日前,谷歌浏览器发布 v90.0.4430.212 正式版更新,这也是Google
Chrome第四个维护版本,本次更新主要进行了安全修复和稳定性改进,同时改善用户体验,一起来了解一下。
新版变化
Chrome v90.0.4430.212 正式版(2021-05-11)
谷歌浏览器v90正式版主要更新,引入了许多以用户为中心的功能改进,辅以安全性方面的进一步提升。默认向目标网站链接均启用SSL安全传输协议(HTTPS),全新AV1开源视频编码器的技术支持,高清视频占用大幅减小。新增窗口重命名功能,可重命名已打开的多个窗口,可记住窗口的配置,遇到崩溃重启会自动恢复状态。还有WebXR深度API、启用了URL协议设置程序、效果叠加层、以及安全性方面的诸多改进,比如为了防范缓解NAT
Slipstream 2.0攻击,而屏蔽封锁了通过554端口的HTTP/HTTPS/FTP服务器访问。
谷歌浏览器v89正式版主要更新,修复了一个零日漏洞,建议用户尽快更新。优化了对WebHID、Webnfc和Web
Serial等适用于HID设备API的支持,此外NFC和串行设备也被认为可以投入生产使用。还初步为WebRTC添加了对AV1编码的支持。此外桌面端还带来了Web
Share和Web Share Target支持以及其他增强功能。
谷歌浏览器v88正式版主要更新,改进深色主题支持,优化深色模式,覆盖设置、书签、历史、新标签页等更多内部页面的滚动条。停止对FTP的支持,无法使用Chrome作为FTP客户端,不再支持ftp://开头的地址。停止对Mac
OS Yosemite的支持,结束对旧版浏览器附加组件的支持,减少请求许可干扰,优化适用于Chrome OS的浅色和深色模式。
安全修复和奖励
googlechromereleases.blogspot.com
Chrome v90.0.4430.212,此更新包括19个安全修复程序。
[$3000][1180126] High CVE-2021-30506: Incorrect security UI in Web App
Installs. Reported by @retsew0x01 on 2021-02-19
[$NA][1178202] High CVE-2021-30507: Inappropriate implementation in
Offline. Reported by Alison Huffman,Microsoft browser Vulnerability Research on
2021-02-14
[$TBD][1195340] High CVE-2021-30508: Heap buffer overflow in Media Feeds.
Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-04-02
[$TBD][1196309] High CVE-2021-30509: Out of bounds write in Tab Strip.
Reported by David Erceg on 2021-04-06
[$TBD][1197436] High CVE-2021-30510: Race in Aura. Reported by Weipeng
Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on
2021-04-09
[$TBD][1197875] High CVE-2021-30511: Out of bounds read in Tab Groups.
Reported by David Erceg on 2021-04-10
[$TBD][1200019] High CVE-2021-30512: Use after free in Notifications.
Reported by ZhanJia Song on 2021-04-17
[$NA][1200490] High CVE-2021-30513: Type Confusion in V8. Reported by Man
Yue Mo of GitHub Security Lab on 2021-04-19
[$TBD][1200766] High CVE-2021-30514: Use after free in Autofill. Reported
by koocola (@alo_cook) and Nan Wang (@eternalsakura13) of 360 Alpha Lab on
2021-04-20
[$TBD][1201073] High CVE-2021-30515: Use after free in File API. Reported
by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-04-21
[$TBD][1201446] High CVE-2021-30516: Heap buffer overflow in History.
Reported by ZhanJia Song on 2021-04-22
[$TBD][1203122] High CVE-2021-30517: Type Confusion in V8. Reported by
laural on 2021-04-27
[$NA][1203590] High CVE-2021-30518: Heap buffer overflow in Reader Mode.
Reported by Jun Kokatsu,Microsoft browser Vulnerability Research on
2021-04-28
[$15000][1194058] Medium CVE-2021-30519: Use after free in Payments.
Reported by asnine on 2021-03-30
[$10000][1193362] Medium CVE-2021-30520: Use after free in Tab Strip.
Reported by Khalil Zhani on 2021-04-03
[1207457] VarIoUs fixes from internal audits,fuzzing and other
initiatives
想了解更多关于谷歌浏览器精彩资讯,敬请关注编程之家。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
