IT & Security/웹브라우저

Google Chrome 61.0.3163.79 보안 업데이트

la Nube 2017. 9. 8. 00:00
반응형


구글 크롬의 61 버전이 나왔습니다.(안정판)

윈도, 맥OS, 64비트 리눅스에서 각각 업데이트가 진행되었습니다.

(32비트 리눅스는 지원하지 않습니다.ㅠㅠ)


이번 업데이트에서는 21개의 보안 패치가 적용되었습니다.

그 중에서 다음의 보안 취약점들은 외부의 연구자들이 발견하였고,

1000~5000달러 상당의 상금을 받아갔다고 합니다.(오~!)


[$5000] High CVE-2017-5111: Use after free in PDFium. Reported by Luật Nguyễn (@l4wio) of KeenLab, Tencent on 2017-06-27

[$5000] High CVE-2017-5112: Heap buffer overflow in WebGL. Reported by Tobias Klein (www.trapkit.de) on 2017-07-10

[$5000] High CVE-2017-5113: Heap buffer overflow in Skia. Reported by Anonymous on 2017-07-20

[$3500] High CVE-2017-5114: Memory lifecycle issue in PDFium. Reported by Ke Liu of Tencent's Xuanwu LAB on 2017-08-07

[$3000] High CVE-2017-5115: Type confusion in V8. Reported by Marco Giovannini on 2017-07-17

[$TBD] High CVE-2017-5116: Type confusion in V8. Reported by Anonymous on 2017-08-28

[$1000] Medium CVE-2017-5117: Use of uninitialized value in Skia. Reported by Tobias Klein (www.trapkit.de) on 2017-07-04

[$1000] Medium CVE-2017-5118: Bypass of Content Security Policy in Blink. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-07-24

[$N/A] Medium CVE-2017-5119: Use of uninitialized value in Skia. Reported by Anonymous on 2017-05-22

[$N/A] Low CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. Reported by Xiaoyin Liu (@general_nfs) on 2017-05-05


구글 크롬을 사용 중인 분들은 주소창에 chrome://settings/help 라고 입력하여 버전을 확인해보기 바랍니다.


<참고>

https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html

반응형