62件の脆弱性が修正されたGoogle Chrome 40.0.2214.91
Google Chrome の最新バージョン 40.0.2214.91 が公開されました。
現在公式サイトからダウンロードできます。
バージョン 40.0.2214.91 では、62件の脆弱性が修正されました。
この中には、危険度「高」の脆弱性17件も含まれています。
その他に、Chromeアプリの情報ダイアログが更新されました。
Google Chromeは自動でアップデートされますが、メニューの
「Google Chromeについて」からアップデートができます。
Google Chrome 40.0.2214.91の主な更新内容
- Updated info dialog for Chrome app on Windows and Linux.
- A new clock behind/ahead error message.
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix.
We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 62 security fixes.
Below, we highlight fixes that were contributed by external researchers.
Please see the Chromium security page for more information.
- [$5000][430353] High CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning.
- [$4500][435880] High CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne.
- [$4000][434136] High CVE-2014-7925: Use-after-free in WebAudio. Credit to mark.buer.
- [$4000][422824] High CVE-2014-7926: Memory corruption in ICU. Credit to yangdingning.
- [$3500][444695] High CVE-2014-7927: Memory corruption in V8. Credit to Christian Holler.
- [$3500][435073] High CVE-2014-7928: Memory corruption in V8. Credit to Christian Holler.
- [$3000][442806] High CVE-2014-7930: Use-after-free in DOM. Credit to cloudfuzzer.
- [$3000][442710] High CVE-2014-7931: Memory corruption in V8. Credit to cloudfuzzer.
- [$2000][443115] High CVE-2014-7929: Use-after-free in DOM. Credit to cloudfuzzer.
- [$2000][429666] High CVE-2014-7932: Use-after-free in DOM. Credit to Atte Kettunen of OUSPG.
- [$2000][427266] High CVE-2014-7933: Use-after-free in FFmpeg. Credit to aohelin.
- [$2000][427249] High CVE-2014-7934: Use-after-free in DOM. Credit to cloudfuzzer.
- [$2000][402957] High CVE-2014-7935: Use-after-free in Speech. Credit to Khalil Zhani.
- [$1500][428561] High CVE-2014-7936: Use-after-free in Views. Credit to Christoph Diehl.
- [$1500][419060] High CVE-2014-7937: Use-after-free in FFmpeg. Credit to Atte Kettunen of OUSPG.
- [$1000][416323] High CVE-2014-7938: Memory corruption in Fonts. Credit to Atte Kettunen of OUSPG.
- [$1000][399951] High CVE-2014-7939: Same-origin-bypass in V8. Credit to Takeshi Terada.
- [$1000][433866] Medium CVE-2014-7940: Uninitialized-value in ICU. Credit to miaubiz.
- [$1000][428557] Medium CVE-2014-7941: Out-of-bounds read in UI. Credit to Atte Kettunen of OUSPG and Christoph Diehl.
- [$1000][426762] Medium CVE-2014-7942: Uninitialized-value in Fonts. Credit to miaubiz.
- [$1000][422492] Medium CVE-2014-7943: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.
- [$1000][418881] Medium CVE-2014-7944: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
- [$1000][414310] Medium CVE-2014-7945: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
- [$1000][414109] Medium CVE-2014-7946: Out-of-bounds read in Fonts. Credit to miaubiz.
- [$500][430566] Medium CVE-2014-7947: Out-of-bounds read in PDFium. Credit to fuzztercluck.
- [$500][414026] Medium CVE-2014-7948: Caching error in AppCache. Credit to jiayaoqijia.
As usual, our ongoing internal security work was responsible for a wide range of fixes
- [449894] CVE-2015-1205: Various fixes from internal audits, fuzzing and other initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 3.30 branch (currently 3.30.33.15).
★Google Chromeはスピード、シンプル、セキュリティの3つに重点を
置いて開発 されたブラウザです。
Google Chrome--オールフリーソフト
Google Chrome 33.0.1750.117 が公開されました。
11件の脆弱性が修正されたGoogle Chrome 32.0.1700.76
Chrome Releases Stable Channel Update
ツイート@allfreesoftをフォロー
スポンサーリンク
【関連する記事】
- 日本語に対応したESET Online Scanner 3.4.7.0
- Password Checkupが2020年8月31日でサービス終了
- 3つの音声が追加されたIMAIME 1.30
- .Net Framework4.8と.NET Coreに対応したASoft .N..
- Capture .NETのフリー版が終了
- CursorFXが有料になりました。
- はがきデザインキットが2020年1月31日でサービスを終了
- RansomBusterがTrend Micro Maximum Securit..
- Acronis Ransomware Protection(無償)のサポートが終..
- オプションが追加されたReduce Memory 1.3