| Di seguito sono consultabili le note di rilascio - in gergo "release notes" - relative al file Google Chrome 1.0.154.64, nel caso in cui gli sviluppatori abbiano reso disponibile tale documentazione in occasione della pubblicazione del software. Tuttavia, se hai bisogno di maggiori informazioni su Google Chrome 1.0.154.64, o se le note di rilascio non sono (ancora) disponibili, è comunque possibile procedere con la lettura della descrizione del file. |
A new notification at startup that makes it easier to set Google Chrome as the default browser. If you don't want Google Chrome to be the default browser, you can click 'Don't ask again'.
A new version of Gears (0.5.16.0)
CVE-2009-1441: Input validation error in the browser process.
A failure to properly validate input from a renderer (tab) process could allow an attacker to crash the browser and possibly run arbitrary code with the privileges of the logged on user. To exploit this vulnerability, an attacker would need to be able to run arbitrary code inside the renderer process.
Severity: Critical. An attacker might be able to run code with the privileges of the logged on user.
Mitigation: An attacker would need to be able to run arbitrary code in the renderer process.
CVE-2009-1442: Integer overflow in Skia 2D graphics.
A failure to check the result of integer multiplication when computing image sizes could allow a specially-crafted image or canvas to cause a tab to crash and it might be possible for an attacker to execute arbitrary code inside the (sandboxed) renderer process.
More info: http://code.google.com/p/chromium/issues/detail?id=10736
Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.
Mitigations:
A victim would need to visit a page under an attacker's control.
Any code that an attacker might be able to run inside the renderer process would be inside the sandbox.
|
|
