CDHaha Download


2020-02-06 | [20,275]

Google Chrome 80 Stable

,

Google ChromeGoogle Chrome是一个由Google开发的网页浏览器,“Chrome”是化学元素“铬”的英文名称。“谷歌浏览器”(以下简称Chrome)采用BSD许可证授权并开放源代码,开源计划名为Chromium,截至2010年8月1日Chrome占浏览器市占率7.16%排名第3,仅次于Windows Internet Explorer和Mozilla Firefox。其代码是基于其他开放源代码软件所撰写,包括WebKit和Mozilla,并开发出称为“V8”的高效能JavaScript引擎。Chrome 的整体发展目标是提升稳定性、速度和安全性,并创造出简单且有效率的用户界面。CNET旗下的Download.com网站评出的2008年6大最佳Windows应用程序,其中 Chrome 排名首位。

The Chrome team is delighted to announce the promotion of Chrome 80 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.

Chrome 80.0.3987.87 contains a number of fixes and improvements — a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 80.

Security Fixes and Rewards

This update includes 56 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
[$5000][1034394] High CVE-2020-6381: Integer overflow in JavaScript. Reported by The UK’s National Cyber Security Centre (NCSC) on 2019-12-09
[$2000][1031909] High CVE-2020-6382: Type Confusion in JavaScript. Reported by Soyeon Park and Wen Xu from SSLab, Gatech on 2019-12-08
[$500][1020745] High CVE-2019-18197: Multiple vulnerabilities in XML. Reported by BlackBerry Security Incident Response Team on 2019-11-01
[$500][1042700] High CVE-2019-19926: Inappropriate implementation in SQLite. Reported by Richard Lorenz, SAP on 2020-01-16
[$N/A][1035399] High CVE-2020-6385: Insufficient policy enforcement in storage. Reported by Sergei Glazunov of Google Project Zero on 2019-12-18
[$N/A][1038863] High CVE-2019-19880, CVE-2019-19925: Multiple vulnerabilities in SQLite. Reported by Richard Lorenz, SAP on 2020-01-03
[$N/A][1042535] High CVE-2020-6387: Out of bounds write in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2020-01-16
[$N/A][1042879] High CVE-2020-6388: Out of bounds memory access in WebAudio. Reported by Sergei Glazunov of Google Project Zero on 2020-01-16
[$N/A][1042933] High CVE-2020-6389: Out of bounds write in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2020-01-16
[$N/A][1045874] High CVE-2020-6390: Out of bounds memory access in streams. Reported by Sergei Glazunov of Google Project Zero on 2020-01-27
[$10000][1017871] Medium CVE-2020-6391: Insufficient validation of untrusted input in Blink. Reported by Michał Bentkowski of Securitum on 2019-10-24
[$5000][1030411] Medium CVE-2020-6392: Insufficient policy enforcement in extensions. Reported by Microsoft Edge Team on 2019-12-03
[$5000][1035058] Medium CVE-2020-6393: Insufficient policy enforcement in Blink. Reported by Mark Amery on 2019-12-17
[$3000][1014371] Medium CVE-2020-6394: Insufficient policy enforcement in Blink. Reported by Phil Freo on 2019-10-15
[$3000][1022855] Medium CVE-2020-6395: Out of bounds read in JavaScript. Reported by Pierre Langlois from Arm on 2019-11-08
[$3000][1035271] Medium CVE-2020-6396: Inappropriate implementation in Skia. Reported by William Luc Ritchie on 2019-12-18
[$2000][1027408] Medium CVE-2020-6397: Incorrect security UI in sharing. Reported by Khalil Zhani on 2019-11-22
[$2000][1032090] Medium CVE-2020-6398: Uninitialized use in PDFium. Reported by pdknsk on 2019-12-09
[$2000][1039869] Medium CVE-2020-6399: Insufficient policy enforcement in AppCache. Reported by Luan Herrera (@lbherrera_) on 2020-01-07
[$1000][1038036] Medium CVE-2020-6400: Inappropriate implementation in CORS. Reported by Takashi Yoneuchi (@y0n3uchy) on 2019-12-27
[$500][1017707] Medium CVE-2020-6401: Insufficient validation of untrusted input in Omnibox. Reported by Tzachy Horesh on 2019-10-24
[$500][1029375] Medium CVE-2020-6402: Insufficient policy enforcement in downloads. Reported by Vladimir Metnew (@vladimir_metnew) on 2019-11-28
[$TBD][1006012] Medium CVE-2020-6403: Incorrect security UI in Omnibox. Reported by Khalil Zhani on 2019-09-19
[$N/A][1024256] Medium CVE-2020-6404: Inappropriate implementation in Blink. Reported by kanchi on 2019-11-13
[$N/A][1042145] Medium CVE-2020-6405: Out of bounds read in SQLite. Reported by Yongheng Chen(Ne0) & Rui Zhong(zr33) on 2020-01-15
[$N/A][1042254] Medium CVE-2020-6406: Use after free in audio. Reported by Sergei Glazunov of Google Project Zero on 2020-01-15
[$N/A][1042578] Medium CVE-2019-19923: Out of bounds memory access in SQLite. Reported by Richard Lorenz, SAP on 2020-01-16
[$1000][1026546] Low CVE-2020-6408: Insufficient policy enforcement in CORS. Reported by Zhong Zhaochen of andsecurity.cn on 2019-11-20
[$1000][1037889] Low CVE-2020-6409: Inappropriate implementation in Omnibox. Reported by Divagar S and Bharathi V from Karya Technologies on 2019-12-26
[$500][881675] Low CVE-2020-6410: Insufficient policy enforcement in navigation. Reported by evi1m0 of Bilibili Security Team on 2018-09-07
[$500][929711] Low CVE-2020-6411: Insufficient validation of untrusted input in Omnibox. Reported by Khalil Zhani on 2019-02-07
[$N/A][968505] Low CVE-2020-6412: Insufficient validation of untrusted input in Omnibox. Reported by Zihan Zheng (@zzh1996) of University of Science and Technology of China on 2019-05-30
[$N/A][1005713] Low CVE-2020-6413: Inappropriate implementation in Blink. Reported by Michał Bentkowski of Securitum on 2019-09-19
[$N/A][1021855] Low CVE-2020-6414: Insufficient policy enforcement in Safe Browsing. Reported by Lijo A.T on 2019-11-06
[$N/A][1029576] Low CVE-2020-6415: Inappropriate implementation in JavaScript. Reported by Avihay Cohen @ SeraphicAlgorithms on 2019-11-30
[$N/A][1031895] Low CVE-2020-6416: Insufficient data validation in streams. Reported by Woojin Oh(@pwn_expoit) of STEALIEN on 2019-12-08
[$N/A][1033824] Low CVE-2020-6417: Inappropriate implementation in installer. Reported by Renato “Wrath” Moraes and Altieres “FallenHawk” Rohr on 2019-12-13

[1032080] Various fixes from internal audits, fuzzing and other initiatives

 

Back Top

Responses to “Google Chrome 80 Stable”

Comments (0) Trackbacks (0) Leave a comment Trackback url
  1. No comments yet.
  1. No trackbacks yet.

Back Top

Leave a Reply