Google Chrome updates

Chrome v23.0.1271.91 released

FYI...

Chrome v23.0.1271.91 released
- https://secunia.com/advisories/51437/
Release Date: 2012-11-27
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2012-5130, CVE-2012-5131, CVE-2012-5132, CVE-2012-5133, CVE-2012-5134,
CVE-2012-5135, CVE-2012-5136
... more information see vulnerability #2: https://secunia.com/SA48000/
... vulnerabilities are reported in versions prior to 23.0.1271.91.
Solution: Update to version 23.0.1271.91.
Original Advisory: http://googlechromereleases.blogspot.dk/2012/11/stable-channel-update.html

- http://www.securitytracker.com/id/1027815
CVE Reference: CVE-2012-5130, CVE-2012-5131, CVE-2012-5132, CVE-2012-5133, CVE-2012-5134, CVE-2012-5135, CVE-2012-5136
Nov 27 2012
Impact: Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 23.0.1271.91 ...

:fear:
 
Last edited:
Chrome v23.0.1271.97 released

FYI...

Chrome v23.0.1271.97 released
- https://secunia.com/advisories/51549/
Release Date: 2012-12-12
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2012-5139, CVE-2012-5140, CVE-2012-5141, CVE-2012-5142, CVE-2012-5143, CVE-2012-5144, CVE-2012-5676, CVE-2012-5677, CVE-2012-5678
For more information: https://secunia.com/SA51560/
... vulnerabilities are reported in versions prior to 23.0.1271.97.
Solution: Update to version 23.0.1271.97.
Original Advisory: Google:
http://googlechromereleases.blogspot.dk/2012/12/stable-channel-update.html
___

- http://h-online.com/-1774354
24 Dec 2012

:fear:
 
Last edited:
Chrome v24.0.1312.52 released

FYI...

Chrome v24.0.1312.52 released
- https://secunia.com/advisories/51825/
Release Date: 2013-01-11
Criticality level: Highly critical
Impact: Unknown, Security Bypass, System access
Where: From remote
CVE Reference(s): CVE-2012-5145, CVE-2012-5146, CVE-2012-5147, CVE-2012-5148, CVE-2012-5149, CVE-2012-5150, CVE-2012-5151, CVE-2012-5152, CVE-2012-5153, CVE-2012-5154, CVE-2012-5155, CVE-2012-5156, CVE-2012-5157, CVE-2013-0630, CVE-2013-0828, CVE-2013-0829, CVE-2013-0830, CVE-2013-0831, CVE-2013-0832, CVE-2013-0833, CVE-2013-0834, CVE-2013-0835, CVE-2013-0836, CVE-2013-0837, CVE-2013-0838
... vulnerabilities are reported in versions prior to 24.0.1312.52.
Solution: Upgrade to version 24.0.1312.52.
Original Advisory:
- http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html
Jan 10, 2013 - "... Chrome 24.0.1312.52 has been updated for Windows, Mac, Linux, and Chrome Frame... This release also contains an update to Flash (11.5.31.137) as well as improvements in speed and stability..."

- http://h-online.com/-1781648
11 Jan 2013

:fear::fear:
 
Last edited:
Chrome v24.0.1312.56 released

FYI...

Chrome v24.0.1312.56 released
- https://secunia.com/advisories/51935/
Release Date: 2013-01-23
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2013-0839, CVE-2013-0840, CVE-2013-0841, CVE-2013-0842, CVE-2013-0843
... vulnerabilities are reported in versions prior to 24.0.1312.56.
Solution: Update to version 24.0.1312.56.
Original Advisory:
http://googlechromereleases.blogspot.com/2013/01/stable-channel-update_22.html
___

- http://www.theregister.co.uk/2013/01/22/pwn2own_web_plugin_prize/
22 Jan 2013

- http://h-online.com/-1791381
25 Jan 2013

:fear::fear:
 
Last edited:
Chrome v25.0.1364.97 released

FYI...

Chrome v25.0.1364.97 released
- https://secunia.com/advisories/52320/
Release Date: 2013-02-22
Criticality level: Highly critical
Impact: Unknown, Security Bypass, System access
Where: From remote
CVE Reference(s): CVE-2013-0879, CVE-2013-0880, CVE-2013-0881, CVE-2013-0882, CVE-2013-0883, CVE-2013-0884, CVE-2013-0885, CVE-2013-0886, CVE-2013-0887, CVE-2013-0888, CVE-2013-0889, CVE-2013-0890, CVE-2013-0891, CVE-2013-0892, CVE-2013-0893, CVE-2013-0894, CVE-2013-0895, CVE-2013-0896, CVE-2013-0897, CVE-2013-0898, CVE-2013-0899, CVE-2013-0900
... vulnerabilities are reported in versions prior to 25.0.1364.97 for Windows and Linux and prior to 25.0.1364.99 for Mac.
Solution: Upgrade to version 25.0.1364.97 for Windows and Linux and 25.0.1364.99 for Mac.
Original Advisory:
- http://googlechromereleases.blogspot.com.au/2013/02/stable-channel-update_21.html
Feb 21, 2013 - "... Chrome 25.0.1364.97 for Windows and Linux, and 25.0.1364.99 for Mac contain a number of new items including:
- Improvements in managing and securing your extensions
- Better support for HTML5 time/date inputs
- JavaScript Web Speech API support
- Better WebGL error handling
- And lots of other features for developers
Security fixes... We’ve also resolved a high severity security issue by disabling MathML in this release. The WebKit MathML implementation isn’t quite ready for prime time yet but we are excited to enable it again in a future release once the security issues have been addressed. Many... bugs were detected using AddressSanitizer..."

:fear:
 
Chrome v25.0.1364.152 released

FYI...

Chrome v25.0.1364.152 released
- http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html
March 4, 2013 - "The Stable channel has been updated to 25.0.1364.152 for Windows and Linux. Note: these release notes also apply to the same version for Mac that was released last Friday. This release contains security and stability improvements along with a number of bug fixes... the referenced bugs may be kept private until a majority of our users are up to date with the fix..."

- https://secunia.com/advisories/52454/
Release Date: 2013-03-05
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote ...
CVE Reference(s): CVE-2013-0902, CVE-2013-0903, CVE-2013-0904, CVE-2013-0905, CVE-2013-0906, CVE-2013-0907, CVE-2013-0908, CVE-2013-0909, CVE-2013-0910, CVE-2013-0911
... vulnerabilities are reported in versions prior to 25.0.1364.152.
Solution: Update to version 25.0.1364.152.

:fear::fear:
 
Last edited:
Chrome v25.0.1364.160 released

FYI...

Chrome v25.0.1364.160 released
- https://secunia.com/advisories/52534/
Release Date: 2013-03-08
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference: CVE-2013-0912
... vulnerability is reported in versions prior to 25.0.1364.160.
Solution: Update to version 25.0.1364.160.
Original Advisory: Chrome:
http://googlechromereleases.blogspot.dk/2013/03/stable-channel-update_7.html
MWR InfoSecurity:
http://labs.mwrinfosecurity.com/blog/2013/03/06/pwn2own-at-cansecwest-2013/

:fear:
 
Chrome v25.0.1364.172 released

FYI...

Chrome v25.0.1364.172 released
- https://secunia.com/advisories/52591/
Release Date: 2013-03-12
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s): CVE-2013-0646, CVE-2013-0650, CVE-2013-1371, CVE-2013-1375
For more information: https://secunia.com/SA52590/
... vulnerabilities are reported in versions prior to 25.0.1364.172.
Solution: Update to version 25.0.1364.172.
Original Advisory:
http://googlechromereleases.blogspot.dk/2013/03/stable-channel-update_12.html
 
Chrome v25.0.1364.173 released ...

FYI...

Chrome v25.0.1364.173 released
- http://www.securitytracker.com/id/1028320
CVE Reference:
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0913 - 7.2 (HIGH)
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0915 - 10.0 (HIGH)
Mar 19 2013
Impact: Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 25.0.1364.173...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (25.0.1364.173)...
- http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html
... Release highlights:
- Updated Flash to 11.6.602.180, which resolves a bug where some DRM video content would be unable to play (e.g.: Amazon Prime Video).
- Fixed an issue with Chromebook Pixel and Acer C7 systems freezing while playing videos.
- Fixed an issue with Acer C7 systems freezing after resume...

:fear:
 
Last edited:
Chrome v26.0.1410.43 released

FYI...

Chrome v26.0.1410.43 released
- https://secunia.com/advisories/52761/
Release Date: 2013-03-27
Criticality level: Highly critical
Impact: Unknown, Security Bypass, System access
Where: From remote
CVE Reference(s): CVE-2013-0916, CVE-2013-0917, CVE-2013-0918, CVE-2013-0919, CVE-2013-0920, CVE-2013-0921, CVE-2013-0922, CVE-2013-0923, CVE-2013-0924, CVE-2013-0925, CVE-2013-0926
... vulnerabilities are reported in versions prior to 26.0.1410.43.
Solution: Upgrade to version 26.0.1410.43.
Original Advisory:
- http://googlechromereleases.blogspot.dk/2013/03/stable-channel-update_26.html

- http://h-online.com/-1831304
27 March 2013

:fear::fear:
 
Last edited:
Chrome v26.0.1410.64 released

FYI...

Chrome v26.0.1410.64 released
- https://secunia.com/advisories/52983/
Release Date: 2013-04-10
Criticality level: Highly critical
Impact: System access
Where: From remote ...
For more information: https://secunia.com/SA52931/
Solution: Update to version 26.0.1410.63 for Mac and Linux or 26.0.1410.64 for Windows.
Original Advisory:
http://googlechromereleases.blogspot.dk/2013/04/stable-channel-update.html
"... This release contains stability improvements, and a new version of Adobe Flash..."
___

Flash Player Update
- http://googlechromereleases.blogspot.dk/2013/05/flash-player-update.html
May 14, 2013 - "We are currently updating Flash Player to 11.7.700.202 for Windows and Mac to all Stable channel (Chrome 26) users."

:fear:
 
Last edited:
Chrome v27.0.1453.93 released

FYI...

Chrome v27.0.1453.93 released
- http://googlechromereleases.blogspot.ca/2013/05/stable-channel-release.html
May 21, 2013 - "Chrome 27.0.1453.93 for Windows, Mac, Linux, and Chrome Frame contains a number of new items... ongoing internal security work was as usual responsible for a wide range of fixes..."

- https://secunia.com/advisories/53430/
Release Date: 2013-05-22
Criticality level: Highly critical
Impact: Unknown, Cross Site Scripting, Exposure of sensitive information, System access
Where: From remote ...
CVE Reference(s): CVE-2013-2728, CVE-2013-2836, CVE-2013-2837, CVE-2013-2839, CVE-2013-2840, CVE-2013-2841, CVE-2013-2842, CVE-2013-2843, CVE-2013-2844, CVE-2013-2845, CVE-2013-2846, CVE-2013-2847, CVE-2013-2848, CVE-2013-2849, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, CVE-2013-3335
... For more information: https://secunia.com/SA53419/
Solution: Update to version 27.0.1453.93.

- http://h-online.com/-1867731
22 May 2013

:fear::fear:
 
Last edited:
Chrome v27.0.1453.110 released

FYI...

Chrome v27.0.1453.110 released
- https://secunia.com/advisories/53681/
Release Date: 2013-06-05
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2013-2854, CVE-2013-2855, CVE-2013-2856, CVE-2013-2857, CVE-2013-2858, CVE-2013-2859, CVE-2013-2860, CVE-2013-2861, CVE-2013-2862, CVE-2013-2863, CVE-2013-2864, CVE-2013-2865
... vulnerabilities are reported in versions prior to 27.0.1453.110.
Solution: Update to version 27.0.1453.110.
Original Advisory:
- http://googlechromereleases.blogspot.com/search/label/Stable updates
June 4, 2013 - "... updated to 27.0.1453.110 for Windows, Macintosh, Linux and Chrome Frame platforms..."

- http://h-online.com/-1882885
5 June 2013

:fear::fear:
 
Last edited:
Chrome v27.0.1453.116 released

FYI...

Chrome v27.0.1453.116 released
- https://secunia.com/advisories/53867/
Release Date: 2013-06-19
Impact: Cross Site Scripting
Where: From remote ...
CVE Reference: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2866
... vulnerability is caused due to an error when handling opacity of embedded Flash elements and can be exploited to e.g. gain access to the system's camera and microphone by tricking the user into clicking Flash settings frame disguised as a normal graphical element. The vulnerability is reported in versions prior to 27.0.1453.116.
Solution: Update to version 27.0.1453.116.
Original Advisory: http://googlechromereleases.blogspot.com/2013/06/stable-channel-update_18.html

:fear:
 
Last edited:
Chrome v28.0.1500.71 released

FYI...

Chrome v28.0.1500.71 released
- https://secunia.com/advisories/54017/
Release Date: 2013-07-09
Criticality: Highly Critical
CVE Reference(s): CVE-2013-2853, CVE-2013-2868, CVE-2013-2869, CVE-2013-2870, CVE-2013-2871, CVE-2013-2873, CVE-2013-2874, CVE-2013-2875, CVE-2013-2876, CVE-2013-2878, CVE-2013-2879, CVE-2013-2880
... vulnerabilities are reported in versions prior to 28.0.1500.71.
Solution: Upgrade to version 28.0.1500.71.
Original Advisory:
http://googlechromereleases.blogspot.dk/2013/07/stable-channel-update.html
"... We are separately updating users to Flash Player 11.8.800.97 via our component updater. The Stable channel has been updated to 28.0.1500.71 for Windows, Macintosh and Chrome Frame platforms..."
___

- http://h-online.com/-1915269
10 July 2013

:fear::fear:
 
Last edited:
Chrome 28.0.1500.95 released

FYI...

Chrome 28.0.1500.95 released
- https://secunia.com/advisories/54325/
Release Date: 2013-07-31
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Security Bypass, System access
CVE Reference(s): CVE-2013-2881, CVE-2013-2882, CVE-2013-2883, CVE-2013-2884, CVE-2013-2885,
CVE-2013-2886
... vulnerabilities are reported in versions prior to 28.0.1500.95.
Solution: Update to version 28.0.1500.95.
Original Advisory:
http://googlechromereleases.blogspot.dk/2013/07/stable-channel-update_30.html

:fear::fear:
 
Chrome v29.0.1547.57 released

FYI...

Chrome v29.0.1547.57 released
- https://secunia.com/advisories/54479/
Release Date: 2013-08-21
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Exposure of sensitive information, System access
CVE Reference(s): CVE-2013-2887, CVE-2013-2900, CVE-2013-2901, CVE-2013-2902, CVE-2013-2903, CVE-2013-2904, CVE-2013-2905
... vulnerabilities are reported in versions prior to 29.0.1547.57.
Solution: Upgrade to version 29.0.1547.57.
Original Advisory:
http://googlechromereleases.blogspot.com/2013/08/stable-channel-update.html
"... This update includes 25 security fixes..."

- http://www.securitytracker.com/id/1028942
CVE Reference: CVE-2013-2887, CVE-2013-2900, CVE-2013-2901, CVE-2013-2902, CVE-2013-2903, CVE-2013-2904, CVE-2013-2905
Aug 22 2013
Impact: Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 29.0.1547.57...

:fear::fear:
 
Last edited:
You must log in or register to reply here.
Back
Top