Google Chrome updates

Chrome 48.0.2564.82 released

FYI...

Chrome 48.0.2564.82 released
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
Jan 20, 2016 - "... Chrome 48.0.2564.82 contains a number of fixes and improvements - a list of changes is available in the log*... This update includes -37- security fixes..."
* https://chromium.googlesource.com/c....2526.111..48.0.2564.82?pretty=fuller&n=10000

- https://www.us-cert.gov/ncas/current-activity/2016/01/20/Google-Releases-Security-Update-Chrome
Jan 20, 2016
___

- http://www.securitytracker.com/id/1034801
CVE Reference: CVE-2016-1612, CVE-2016-1613, CVE-2016-1614, CVE-2016-1615, CVE-2016-1616, CVE-2016-1617, CVE-2016-1618, CVE-2016-1619, CVE-2016-1620
Jan 22 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): Prior to 48.0.2564.82 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
A remote user can spoof a URL.
Solution: The vendor has issued a fix (48.0.2564.82)...

:fear::fear:
 
Last edited:
Last edited:
Chrome 48.0.2564.116 released

FYI...

Chrome 48.0.2564.116 released
- http://googlechromereleases.blogspot.com/2016/02/stable-channel-update_18.html
Feb 18, 2016 - "The stable channel has been updated to 48.0.2564.116 for Windows, Mac, and Linux... This update includes the following security fix contributed by an external researcher...
[583431] Critical CVE-2016-1629: Same-origin bypass in Blink and Sandbox escape in Chrome..."

- https://www.us-cert.gov/ncas/current-activity/2016/02/18/Google-Releases-Security-Update-Chrome
Feb 18, 2016

:fear::fear:
 
Chrome 49.0.2623.75 released

FYI...

Chrome 49.0.2623.75 released
- http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html
Mar 2, 2016 - "The Chrome team is delighted to announce the promotion of Chrome 49 to the stable channel for Windows, Mac and Linux. Chrome 49.0.2623.75 contains a number of fixes and improvements - a list of changes is available in the log... This update includes -26- security fixes...

High CVE-2016-1630: Same-origin bypass in Blink.
High CVE-2016-1631: Same-origin bypass in Pepper Plugin.
High CVE-2016-1632: Bad cast in Extensions.
High CVE-2016-1633: Use-after-free in Blink.
High CVE-2016-1634: Use-after-free in Blink.
High CVE-2016-1635: Use-after-free in Blink.
High CVE-2016-1636: SRI Validation Bypass.
High CVE-2015-8126: Out-of-bounds access in libpng..."

- http://www.securitytracker.com/id/1035185
CVE Reference: CVE-2016-1630, CVE-2016-1631, CVE-2016-1632, CVE-2016-1633, CVE-2016-1634, CVE-2016-1635, CVE-2016-1636, CVE-2016-1637, CVE-2016-1638, CVE-2016-1639, CVE-2016-1640, CVE-2016-1641, CVE-2016-1642
Mar 4 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 49.0.2623.75 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (49.0.2623.75)...
___

- https://www.us-cert.gov/ncas/current-activity/2016/03/02/Google-Releases-Security-Update-Chrome
Mar 2, 2016

:fear::fear:
 
Last edited:
Chrome 49.0.2623.87 released

FYI...

Chrome 49.0.2623.87 released
- http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html
March 8, 2016 - "The stable channel has been updated to 49.0.2623.87 for Windows, Mac, and Linux... This update includes -3- security fixes that were contributed by external researchers...
High CVE-2016-1643: Type confusion in Blink. Credit to cloudfuzzer.
High CVE-2016-1644: Use-after-free in Blink. Credit to Atte Kettunen of OUSPG.
High CVE-2016-1645: Out-of-bounds write in PDFium. Credit to anonymous working with HP's Zero Day Initiative..."
___

- http://www.securitytracker.com/id/1035259
CVE Reference: CVE-2016-1643, CVE-2016-1644, CVE-2016-1645
Mar 14 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 49.0.2623.87 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (49.0.2623.87)...
___

- https://www.us-cert.gov/ncas/current-activity/2016/03/08/Google-Releases-Security-Update-Chrome
March 8, 2016

:fear::fear:
 
Last edited:
Chrome 49.0.2623.108 released

FYI...

Chrome 49.0.2623.108 released
- http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html
March 24, 2016 - "The stable channel has been updated to 49.0.2623.108 for Windows, Mac, and Linux...
This update includes -5- security fixes...
High CVE-2016-1646: Out-of-bounds read in V8...
High CVE-2016-1647: Use-after-free in Navigation...
High CVE-2016-1648: Use-after-free in Extensions...
High CVE-2016-1649: Buffer overflow in libANGLE...
CVE-2016-1650: Various fixes from internal audits, fuzzing and other initiatives...
___

- http://www.securitytracker.com/id/1035423
CVE Reference: CVE-2016-1646, CVE-2016-1647, CVE-2016-1648, CVE-2016-1649, CVE-2016-1650
Mar 26 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 49.0.2623.108...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (49.0.2623.108)...
___

- https://www.us-cert.gov/ncas/current-activity/2016/03/24/Google-Releases-Security-Update-Chrome
March 24, 2016

:fear::fear:
 
Last edited:
Chrome 50.0.2661.94 released

FYI...

Chrome 50.0.2661.94 released
- http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html
April 28, 2016 - "The stable channel has been updated to 50.0.2661.94 for Windows, Mac, and Linux...
This update includes -9- security fixes...
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix...
___

- https://www.us-cert.gov/ncas/current-activity/2016/04/28/Google-Releases-Security-Update-Chrome
April 28, 2016

:fear:
 
Chrome 50.0.2661.102 released

FYI...

Chrome 50.0.2661.102 released
- http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html
May 11, 2016 - "The stable channel has been updated to 50.0.2661.102 for Windows, Mac, and Linux... This update includes -5- security fixes..."
___

- http://www.securitytracker.com/id/1035872
CVE Reference: CVE-2016-1667, CVE-2016-1668, CVE-2016-1669, CVE-2016-1670, CVE-2016-1671
May 12 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 50.0.2661.102 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can view files on the target system.
A remote user can bypass same-origin restrictions on the target system.
Solution: The vendor has issued a fix (50.0.2661.102)...
___

- https://www.us-cert.gov/ncas/current-activity/2016/05/11/Google-Releases-Security-Update-Chrome
May 11, 2016

:fear::fear:
 
Last edited:
Chrome 51.0.2704.63 released

FYI...

Chrome 51.0.2704.63 released
- http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
May 25, 2016 - "... Chrome 51.0.2704.63 contains a number of fixes and improvements...
This update includes -42- security fixes..."

- https://www.us-cert.gov/ncas/current-activity/2016/05/26/Google-Releases-Security-Update-Chrome
May 26, 2016
___

- http://www.securitytracker.com/id/1035981
CVE Reference: CVE-2016-1672, CVE-2016-1673, CVE-2016-1674, CVE-2016-1675, CVE-2016-1676, CVE-2016-1677, CVE-2016-1678, CVE-2016-1679, CVE-2016-1680, CVE-2016-1681, CVE-2016-1682, CVE-2016-1683, CVE-2016-1684, CVE-2016-1685, CVE-2016-1686, CVE-2016-1687, CVE-2016-1688, CVE-2016-1689, CVE-2016-1690, CVE-2016-1691, CVE-2016-1692, CVE-2016-1693, CVE-2016-1694, CVE-2016-1695
May 27 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 51.0.2704.63 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (51.0.2704.63)...

:fear::fear:
 
Last edited:
Chrome 51.0.2704.79 released

FYI...

Chrome 51.0.2704.79 released
- http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html
June 1, 2016 - "The stable channel has been updated to 51.0.2704.79 for Windows, Mac, and Linux...
This update includes -15- security fixes..."

- https://www.us-cert.gov/ncas/current-activity/2016/06/02/Google-Releases-Security-Update-Chrome
June 02, 2016
___

- http://www.securitytracker.com/id/1036026
CVE Reference: CVE-2016-1696, CVE-2016-1697, CVE-2016-1698, CVE-2016-1699, CVE-2016-1700, CVE-2016-1701, CVE-2016-1702, CVE-2016-1703
Jun 3 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 51.0.2704.79 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (51.0.2704.79)...

:fear::fear:
 
Last edited:
Chrome 52.0.2743.82 released

FYI...

Chrome 52.0.2743.82 released
- https://googlechromereleases.blogspot.ca/2016/07/stable-channel-update.html
July 20, 2016 - "... promotion of Chrome 52 to the stable channel for Windows, Mac and Linux. Chrome 52.0.2743.82 contains a number of fixes and improvements - a list of changes is available in the log...
This update includes -48- security fixes..."
___

- http://www.securitytracker.com/id/1036428
CVE Reference: CVE-2016-1705, CVE-2016-1706, CVE-2016-1707, CVE-2016-1708, CVE-2016-1709, CVE-2016-1710, CVE-2016-1711, CVE-2016-5127, CVE-2016-5128, CVE-2016-5129, CVE-2016-5130, CVE-2016-5131, CVE-2016-5132, CVE-2016-5133, CVE-2016-5134, CVE-2016-5135, CVE-2016-5136, CVE-2016-5137
Jul 22 2016
Fix Available: Yes Vendor Confirmed: Yes
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
A remote user can spoof a URL.
Solution: The vendor has issued a fix (52.0.2743.82)...

- https://www.us-cert.gov/ncas/current-activity/2016/07/21/Google-Releases-Security-Update-Chrome
July 21, 2016

:fear:
 
Last edited:
Chrome 52.0.2743.116 released

FYI...

Chrome 52.0.2743.116 released
- https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html
Aug 3, 2016 - "The stable channel has been updated to 52.0.2743.116 for Windows, Mac, and Linux. This will roll out over the coming days/weeks... This update includes -10- security fixes...
Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed..."

- http://www.securitytracker.com/id/1036547
CVE Reference: CVE-2016-5139, CVE-2016-5140, CVE-2016-5141, CVE-2016-5142, CVE-2016-5143, CVE-2016-5144, CVE-2016-5145, CVE-2016-5146
Aug 6 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 52.0.2743.116 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can spoof a URL.
Solution: The vendor has issued a fix (52.0.2743.116)...

:fear:
 
Chrome 53.0.2785.89 released

FYI...

Chrome 53.0.2785.89 released
- https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html
Aug 31, 2016 - "The Chrome team is delighted to announce the promotion of Chrome 53 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 53.0.2785.89 contains a number of fixes and improvements... This update includes -33- security fixes..."
___

- http://www.securitytracker.com/id/1036729
CVE Reference: CVE-2016-5147, CVE-2016-5148, CVE-2016-5149, CVE-2016-5150, CVE-2016-5151, CVE-2016-5152, CVE-2016-5153, CVE-2016-5154, CVE-2016-5155, CVE-2016-5156, CVE-2016-5157, CVE-2016-5158, CVE-2016-5159, CVE-2016-5160, CVE-2016-5161, CVE-2016-5162, CVE-2016-5163, CVE-2016-5164, CVE-2016-5165, CVE-2016-5166, CVE-2016-5167
Sep 3 2016
Fix Available: Yes Vendor Confirmed: Yes
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can spoof a URL.
A remote user can access the target user's cookies (including authentication cookies), if any, associated with the target site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution: The vendor has issued a fix (53.0.2785.89 for Windows, Mac; 53.0.2785.92 for Linux)...
___

- https://www.us-cert.gov/ncas/current-activity/2016/08/31/Google-Releases-Security-Update-Chrome
Aug 31, 2016

:fear::fear:
 
Last edited:
You must log in or register to reply here.
Back
Top