Google Chrome v77.0.3865.75 正式版发布

2019年9月12日09:50:54 发表评论

谷歌浏览器Google Chrome稳定版迎来v77首个版本发布,详细版本号为v77.0.3865.75,上一个正式版v76.0.3809.132发布于8月27日,时隔15天Google又发布了新版Chrome浏览器,本次升级主要是更新了安全修复和稳定性改进及用户体验。

Google Chrome v77.0.3865.75 正式版发布

谷歌浏览器v76正式版隐藏了浏览器地址栏中的http/https和www前缀标记,默认在所有网站上阻止Adobe Flash,用户可以重新启用Flash,但只能在单击到播放模式下使用Flash,同时还会出现一个警告,即Chrome在2020年12月之后将不支持Flash播放器。Adobe也将从2021年起停止支持Flash,所以这个更改是相当明智的。

谷歌浏览器v75正式版主要为桌面和网页开发者引入了几项新功能和软件增强。其中在“隐私和安全”设置中新增了用于管理安全密钥的选项,并支持Scroll Snap Stop来改进手势导航。

谷歌浏览器v74正式版增加了两个关键功能:对网页和操作系统级集成的减速支持浏览器将获得Windows 10的原生黑暗模式。这比集成浏览器外壳更深入,如果从相应PC的Windows操作系统中的应用程序样式中选择暗黑模式,浏览器现在将自动适应它。

 

官方更新日志

Chrome稳定版已经更新到v77.0.3865.75

安全修复程序和奖励

更新包括52项安全修复

[$TBD][999311] Critical CVE-2019-5870: Use-after-free in media. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2019-08-29

[$7500][990570] High CVE-2019-5871: Heap overflow in Skia. Reported by Anonymous on 2019-08-03

[$3000][981492] High CVE-2019-5872: Use-after-free in Mojo. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2019-07-05

[$3000][989497] High CVE-2019-5873: URL bar spoofing on iOS. Reported by Khalil Zhani on 2019-07-31

[$3000][989797] High CVE-2019-5874: External URIs may trigger other browsers. Reported by James Lee (@Windowsrcer) on 2019-08-01

[$2000][979443] High CVE-2019-5875: URL bar spoof via download redirect. Reported by Khalil Zhani on 2019-06-28

[$TBD][997190] High CVE-2019-5876: Use-after-free in media. Reported by Man Yue Mo of Semmle Security Research Team on 2019-08-23

[$TBD][999310] High CVE-2019-5877: Out-of-bounds access in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2019-08-29

[$TBD][1000217] High CVE-2019-5878: Use-after-free in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2019-09-03

[$3000][986043] Medium CVE-2019-5879: Extension can bypass same origin policy. Reported by Jinseo Kim on 2019-07-20

[$2000][831725] Medium CVE-2019-5880: SameSite cookie bypass. Reported by Jun Kokatsu (@shhnjk) on 2018-04-11

[$2000][980816] Medium CVE-2019-5881: Arbitrary read in SwiftShader. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2019-07-03

[$1000][868846] Medium CVE-2019-13659: URL spoof. Reported by Lnyas Zhang on 2018-07-30

[$1000][882363] Medium CVE-2019-13660: Full screen notification overlap. Reported by Wenxu Wu (@ma7h1as) of Tencent Security Xuanwu Lab on 2018-09-10

[$1000][882812] Medium CVE-2019-13661: Full screen notification spoof. Reported by Wenxu Wu (@ma7h1as) of Tencent Security Xuanwu Lab on 2018-09-11

[$1000][967780] Medium CVE-2019-13662: CSP bypass. Reported by David Erceg on 2019-05-28

[$500][863661] Medium CVE-2019-13663: IDN spoof. Reported by Lnyas Zhang on 2018-07-14

[$500][915538] Medium CVE-2019-13664: CSRF bypass. Reported by thomas "zemnmez" shadwell on 2018-12-16

[$500][959640] Medium CVE-2019-13665: Multiple file download protection bypass. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-05-05

[$500][960305] Medium CVE-2019-13666: Side channel using storage size estimate. Reported by Tom Van Goethem from imec-DistriNet, KU Leuven on 2019-05-07

[$500][973056] Medium CVE-2019-13667: URI bar spoof when using external app URIs. Reported by Khalil Zhani on 2019-06-11

[$500][986393] Medium CVE-2019-13668: Global window leak via console. Reported by David Erceg on 2019-07-22

[$N/A][968451] Medium CVE-2019-13669: HTTP authentication spoof. Reported by Khalil Zhani on 2019-05-30

[$N/A][980891] Medium CVE-2019-13670: V8 memory corruption in regex. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2019-07-03

[$TBD][696454] Medium CVE-2019-13671: Dialog box fails to show origin. Reported by xisigr of Tencent's Xuanwu Lab on 2017-02-27

[$TBD][997925] Medium CVE-2019-13673: Cross-origin information leak using devtools. Reported by David Erceg on 2019-08-26

[$500][896533] Low CVE-2019-13674: IDN spoofing. Reported by Khalil Zhani on 2018-10-18

[$500][929578] Low CVE-2019-13675: Extensions can be disabled by trailing slash. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-02-07

[$TBD][875178] Low CVE-2019-13676: Google URI shown for certificate warning. Reported by Wenxu Wu (@ma7h1as) of Tencent Security Xuanwu Lab on 2018-08-17

[$TBD][939108] Low CVE-2019-13677: Chrome web store origin needs to be isolated. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-03-06

[$TBD][946633] Low CVE-2019-13678: Download dialog spoofing. Reported by Ronni Skansing on 2019-03-27

[$TBD][968914] Low CVE-2019-13679: User gesture needed for printing. Reported by Conrad Irwin, Superhuman on 2019-05-31

[$TBD][969684] Low CVE-2019-13680: IP address spoofing to servers. Reported by Thijs Alkemade from Computest on 2019-06-03

[$TBD][970378] Low CVE-2019-13681: Bypass on download restrictions. Reported by David Erceg on 2019-06-04

[$TBD][971917] Low CVE-2019-13682: Site isolation bypass. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-06-07

[$TBD][987502] Low CVE-2019-13683: Exceptions leaked by devtools. Reported by David Erceg on 2019-07-25

[1002279] Various fixes from internal audits, fuzzing and other initiatives

 

Google Chrome 稳定版 离线安装包 官方本地下载地址:

Google Chrome v77.0.3865.75 无更新功能版 64位

SHA1:494E20012995ADC644127F8A827ABB986C7A522D

SHA256:6338AD7003F55DEA18EAE8F31E04F0346189FCA3104DF6A0C7199DADF862BE32

 

Google Chrome v77.0.3865.75 无更新功能版 32位

SHA1:D850588A450F223188C1BC5B8A74D4B1B2588BCD

SHA256:E255E921C0E3681A0103905AA9256ECCD19E6396CDF7531663BA4CB75A414723

 

Google Chrome v77.0.3865.75 Mac版

SHA1:3E84D907E2D3DB36CB817C7A5A74A17433DE86C2

SHA256:E6C9AB31CE839FFA9CBA9E31D7FA1E9B5771DE2CDAA1864005B47E3AC54D3573

 

Google Chrome 官方带更新功能版 网盘:

https://pan.baidu.com/s/1FEF-EnO1oomkalvrobdHvw 提取码: 1xud

https://www.lanzous.com/b138066

©里维斯社,本站推荐使用的主机:阿里云腾讯云;本站推荐使用的WP主题:WordPress主题

晨会游戏

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: