Chrome 36.0.1985.125 released
FYI...
Chrome 36.0.1985.125 released
- https://secunia.com/advisories/60077/
Release Date: 2014-07-17
Criticality: Moderately Critical
Where: From remote
Impact: Unknown, Security Bypass
CVE Reference(s): CVE-2014-3160, CVE-2014-3162
... vulnerabilities are reported in versions prior to 36.0.1985.125.
Solution: Upgrade to version 36.0.1985.125.
Original Advisory:
- http://googlechromereleases.blogspot...el-update.html
"... This update includes 26 security fixes..."
:fear:
Chrome 36.0.1985.143 released
FYI...
Chrome 36.0.1985.143 released
- http://googlechromereleases.blogspot...el-update.html
Aug 12, 2014 - "The Stable Channel has been updated to 36.0.1985.143 for Windows, Mac and Linux. This release contains a Flash Player update... This update includes -12- security fixes..."
- https://web.nvd.nist.gov/view/vuln/d...=CVE-2014-3165 - 7.5 (HIGH)
- https://web.nvd.nist.gov/view/vuln/d...=CVE-2014-3166 - 5.0
- https://web.nvd.nist.gov/view/vuln/d...=CVE-2014-3167 - 7.5 (HIGH)
___
- http://www.securitytracker.com/id/1030732
CVE Reference: CVE-2014-3165, CVE-2014-3166, CVE-2014-3167
Aug 14 2014
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 36.0.1985.143
Impact: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system...
Solution: The vendor has issued a fix (36.0.1985.143)...
:fear:
Chrome 37.0.2062.94 released
FYI...
Chrome 37.0.2062.94 released
- http://googlechromereleases.blogspot...update_26.html
Aug 26, 2014 - "... promotion of Chrome 37 to the stable channel for Windows, Mac and Linux. Chrome 37.0.2062.94 contains a number of fixes and improvements, including:
- DirectWrite support on Windows for improved font rendering
- A number of new apps/extension APIs
- Lots of under the hood changes for stability and performance...
This update includes -50- security fixes..."
- https://secunia.com/advisories/60268/
Release Date: 2014-08-27
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Security Bypass, Spoofing, System access...
CVE Reference(s): CVE-2014-3168, CVE-2014-3169, CVE-2014-3170, CVE-2014-3171, CVE-2014-3172,
CVE-2014-3173, CVE-2014-3174, CVE-2014-3175, CVE-2014-3176, CVE-2014-3177 ...
Some vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system...
Solution: Upgrade to version 37.0.2062.94...
- http://www.securitytracker.com/id/1030767
CVE Reference: CVE-2014-3168, CVE-2014-3169, CVE-2014-3170, CVE-2014-3171, CVE-2014-3172, CVE-2014-3173, CVE-2014-3174, CVE-2014-3175, CVE-2014-3176, CVE-2014-3177
Aug 28 2014
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 37.0.2062.94 ...
___
- https://www.us-cert.gov/ncas/current...Updates-Chrome
Aug 27, 2014 - "...update includes 50 security fixes some of which could allow a remote attacker to obtain unauthorized access or cause a denial of service..."
:fear: :blink:
Chrome 37.0.2062.120 released
FYI...
Chrome 37.0.2062.120 released
- http://googlechromereleases.blogspot...-update_9.html
Sep 9, 2014 - "The stable channel has been updated to 37.0.2062.120 for Windows, Mac and Linux. This release contains an update for Adobe Flash as well as a number of other fixes...
This update includes 4 security fixes..."
- https://secunia.com/advisories/60988/
Release Date: 2014-09-09
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Security Bypass, System access
CVE Reference(s): CVE-2014-0547, CVE-2014-0548, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559, CVE-2014-3178, CVE-2014-3179
... vulnerabilities are reported in versions prior to 37.0.2062.120.
Solution: Update to version 37.0.2062.120.
:fear:
Chrome 37.0.2062.124 released
FYI...
Chrome 37.0.2062.124 released
- http://googlechromereleases.blogspot...update_24.html
Sep 24, 2014 - "The stable channel has been updated to 37.0.2062.124 for Windows and Mac.
This build contains a security change:
[414124] RSA signature malleability in NSS (CVE-2014-1568)..."
> https://www.us-cert.gov/ncas/current...-Vulnerability
Sep 24, 2014
- http://www.kb.cert.org/vuls/id/772676
24 Sep 2014 - "... This vulnerability may allow an attacker to forge a RSA signature, such as a SSL certificate..."
- http://www.securitytracker.com/id/1030900
CVE Reference: https://web.nvd.nist.gov/view/vuln/d...=CVE-2014-1568 - 7.5 (HIGH)
Sep 24 2014
Impact: Disclosure of system information, Disclosure of user information, Modification of authentication information, Modification of system information, Modification of user information
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 37.0.2062.124 ...
:fear::fear:
Chrome 38.0.2125.101 released
FYI...
Chrome 38.0.2125.101 released
- http://googlechromereleases.blogspot...el-update.html
Oct 7, 2014 - "... Chrome 38.0.2125.101 contains a number of fixes and improvements... This update includes -159- security fixes, including -113- relatively minor fixes found using MemorySanitizer..."
CVE Reference(s): CVE-2014-3188, CVE-2014-3189, CVE-2014-3190, CVE-2014-3191, CVE-2014-3192, CVE-2014-3193, CVE-2014-3194, CVE-2014-3195, CVE-2014-3196, CVE-2014-3197, CVE-2014-3198, CVE-2014-3199, CVE-2014-3200
- https://www.us-cert.gov/ncas/current...-and-Chrome-OS
___
- http://www.securitytracker.com/id/1030980
CVE Reference: CVE-2014-3188, CVE-2014-3189, CVE-2014-3190, CVE-2014-3191, CVE-2014-3192, CVE-2014-3193, CVE-2014-3194, CVE-2014-3195, CVE-2014-3196, CVE-2014-3197, CVE-2014-3198, CVE-2014-3199, CVE-2014-3200
Oct 9 2014
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 38.0.2125.101 ...
:fear::fear:
Chrome 38.0.2125.104 released
FYI...
Chrome 38.0.2125.104 released
- http://googlechromereleases.blogspot...update_14.html
Oct 14, 2014 - "The stable channel has been updated to 38.0.2125.104 for Windows, Mac and Linux. This release contains an update for Adobe Flash as well as a number of other fixes. A full list of changes is available in the log*..."
* https://chromium.googlesource.com/ch...fuller&n=10000
CVE Reference(s): CVE-2014-0558, CVE-2014-0564, CVE-2014-0569
___
- https://www.us-cert.gov/ncas/current...-and-Chrome-OS
Oct 16, 2014
:fear:
Chrome 38.0.2125.122 released
FYI...
Chrome 38.0.2125.122 released
- http://googlechromereleases.blogspot...el-update.html
Nov 11, 2014 - "The stable channel has been updated to 38.0.2125.122 for Windows, Mac and Linux. This release contains an update for Adobe Flash as well as a number of other fixes. A full list of changes is available in the log*..."
* https://chromium.googlesource.com/ch...fuller&n=10000
:fear:
Chrome 39.0.2171.65 released
FYI...
Chrome 39.0.2171.65 released
- http://googlechromereleases.blogspot...update_18.html
Nov 18, 2014 - "... Chrome 39.0.2171.65 contains a number of fixes and improvements, including:
64-bit support for Mac
A number of new apps/extension APIs
Lots of under the hood changes for stability and performance ...
This update includes -42- security fixes..."
___
- http://www.securitytracker.com/id/1031241
CVE Reference: CVE-2014-7899, CVE-2014-7900, CVE-2014-7901, CVE-2014-7902, CVE-2014-7903, CVE-2014-7904, CVE-2014-7905, CVE-2014-7906, CVE-2014-7907, CVE-2014-7908, CVE-2014-7909, CVE-2014-7910
Nov 20 2014
Impact: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can obtain potentially sensitive information.
Solution: The vendor has issued a fix (39.0.2171.65)...
:fear::fear:
Chrome 39.0.2171.71 released
FYI...
Chrome 39.0.2171.71 released
- http://googlechromereleases.blogspot...update_25.html
Nov 25, 2014 - "The stable channel has been updated to 39.0.2171.71 for Windows, Mac and Linux. This release contains an update for Adobe Flash* as well as a number of other fixes..."
* https://helpx.adobe.com/flash-player...ase_notes.html
Nov 25, 2014
:fear::fear: