MAAS History
Archives
Wednesday
Apr272011

Google Chrome 11.0.696.57 Released

DateWednesday, April 27, 2011 at 08:31PM

Google has released Chrome update 11.0.696.57 to the stable channel. The update address various security fixes. This is directly taken from the reference link attached. 

  • [61502] High CVE-2011-1303: Stale pointer in floating object handling. Credit to Scott Hess of the Chromium development community and Martin Barbella.
  • [70538] Low CVE-2011-1304: Pop-up block bypass via plug-ins. Credit to Chamal De Silva.
  • [Linux / Mac only] [70589] Medium CVE-2011-1305: Linked-list race in database handling. Credit to Kostya Serebryany of the Chromium development community.
  • [$500] [71586] Medium CVE-2011-1434: Lack of thread safety in MIME handling. Credit to Aki Helin.
  • [72523] Medium CVE-2011-1435: Bad extension with ‘tabs’ permission can capture local files. Credit to Cole Snodgrass.
  • [Linux only] [72910] Low CVE-2011-1436: Possible browser crash due to bad interaction with X. Credit to miaubiz.
  • [$1000] [73526] High CVE-2011-1437: Integer overflows in float rendering. Credit to miaubiz.
  • [$1000] [74653] High CVE-2011-1438: Same origin policy violation with blobs. Credit to kuzzcc.
  • [Linux only] [74763] High CVE-2011-1439: Prevent interference between renderer processes. Credit to Julien Tinnes of the Google Security Team.
  • [$1000] [75186] High CVE-2011-1440: Use-after-free with <ruby> tag and CSS. Credit to Jose A. Vazquez.
  • [$500] [75347] High CVE-2011-1441: Bad cast with floating select lists. Credit to Michael Griffiths.
  • [$1000] [75801] High CVE-2011-1442: Corrupt node trees with mutation events. Credit to Sergey Glazunov and wushi of team 509.
  • [$1000] [76001] High CVE-2011-1443: Stale pointers in layering code. Credit to Martin Barbella.
  • [$500] [Linux only] [76542] High CVE-2011-1444: Race condition in sandbox launcher. Credit to Dan Rosenberg.
  • [76646] Medium CVE-2011-1445: Out-of-bounds read in SVG. Credit to wushi of team509.
  • [$3000] [76666] [77507] [78031] High CVE-2011-1446: Possible URL bar spoofs with navigation errors and interrupted loads. Credit to kuzzcc.
  • [$1000] [76966] High CVE-2011-1447: Stale pointer in drop-down list handling. Credit to miaubiz.
  • [$1000] [77130] High CVE-2011-1448: Stale pointer in height calculations. Credit to wushi of team509.
  • [$1000] [77346] High CVE-2011-1449: Use-after-free in WebSockets. Credit to Marek Majkowski.
  • [77349] Low CVE-2011-1450: Dangling pointers in file dialogs. Credit to kuzzcc.
  • [$2000] [77463] High CVE-2011-1451: Dangling pointers in DOM id map. Credit to Sergey Glazunov.
  • [$500] [77786] Medium CVE-2011-1452: URL bar spoof with redirect and manual reload. Credit to Jordi Chancel.
  • [$1500] [79199] High CVE-2011-1454: Use-after-free in DOM id handling. Credit to Sergey Glazunov.
  • [79361] Medium CVE-2011-1455: Out-of-bounds read with multipart-encoded PDF. Credit to Eric Roman of the Chromium development community.
  • [79364] High CVE-2011-1456: Stale pointers with PDF forms. Credit to Eric Roman of the Chromium development community.
AuthorSean OConnell Public | CommentPost a Comment | Reference1 Reference |
in , ,
Monday
Apr182011

iTunes 10.2.2 Released

DateMonday, April 18, 2011 at 05:13PM

Apple has released iTunes 10.2.2 for Windows and Mac OSX. The Mac OSX update includes the following fixes. 

 

  • Addresses an issue where iTunes may become unresponsive when syncing an iPad. 
  • Resolves an issue which may cause syncing photos with iPhone, iPad, or iPod touch to take longer than necessary. 
  • Fixes a problem where video previews on the iTunes Store may skip while playing. 
  • Addresses other issues that improve stability and performance.
  • Sync with your iPhone, iPad, or iPod touch with iOS 4.3. 
  • Improved Home Sharing. Browse and play from your iTunes libraries with Home Sharing on any iPhone, iPad, or iPod touch with iOS 4.3.

 

AuthorSean OConnell Public | CommentPost a Comment | Reference1 Reference |
in , ,
Thursday
Apr142011

Google Chrome 10.0.648.205 released

DateThursday, April 14, 2011 at 08:24PM

Google has released Chrome 10.0.648.205 to the stable channel which fixes the Flash Zero day along with the listing below. (Mac Only)

  • [75629] Critical CVE-2011-1301: Use-after-free in the GPU process. Credit to Google Chrome Security Team (Inferno).
  • [$1000] [78524] Critical CVE-2011-1302: Heap overflow in the GPU process. Credit to Christoph Diehl.

AuthorSean OConnell Public | CommentPost a Comment |
in , , , ,
Thursday
Apr142011

APPLE-SA-2011-04-14-3 Safari 5.0.5

DateThursday, April 14, 2011 at 03:52PM

Apple has released Safari version 5.0.5. to address two issues within WebKit. Users should apply this update promptly. 

AuthorSean OConnell Public | CommentPost a Comment | Reference1 Reference |
in , , , , , ,
Thursday
Apr142011

APPLE-SA-2011-04-14-4 Security Update 2011-002 

DateThursday, April 14, 2011 at 03:48PM

Apple has released Apple-SA-2011-04-14-4 Security Update 2011-002 for Mac OSX and Mac OSX Server to address the Certificate of Trust Policy issue related to the Comodo CA compromise. This update is critical, a reboot is required after the update. 

 

AuthorSean OConnell Public | CommentPost a Comment | Reference1 Reference |
in , , , , ,
Page 1 ... 3 4 5 6 7 ... 46 Next 5 Entries ยป