When you run the downloaded installer, it again starts downloading the required setup files of Chrome from Google servers as the online installer doesn’t contain all required program files. When you start downloading Google Chrome on your computer, it downloads a very small 1 MB online installer (also known as stub installer or net installer). It’s very fast and provides several useful features. We all know about Google’s official web browser Google Chrome which has become very popular among all Internet users. We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.NOTE: The download links given in this article will always download offline installers for the latest version of Google Chrome. Low CVE-2019-5852: Object leak of utility functions. Reported by Zhen Zhou of NSFOCUS Security Team on Low CVE-2019-5854: Integer overflow in PDFium text rendering. Low CVE-2019-5857: Comparison of -0 and null yields crash. Low CVE-2019-5861: Click location incorrectly checked. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on Low CVE-2019-5862: AppCache not robust to compromised renderers. Low CVE-2019-5864: Insufficient port filtering in CORS for extensions. Reported by evi1m0 of Bilibili Security Team on Low CVE-2019-5858: Insufficient filtering of Open URL service parameters. Reported by Ivan Fratric of Google Project Zero on Medium CVE-2019-5865: Site isolation bypass from compromised renderer.
Medium CVE-2019-5855: Integer overflow in PDFium. Reported by Yuxiang Li of Tencent Blade Team on Medium CVE-TBD: Use-after-free in WebUSB on Windows. Reported by Yongke Wang of Tencent's Xuanwu Lab () on Medium CVE-2019-5856: Insufficient checks on filesystem: URI permissions. Reported by James Lee of Kryptos Logic on High CVE-2019-5859: Some URIs can load alternative browsers. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. High CVE-2019-5851: Use-after-poison in offline audio context. Reported by of IIE Varas and of Tecent Xuanwu Lab on High CVE-2019-5853: Memory corruption in regexp length check. High CVE-2019-5860: Use-after-free in PDFium. High CVE-2019-5850: Use-after-free in offline page fetcher. Please see the Chrome Security Page for more information. Below, we highlight fixes that were contributed by external researchers.
0 kommentar(er)
