Chrome 17 正式版发布

On 2012年02月9日, in soft, by netoearth

Google昨天发布移动版Chrome,今天又对桌面版本进行升级。1月以来,Google就在测试新功能,升级后的Chrome浏览器将具有这些新功能,当中最为显眼的是omnibox预渲染功能和安全功能。通过omnibox功能,Chrome可以整合搜索地址栏,自动记录访问的网址,在后台预渲染页面,加快显示。在使用时,它让Chrome显示页面的速度更快,但实际上只是在后台加载。

下载:Google Chrome 17 Stable  

  新浏览器还增强了安全功能,它可以扫描下载文件,查看是否有恶意软件。如果存在风险,Chrome会提醒用户。

  关于Chrome OS操作系统,Google承诺会进行改进,它会增加新图像编辑器。

Chrome 17 to the Stable Channel for Windows, Mac, Linux and Chrome Frame.  17.0.963.46 contains a number of new features including:

  • New Extensions APIs
  • Updated Omnibox Prerendering
  • Download Scanning Protection
  • Many other small changes

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix

  • [73478] Low CVE-2011-3953: Avoid clipboard monitoring after paste event. Credit to Daniel Cheng of the Chromium development community.
  • [92550] Low CVE-2011-3954: Crash with excessive database usage. Credit to Collin Payne.
  • [93106] High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit to David Grogan of the Chromium development community.
  • [103630] Low CVE-2011-3956: Incorrect handling of sandboxed origins inside extensions. Credit to Devdatta Akhawe, UC Berkeley.
  • [$1000] [104056] High CVE-2011-3957: Use-after-free in PDF garbage collection. Credit to Aki Helin of OUSPG.
  • [$2000] [105459] High CVE-2011-3958: Bad casts with column spans. Credit to miaubiz.
  • [$1000] [106441] High CVE-2011-3959: Buffer overflow in locale handling. Credit to Aki Helin of OUSPG.
  • [$500] [108416] Medium CVE-2011-3960: Out-of-bounds read in audio decoding. Credit to Aki Helin of OUSPG.
  • [$1000] [108871] Critical CVE-2011-3961: Race condition after crash of utility process. Credit to Shawn Goertzen.
  • [$500] [108901] Medium CVE-2011-3962: Out-of-bounds read in path clipping. Credit to Aki Helin of OUSPG.
  • [109094] Medium CVE-2011-3963: Out-of-bounds read in PDF fax image handling. Credit to Atte Kettunen of OUSPG.
  • [109245] Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to Code Audit Labs of VulnHunt.com.
  • [109664] Low CVE-2011-3965: Crash in signature check. Credit to Sławomir Błażek.
  • [$1000] [109716] High CVE-2011-3966: Use-after-free in stylesheet error handling. Credit to Aki Helin of OUSPG.
  • [109717] Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben Carrillo.
  • [$1000] [109743] High CVE-2011-3968: Use-after-free in CSS handling. Credit to Arthur Gerkis.
  • [$1000] [110112] High CVE-2011-3969: Use-after-free in SVG layout. Credit to Arthur Gerkis.
  • [$500] [110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to Aki Helin of OUSPG.
  • [$1000] [110374] High CVE-2011-3971: Use-after-free with mousemove events. Credit to Arthur Gerkis.
  • [110559] Medium CVE-2011-3972: Out-of-bounds read in shader translator. Credit to Google Chrome Security Team (Inferno).

The bugs [105459], [106441], [108416], [108901], [109716], [109743], [110112], [110277], [110374]  and [110559] were detected using AddressSanitizer.

Comments are closed.