.us-cert.g...es_chrome_10_04
Apr 15 2011

Edited by AplusWebMaster, 18 April 2011 - 12:08 PM.

[AplusWebMaster]

FYI...

Chrome v11.0.696.57 released
- http://googlechromer.....table updates
April 27, 2011

- http://chrome.blogspot.com/

- http://secunia.com/advisories/44375/
Release Date: 2011-04-28
Criticality level: Highly critical
Impact: Security Bypass, Spoofing, Exposure of sensitive information, System access
Where: From remote
CVE Reference(s): CVE-2011-1303, CVE-2011-1304, CVE-2011-1305, CVE-2011-1434, CVE-2011-1435, CVE-2011-1436, CVE-2011-1437, CVE-2011-1438, CVE-2011-1439, CVE-2011-1440, CVE-2011-1441, CVE-2011-1442, CVE-2011-1443, CVE-2011-1444, CVE-2011-1445, CVE-2011-1446, CVE-2011-1447, CVE-2011-1448, CVE-2011-1449, CVE-2011-1450, CVE-2011-1451, CVE-2011-1452, CVE-2011-1454, CVE-2011-1455, CVE-2011-1456
Solution: Upgrade to version 11.0.696.57.
Original Advisory: Google Chrome:
http://googlechromer...ble-update.html

- http://www.securityt....com/id/1025453
Apr 28 2011

Edited by AplusWebMaster, 28 April 2011 - 07:57 PM.

[AplusWebMaster]

FYI...

Chrome v11.0.696.68 released
- http://secunia.com/advisories/44591/
Release Date: 2011-05-13
Criticality level: Highly critical
Impact: Exposure of sensitive information, System access
Where: From remote
CVE Reference(s): CVE-2011-0579, "Flash -before- 10.3.181.14..." Severity: 5.0 (MEDIUM)
CVE-2011-0618 -> CVE-2011-0627 "Flash -before- 10.3.181.14..." Severity: 9.3 (HIGH)
CVE-2011-1799 & CVE-2011-1800 "Chrome -before- 11.0.696.68..." Severity: 6.8 (MEDIUM)
- http://web.nvd.nist....iew/vuln/search
Solution: Update to version 11.0.696.68.

When clicking on the tool symbol and choosing the 'About Google Chrome' menu entry, the version check should show that Chrome is already on the current release – or offer to download and install the update.
___

- http://www.darkreadi...le/id/229403161
May 10, 2011 - "... exploit... using Chrome v11.0.696.65 on Win7SP1 (x64), with the user being lured to visit a malware-rigged Web page, also bypasses [ASLR, DEP], and works on all Windows systems, including Win7/SP1, Vista/SP2, and XP/SP3..."
___

- http://googleblog.bl...er-is-back.html
5/13/2011 10:33AM PST - "... sorry that you’ve been unable to publish to Blogger for the past 20.5 hours... what happened: during scheduled maintenance work Wednesday night, we experienced some data corruption..."
___

- http://googlechromer...nel-update.html
5/13/2011 10:51AM PST - "... updated to 11.0.696.68..."

Edited by AplusWebMaster, 17 May 2011 - 08:33 AM.

[AplusWebMaster]

FYI...

Chrome v11.0.696.71 released
- http://secunia.com/advisories/44678/
Release Date: 2011-05-25
Criticality level: Highly critical
Impact: Security Bypass, System access
Where: From remote
Solution Status: Vendor Patch
CVE Reference(s):
- http://web.nvd.nist....d=CVE-2011-1801
- http://web.nvd.nist....d=CVE-2011-1804
- http://web.nvd.nist....d=CVE-2011-1806
- http://web.nvd.nist....d=CVE-2011-1807
Last revised: 05/26/2011
... vulnerabilities are reported in versions prior to 11.0.696.71.
Solution: Update to version 11.0.696.71.
Original Advisory:
http://googlechromer...-update_24.html

Edited by AplusWebMaster, 26 May 2011 - 09:55 PM.

[AplusWebMaster]

FYI...

Chrome v11.0.696.77 released
- http://googlechromer...nel-update.html
June 5, 2011 - "The Chrome Stable channel has been updated to 11.0.696.77 for all platforms. This release contains an updated version of Adobe Flash..."

- http://krebsonsecuri...-zero-day-flaw/
June 5th, 2011 - "Adobe released an emergency security update today to fix a vulnerability that the company warned is being actively exploited in targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message... The vulnerability — a cross-site scripting bug that could be used to take actions on a user’s behalf on any Web site or Webmail provider, exists in Flash Player version 10.3.181.16 and earlier. Google... pushed out an update that fixes this flaw in Chrome..."
___

- http://secunia.com/advisories/44847/
Impact: Cross Site Scripting
Where: From remote...
... The vulnerability is reported in versions prior to 11.0.696.77.
Solution: Update to version 11.0.696.77...

Edited by AplusWebMaster, 06 June 2011 - 06:28 AM.

[AplusWebMaster]

FYI...

Chrome v12.0.742.91 released
- http://secunia.com/advisories/44829/
Release Date: 2011-06-08
Criticality level: Highly critical
Impact: Security Bypass, Cross Site Scripting, Exposure of sensitive information, System access
Where: From remote...
CVE Reference(s): CVE-2011-1808, CVE-2011-1809, CVE-2011-1810, CVE-2011-1811, CVE-2011-1812, CVE-2011-1813, CVE-2011-1814, CVE-2011-1815, CVE-2011-1816, CVE-2011-1817, CVE-2011-1818, CVE-2011-1819, CVE-2011-2332, CVE-2011-2342
Solution: Upgrade to version 12.0.742.91.
Original Advisory:
http://googlechromer...le-release.html

[AplusWebMaster]

FYI...

Chrome v12.0.742.100 released
- http://secunia.com/advisories/44950/
Release Date: 2011-06-15
Criticality level: Extremely critical
Impact: System access
Where: From remote
Solution: Update to version 12.0.742.100.
... Reported as a 0-day in Adobe Flash Player.
Original Advisory: Google:
- http://googlechromer...el-updates.html
June 14, 2011

[AplusWebMaster]

FYI...

Chrome v12.0.742.112 released
- http://googlechromer...-update_28.html
June 28, 2011 - "The Chrome Stable channel has been updated to 12.0.742.112 for all platforms. This release contains an updated version of Adobe Flash*, along with the security fixes..."
* http://kb2.adobe.com...ain_10.3.181.34
___

- http://secunia.com/advisories/45097/
Release Date: 2011-06-29
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2011-2345, CVE-2011-2346, CVE-2011-2347, CVE-2011-2348, CVE-2011-2349, CVE-2011-2350, CVE-2011-2351
Solution: Update to version 12.0.742.112.

- http://www.securityt....com/id/1025730
June 28 2011
CVE Reference: CVE-2011-2345, CVE-2011-2346, CVE-2011-2347, CVE-2011-2348, CVE-2011-2349, CVE-2011-2350, CVE-2011-2351
... prior to 12.0.742.112

Edited by AplusWebMaster, 29 June 2011 - 05:15 AM.

[AplusWebMaster]

FYI...

Chrome v13.0.782.107 released
- http://googlechromer...nel-update.html
August 2, 2011

- http://secunia.com/advisories/45498/
Release Date: 2011-08-03
Criticality level: Highly critical
Impact: Unknown, Security Bypass, Exposure of system information, Exposure of sensitive information, System access
Where: From remote...
Solution: Upgrade to version 13.0.782.107

- http://h-online.com/-1317555
3 August 2011 - "... 14 of the 30 security vulnerabilities fixed by the update are rated as 'high-risk' and include multiple use-after-free errors, cross-origin bugs, and crashes related the built-in PDF viewer and the V8 JavaScript engine used by Chrome. Other holes closed include 9 medium-risk bugs and 7 low-risk issues..."

- http://www.securityt....com/id/1025882
Aug 3 2011
CVE Reference: CVE-2011-2358, CVE-2011-2359, CVE-2011-2360, CVE-2011-2361, CVE-2011-2782, CVE-2011-2783, CVE-2011-2784, CVE-2011-2785, CVE-2011-2786, CVE-2011-2787, CVE-2011-2788, CVE-2011-2789, CVE-2011-2790, CVE-2011-2791, CVE-2011-2792, CVE-2011-2793, CVE-2011-2794, CVE-2011-2795, CVE-2011-2796, CVE-2011-2797, CVE-2011-2798, CVE-2011-2799, CVE-2011-2800, CVE-2011-2801, CVE-2011-2802, CVE-2011-2803, CVE-2011-2804, CVE-2011-2805, CVE-2011-2818, CVE-2011-2819

Edited by AplusWebMaster, 03 August 2011 - 05:31 PM.

[AplusWebMaster]

FYI...

Google Chrome v13.0.782.112 released
- https://secunia.com/advisories/45529/
Release Date: 2011-08-10
Criticality level: Highly critical
Impact: Exposure of sensitive information, System access
Where: From remote
Solution Status: Vendor Patch
CVE Reference(s): CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2425
... vulnerabilities are caused due to a bundled vulnerable version of Adobe Flash Player...
Solution: Update to version 13.0.782.112.
Original Advisory: Google:
http://googlechromer...-update_09.html

[AplusWebMaster]

FYI...

Google Chrome v13.0.782.215 released
- https://secunia.com/advisories/45698/
Release Date: 2011-08-23
Criticality level: Highly critical
Impact: Unknown, Security Bypass, System access
Where: From remote
CVE Reference(s): CVE-2011-2806, CVE-2011-2821, CVE-2011-2822, CVE-2011-2823, CVE-2011-2824, CVE-2011-2825, CVE-2011-2826, CVE-2011-2827, CVE-2011-2828, CVE-2011-2829, CVE-2011-2839
Solution: Update to version 13.0.782.215.
Original Advisory:
http://googlechromer...-update_22.html

> https://www.google.c...mp;answer=95414

Edited by AplusWebMaster, 23 August 2011 - 05:18 AM.

[AplusWebMaster]

FYI...

- http://www.theregist...rome_diginotar/
___

Google Chrome v13.0.782.218 released
- http://googlechromer.....table updates
August 30, 2011 - "The Stable channel has also been updated to 13.0.782.218 for Windows, Mac, Linux, and Chrome Frame. These releases contain an updated version of the Adobe Flash Player. We also disabled a certificate authority (CA)*..."
* http://googleonlines...-in-middle.html

Edited by AplusWebMaster, 05 September 2011 - 10:48 AM.

[AplusWebMaster]

FYI...

Chrome v13.0.782.220 released
- http://googlechromer.....table updates
Saturday, September 3, 2011 - ""The Stable channel has been updated to 13.0.782.220 for Windows, Mac, Linux, and Chrome Frame.
We're revoking trust for SSL certificates issued by DigiNotar-controlled intermediate CAs used by the Dutch PKIoverheid program. For more details about the security issues see the Google Security Blog post about DigiNotar* and an update from Mozilla**, who is also moving to revoke trust in these certificates..."
* http://googleonlines...-in-middle.html
Update Sept 3

** http://blog.mozilla....moval-follow-up