204 replies to this topic

[AplusWebMaster]

FYI...

Chrome v21.0.1180.83 released
- https://secunia.com/advisories/50356/
Release Date: 2012-08-22
Criticality level: Highly critical
Impact: Exposure of sensitive information, System access
Where: From remote
... vulnerabilities are caused due to the application bundling a vulnerable version of Adobe Flash Player.
For more information: https://secunia.com/SA50354/
Solution: Update to a fixed version...
Original Advisory:
http://googlechromer...-update_21.html
August 21, 2012 - "The Stable channel has been updated to 21.0.1180.81 for Linux, 21.0.1180.83 for Windows and Chrome Frame and both Beta and Stable channels have been updated to 21.0.1180.82 for Mac...
These builds also have a new version of Flash with security and other fixes..."

[AplusWebMaster]

FYI...

Chrome v21.0.1180.89 released
- https://secunia.com/advisories/50447/
Release Date: 2012-08-31
Criticality level: Highly critical
Impact: Unknown, Cross Site Scripting, System access
Where: From remote...
CVE Reference(s): CVE-2012-2865, CVE-2012-2866, CVE-2012-2867, CVE-2012-2868, CVE-2012-2869, CVE-2012-2870, CVE-2012-2871, CVE-2012-2872
... vulnerabilities are reported in versions prior to 21.0.1180.89.
Solution: Update to version 21.0.1180.89.
Original Advisory:
http://googlechromer...-update_30.html
___

- http://h-online.com/-1696236
31 August 2012

Edited by AplusWebMaster, 31 August 2012 - 06:04 AM.

[AplusWebMaster]

FYI...

Chrome v22.0.1229.79 released
- https://secunia.com/advisories/50759/
Release Date: 2012-09-26
Criticality level: Highly critical
Impact: Unknown, Security Bypass, Cross Site Scripting, System access
Where: From remote ...
CVE Reference(s): CVE-2012-2874, CVE-2012-2875, CVE-2012-2876, CVE-2012-2877, CVE-2012-2878, CVE-2012-2879, CVE-2012-2880, CVE-2012-2881, CVE-2012-2882, CVE-2012-2883, CVE-2012-2884, CVE-2012-2885, CVE-2012-2886, CVE-2012-2887, CVE-2012-2888, CVE-2012-2889, CVE-2012-2890, CVE-2012-2891, CVE-2012-2892, CVE-2012-2893, CVE-2012-2894, CVE-2012-2895, CVE-2012-2896
Solution: Upgrade to version 22.0.1229.79.
Original Advisory: Google:
http://googlechromer...-update_25.html
___

Security fixes dominate Chrome 22
- http://h-online.com/-1717660
26 Sep 2012 - "... closes more than 40 security holes, of which one is considered to be critical and 19 are rated as 'high severity'..."

Edited by AplusWebMaster, 26 September 2012 - 09:02 AM.

[AplusWebMaster]

FYI...

Chrome v22.0.1229.92 released
- https://secunia.com/advisories/50872/
Release Date: 2012-10-09
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution: Update to version 22.0.1229.92.
Original Advisory: - http://googlechromer...nel-update.html
October 8, 2012 - "... This update contains a number of stability fixes, including an issue with multiple profiles on Mac OS X 10.8.2... These builds also have a new version of Flash with security and other fixes. More information can be found here*..."
* http://helpx.adobe.c...ml#fixed_issues

- http://www.securityt....com/id/1027617
CVE Reference: CVE-2012-2900, CVE-2012-5108, CVE-2012-5109, CVE-2012-5110, CVE-2012-5111
Oct 8 2012
Version(s): prior to 22.0.1229.92
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system...
Solution: The vendor has issued a fix (22.0.1229.92).

Edited by AplusWebMaster, 09 October 2012 - 11:47 PM.

[AplusWebMaster]

FYI...

Chrome v22.0.1229.94 released
- https://secunia.com/advisories/50954/
Release Date: 2012-10-11
Criticality level: Highly critical
Impact: Security Bypass, System access
Where: From remote
CVE Reference: CVE-2012-5112
Solution: Update to version 22.0.1229.94.
Original Advisory: Google:
- http://googlechromer.....table updates
Oct 10, 2012

- http://www.securityt....com/id/1027644
CVE Reference: CVE-2012-5112
Oct 11 2012
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (22.0.1229.94).

- http://web.nvd.nist....d=CVE-2012-5112 - 10.0 (HIGH)
- http://web.nvd.nist....d=CVE-2012-5376 - 10.0 (HIGH)

Edited by AplusWebMaster, 15 October 2012 - 07:49 AM.

[AplusWebMaster]

FYI...

Chrome v23.0.1271.64 released
- http://googlechromer.....table updates
Nov 6, 2012 - "... 23.0.1271.64 for Windows, Mac, Linux, and Chrome Frame. Chrome 23 contains a number of new features including GPU accelerated video decoding on Windows and easier website permissions... referenced bugs may be kept private until a majority of our users are up to date with the fix... This version also has a new Adobe Flash..."
___

- https://secunia.com/advisories/51210/
Release Date: 2012-11-07
Criticality level: Highly critical
Impact: Security Bypass, System access
Where: From remote
CVE Reference(s): CVE-2012-5115, CVE-2012-5116, CVE-2012-5117, CVE-2012-5118, CVE-2012-5119, CVE-2012-5120, CVE-2012-5121, CVE-2012-5122, CVE-2012-5123, CVE-2012-5124, CVE-2012-5125, CVE-2012-5126, CVE-2012-5127, CVE-2012-5128, CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5278, CVE-2012-5279, CVE-2012-5280
Solution: Upgrade to version 23.0.1271.64.
Original Advisory: Google:
http://googlechromer...ta-channel.html

Edited by AplusWebMaster, 07 November 2012 - 04:37 AM.

[AplusWebMaster]

FYI...

Chrome v23.0.1271.91 released
- https://secunia.com/advisories/51437/
Release Date: 2012-11-27
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2012-5130, CVE-2012-5131, CVE-2012-5132, CVE-2012-5133, CVE-2012-5134,
CVE-2012-5135, CVE-2012-5136
... more information see vulnerability #2: https://secunia.com/SA48000/
... vulnerabilities are reported in versions prior to 23.0.1271.91.
Solution: Update to version 23.0.1271.91.
Original Advisory: http://googlechromer...nel-update.html

- http://www.securityt....com/id/1027815
CVE Reference: CVE-2012-5130, CVE-2012-5131, CVE-2012-5132, CVE-2012-5133, CVE-2012-5134, CVE-2012-5135, CVE-2012-5136
Nov 27 2012
Impact: Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 23.0.1271.91 ...

Edited by AplusWebMaster, 28 November 2012 - 02:38 AM.

[AplusWebMaster]

FYI...

Chrome v23.0.1271.95 released
- https://secunia.com/advisories/51447/
Release Date: 2012-11-30
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2012-5137, CVE-2012-5138
... vulnerabilities are reported in versions prior to 23.0.1271.95.
Solution: Update to version 23.0.1271.95.
Original Advisory:
http://googlechromer...-update_29.html

[AplusWebMaster]

FYI...

Chrome v23.0.1271.97 released
- https://secunia.com/advisories/51549/
Release Date: 2012-12-12
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2012-5139, CVE-2012-5140, CVE-2012-5141, CVE-2012-5142, CVE-2012-5143, CVE-2012-5144, CVE-2012-5676, CVE-2012-5677, CVE-2012-5678
For more information: https://secunia.com/SA51560/
... vulnerabilities are reported in versions prior to 23.0.1271.97.
Solution: Update to version 23.0.1271.97.
Original Advisory: Google:
http://googlechromer...nel-update.html
___

- http://h-online.com/-1774354
24 Dec 2012

Edited by AplusWebMaster, 01 January 2013 - 12:22 PM.

[AplusWebMaster]

FYI...

Chrome v24.0.1312.52 released
- https://secunia.com/advisories/51825/
Release Date: 2013-01-11
Criticality level: Highly critical
Impact: Unknown, Security Bypass, System access
Where: From remote
CVE Reference(s): CVE-2012-5145, CVE-2012-5146, CVE-2012-5147, CVE-2012-5148, CVE-2012-5149, CVE-2012-5150, CVE-2012-5151, CVE-2012-5152, CVE-2012-5153, CVE-2012-5154, CVE-2012-5155, CVE-2012-5156, CVE-2012-5157, CVE-2013-0630, CVE-2013-0828, CVE-2013-0829, CVE-2013-0830, CVE-2013-0831, CVE-2013-0832, CVE-2013-0833, CVE-2013-0834, CVE-2013-0835, CVE-2013-0836, CVE-2013-0837, CVE-2013-0838
... vulnerabilities are reported in versions prior to 24.0.1312.52.
Solution: Upgrade to version 24.0.1312.52.
Original Advisory:
- http://googlechromer...nel-update.html
Jan 10, 2013 - "... Chrome 24.0.1312.52 has been updated for Windows, Mac, Linux, and Chrome Frame... This release also contains an update to Flash (11.5.31.137) as well as improvements in speed and stability..."

- http://h-online.com/-1781648
11 Jan 2013

Edited by AplusWebMaster, 11 January 2013 - 07:33 AM.

[AplusWebMaster]

FYI...

Chrome v24.0.1312.56 released
- https://secunia.com/advisories/51935/
Release Date: 2013-01-23
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2013-0839, CVE-2013-0840, CVE-2013-0841, CVE-2013-0842, CVE-2013-0843
... vulnerabilities are reported in versions prior to 24.0.1312.56.
Solution: Update to version 24.0.1312.56.
Original Advisory:
http://googlechromer...-update_22.html
___

- http://www.theregist...b_plugin_prize/
22 Jan 2013

- http://h-online.com/-1791381
25 Jan 2013

Edited by AplusWebMaster, 26 January 2013 - 10:37 AM.

[AplusWebMaster]

FYI...

Chrome v24.0.1312.70 released
- https://secunia.com/advisories/52163/
Release Date: 2013-02-12
Criticality level: Highly critical
Impact: Exposure of sensitive information, System access
Where: From remote...
For more information: https://secunia.com/SA52166/
Solution: Update to version 24.0.1312.70.
Original Advisory:
- http://googlechromer...-update_12.html

[AplusWebMaster]

FYI...

Chrome v25.0.1364.97 released
- https://secunia.com/advisories/52320/
Release Date: 2013-02-22
Criticality level: Highly critical
Impact: Unknown, Security Bypass, System access
Where: From remote
CVE Reference(s): CVE-2013-0879, CVE-2013-0880, CVE-2013-0881, CVE-2013-0882, CVE-2013-0883, CVE-2013-0884, CVE-2013-0885, CVE-2013-0886, CVE-2013-0887, CVE-2013-0888, CVE-2013-0889, CVE-2013-0890, CVE-2013-0891, CVE-2013-0892, CVE-2013-0893, CVE-2013-0894, CVE-2013-0895, CVE-2013-0896, CVE-2013-0897, CVE-2013-0898, CVE-2013-0899, CVE-2013-0900
... vulnerabilities are reported in versions prior to 25.0.1364.97 for Windows and Linux and prior to 25.0.1364.99 for Mac.
Solution: Upgrade to version 25.0.1364.97 for Windows and Linux and 25.0.1364.99 for Mac.
Original Advisory:
- http://googlechromer...-update_21.html
Feb 21, 2013 - "... Chrome 25.0.1364.97 for Windows and Linux, and 25.0.1364.99 for Mac contain a number of new items including:
- Improvements in managing and securing your extensions
- Better support for HTML5 time/date inputs
- JavaScript Web Speech API support
- Better WebGL error handling
- And lots of other features for developers
Security fixes... We’ve also resolved a high severity security issue by disabling MathML in this release. The WebKit MathML implementation isn’t quite ready for prime time yet but we are excited to enable it again in a future release once the security issues have been addressed. Many... bugs were detected using AddressSanitizer..."

[AplusWebMaster]

FYI...

Chrome v25.0.1364.152 released
- http://googlechromer...l-update_4.html
March 4, 2013 - "The Stable channel has been updated to 25.0.1364.152 for Windows and Linux. Note: these release notes also apply to the same version for Mac that was released last Friday. This release contains security and stability improvements along with a number of bug fixes... the referenced bugs may be kept private until a majority of our users are up to date with the fix..."

- https://secunia.com/advisories/52454/
Release Date: 2013-03-05
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote ...
CVE Reference(s): CVE-2013-0902, CVE-2013-0903, CVE-2013-0904, CVE-2013-0905, CVE-2013-0906, CVE-2013-0907, CVE-2013-0908, CVE-2013-0909, CVE-2013-0910, CVE-2013-0911
... vulnerabilities are reported in versions prior to 25.0.1364.152.
Solution: Update to version 25.0.1364.152.

Edited by AplusWebMaster, 05 March 2013 - 05:11 AM.

[AplusWebMaster]

FYI...

Chrome v25.0.1364.160 released
- https://secunia.com/advisories/52534/
Release Date: 2013-03-08
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference: CVE-2013-0912
... vulnerability is reported in versions prior to 25.0.1364.160.
Solution: Update to version 25.0.1364.160.
Original Advisory: Chrome:
http://googlechromer...l-update_7.html
MWR InfoSecurity:
http://labs.mwrinfos...ansecwest-2013/