204 replies to this topic

[AplusWebMaster]

FYI...

Chrome 35.0.1916.153 released
- https://secunia.com/advisories/58585/
Release Date: 2014-06-10
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Security Bypass, Cross Site Scripting, System access
Solution Status: Vendor Patch
CVE Reference(s): CVE-2014-0531, CVE-2014-0532, CVE-2014-0533, CVE-2014-0534, CVE-2014-0535,
CVE-2014-0536, CVE-2014-3154, CVE-2014-3155, CVE-2014-3156, CVE-2014-3157
... vulnerabilities are reported in versions prior to 35.0.1916.153.
Solution: Update to version 35.0.1916.153.
Original Advisory:
- http://googlechromer...nel-update.html
June 10, 2014 - "... This update includes 4 security fixes..."
___

- http://googlechromer...yer-update.html
July 8, 2014 - "We are updating Flash Player to version 14.0.0.145 on Windows and Mac via our component update system (i.e. there will not be a Chrome update)..."
 

Edited by AplusWebMaster, 08 July 2014 - 01:54 PM.

[AplusWebMaster]

FYI...

Chrome 36.0.1985.125 released
- https://secunia.com/advisories/60077/
Release Date: 2014-07-17
Criticality: Moderately Critical
Where: From remote
Impact: Unknown, Security Bypass
CVE Reference(s): CVE-2014-3160, CVE-2014-3162
... vulnerabilities are reported in versions prior to 36.0.1985.125.
Solution: Upgrade to version 36.0.1985.125.
Original Advisory:
- http://googlechromer...nel-update.html
"... This update includes 26 security fixes..."
 

[AplusWebMaster]

FYI...

Chrome 36.0.1985.143 released
- http://googlechromer...nel-update.html
Aug 12, 2014 - "The Stable Channel has been updated to 36.0.1985.143 for Windows, Mac and Linux. This release contains a Flash Player update... This update includes -12- security fixes..."

- https://web.nvd.nist...d=CVE-2014-3165 - 7.5 (HIGH)
- https://web.nvd.nist...d=CVE-2014-3166 - 5.0
- https://web.nvd.nist...d=CVE-2014-3167 - 7.5 (HIGH)
___

- http://www.securityt....com/id/1030732
CVE Reference: CVE-2014-3165, CVE-2014-3166, CVE-2014-3167
Aug 14 2014
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 36.0.1985.143
Impact: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system...
Solution: The vendor has issued a fix (36.0.1985.143)...
 

Edited by AplusWebMaster, 14 August 2014 - 03:49 AM.

[AplusWebMaster]

FYI...

Chrome 37.0.2062.94 released
- http://googlechromer...-update_26.html
Aug 26, 2014 - "... promotion of Chrome 37 to the stable channel for Windows, Mac and Linux. Chrome 37.0.2062.94 contains a number of fixes and improvements, including:
 - DirectWrite support on Windows for improved font rendering
 - A number of new apps/extension APIs
 - Lots of under the hood changes for stability and performance...
This update includes -50- security fixes..."

- https://secunia.com/advisories/60268/
Release Date: 2014-08-27
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Security Bypass, Spoofing, System access...
CVE Reference(s): CVE-2014-3168, CVE-2014-3169, CVE-2014-3170, CVE-2014-3171, CVE-2014-3172,
CVE-2014-3173, CVE-2014-3174, CVE-2014-3175, CVE-2014-3176, CVE-2014-3177 ...
Some vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system...
Solution: Upgrade to version 37.0.2062.94...

- http://www.securityt....com/id/1030767
CVE Reference: CVE-2014-3168, CVE-2014-3169, CVE-2014-3170, CVE-2014-3171, CVE-2014-3172, CVE-2014-3173, CVE-2014-3174, CVE-2014-3175, CVE-2014-3176, CVE-2014-3177
Aug 28 2014
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 37.0.2062.94 ...
____

- https://www.us-cert....-Updates-Chrome
Aug 27, 2014 - "...update includes 50 security fixes some of which could allow a remote attacker to obtain unauthorized access or cause a denial of service..."
 

 

Edited by AplusWebMaster, 28 August 2014 - 07:14 AM.

[AplusWebMaster]

FYI...

Chrome 37.0.2062.120 released
- http://googlechromer...l-update_9.html
Sep 9, 2014 - "The stable channel has been updated to 37.0.2062.120 for Windows, Mac and Linux. This release contains an update for Adobe Flash as well as a number of other fixes...
This update includes 4 security fixes..."

- https://secunia.com/advisories/60988/
Release Date: 2014-09-09
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Security Bypass, System access
CVE Reference(s): CVE-2014-0547, CVE-2014-0548, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557,  CVE-2014-0559, CVE-2014-3178, CVE-2014-3179
... vulnerabilities are reported in versions prior to 37.0.2062.120.
Solution: Update to version 37.0.2062.120.
 

[AplusWebMaster]

FYI...

Chrome 37.0.2062.124 released
- http://googlechromer...-update_24.html
Sep 24, 2014 - "The stable channel has been updated to 37.0.2062.124 for Windows and Mac.
This build contains a security change:
[414124] RSA signature malleability in NSS (CVE-2014-1568)..."

> https://www.us-cert....y-Vulnerability
Sep 24, 2014

- http://www.kb.cert.org/vuls/id/772676
24 Sep 2014 - "... This vulnerability may allow an attacker to forge a RSA signature, such as a SSL certificate..."

- http://www.securityt....com/id/1030900
CVE Reference: https://web.nvd.nist...d=CVE-2014-1568 - 7.5 (HIGH)
Sep 24 2014
Impact: Disclosure of system information, Disclosure of user information, Modification of authentication information, Modification of system information, Modification of user information
Fix Available: Yes Vendor Confirmed: Yes  
Version(s): prior to 37.0.2062.124 ...
 

Edited by AplusWebMaster, 26 September 2014 - 03:04 PM.

[AplusWebMaster]

FYI...

Chrome 38.0.2125.101 released
- http://googlechromer...nel-update.html
Oct 7, 2014 - "... Chrome 38.0.2125.101 contains a number of fixes and improvements... This update includes -159- security fixes, including -113- relatively minor fixes found using MemorySanitizer..."
CVE Reference(s): CVE-2014-3188, CVE-2014-3189, CVE-2014-3190, CVE-2014-3191, CVE-2014-3192, CVE-2014-3193, CVE-2014-3194, CVE-2014-3195, CVE-2014-3196, CVE-2014-3197, CVE-2014-3198, CVE-2014-3199, CVE-2014-3200

- https://www.us-cert....e-and-Chrome-OS
___

- http://www.securityt....com/id/1030980
CVE Reference: CVE-2014-3188, CVE-2014-3189, CVE-2014-3190, CVE-2014-3191, CVE-2014-3192, CVE-2014-3193, CVE-2014-3194, CVE-2014-3195, CVE-2014-3196, CVE-2014-3197, CVE-2014-3198, CVE-2014-3199, CVE-2014-3200
Oct 9 2014
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 38.0.2125.101 ...
 

Edited by AplusWebMaster, 10 October 2014 - 06:43 AM.

[AplusWebMaster]

FYI...

Chrome 38.0.2125.104 released
- http://googlechromer...-update_14.html
Oct 14, 2014 - "The stable channel has been updated to 38.0.2125.104 for Windows, Mac and Linux. This release contains an update for Adobe Flash as well as a number of other fixes. A full list of changes is available in the log*..."
* https://chromium.goo...=fuller&n=10000

CVE Reference(s): CVE-2014-0558, CVE-2014-0564, CVE-2014-0569
___

- https://www.us-cert....e-and-Chrome-OS
Oct 16, 2014
 

Edited by AplusWebMaster, 17 October 2014 - 02:56 AM.

[AplusWebMaster]

FYI...

Chrome 38.0.2125.122 released
- http://googlechromer...nel-update.html
Nov 11, 2014 - "The stable channel has been updated to 38.0.2125.122 for Windows, Mac and Linux. This release contains an update for Adobe Flash as well as a number of other fixes. A full list of changes is available in the log*..."
* https://chromium.goo...=fuller&n=10000
 

[AplusWebMaster]

FYI...

Chrome 39.0.2171.65 released
- http://googlechromer...-update_18.html
Nov 18, 2014 - "... Chrome 39.0.2171.65 contains a number of fixes and improvements, including:
 64-bit support for Mac
 A number of new apps/extension APIs
 Lots of under the hood changes for stability and performance ...
This update includes -42- security fixes..."
___

- http://www.securityt....com/id/1031241
CVE Reference: CVE-2014-7899, CVE-2014-7900, CVE-2014-7901, CVE-2014-7902, CVE-2014-7903, CVE-2014-7904, CVE-2014-7905, CVE-2014-7906, CVE-2014-7907, CVE-2014-7908, CVE-2014-7909, CVE-2014-7910
Nov 20 2014
Impact: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can obtain potentially sensitive information.
Solution: The vendor has issued a fix (39.0.2171.65)...
 

Edited by AplusWebMaster, 20 November 2014 - 06:05 AM.

[AplusWebMaster]

FYI...

Chrome 39.0.2171.71 released
- http://googlechromer...-update_25.html
Nov 25, 2014 - "The stable channel has been updated to 39.0.2171.71 for Windows, Mac and Linux. This release contains an update for Adobe Flash* as well as a number of other fixes..."

* https://helpx.adobe....ease_notes.html
Nov 25, 2014
 

[AplusWebMaster]

FYI...

Chrome 39.0.2171.95 released
- http://googlechromer...nel-update.html
Dec 9, 2014 - "The stable channel has been updated to 39.0.2171.95 for Windows, Mac and Linux. This release contains an update for Adobe Flash as well as a number of other fixes..."
 

[AplusWebMaster]

FYI...

Chrome 39.0.2171.99 released
- http://googlechromer...nel-update.html
Jan 13, 2015 - "The stable channel has been updated to 39.0.2171.99 for Windows, Mac and Linux.  This release contains an update for Adobe -Flash- as well as a number of other fixes. A full list of changes is available in the log*..."
* https://chromium.goo...=fuller&n=10000
 

[AplusWebMaster]

FYI...

Chrome 40.0.2214.91 released
- http://googlechromer...ble-update.html
Jan 21 2015 - "... promotion of Chrome 40 to the stable channel for Windows, Mac and Linux. Chrome 40.0.2214.91 contains a number of fixes and improvements, including:
    Updated info dialog for Chrome app on Windows and Linux.
    A new clock behind/ahead error message.
A partial list of changes is available in the log*... This update includes -62- security fixes..."
* https://chromium.goo...=fuller&n=10000

["Comments" read: "... flash player version now 16.287"
___

- http://www.securityt....com/id/1031623
CVE Reference: CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, CVE-2014-7926, CVE-2014-7927, CVE-2014-7928, CVE-2014-7929, CVE-2014-7930, CVE-2014-7931, CVE-2014-7932, CVE-2014-7933, CVE-2014-7934, CVE-2014-7935, CVE-2014-7936, CVE-2014-7937, CVE-2014-7938, CVE-2014-7939, CVE-2014-7940, CVE-2014-7941, CVE-2014-7942, CVE-2014-7943, CVE-2014-7944, CVE-2014-7945, CVE-2014-7946, CVE-2014-7947, CVE-2014-7948, CVE-2015-1205, CVE-2015-1346
Jan 23 2015
Impact: Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 40.0.2214.91 ...
Solution: The vendor has issued a fix (40.0.2214.91)...
 

Edited by AplusWebMaster, 24 January 2015 - 08:05 AM.

[AplusWebMaster]

FYI...

Chrome 40.0.2214.93 released
- http://googlechromer...-update_26.html
Jan 26, 2015 - "The stable channel has been updated to 40.0.2214.93 for Windows, Mac and Linux. A full list of changes is available in the log*..."
* https://chromium.goo...=fuller&n=10000