Google Chrome 61 正式版发布 加入更多开发者 API
jopen 7年前
<p>Chrome现在支持 WebUSB API,在用户同意的情况下允许网络应用与外设通信。这可实现上述设备提供的所有功能,同时仍可保证网络的安全。</p> <p style="text-align: center;"><a href="/misc/goto?guid=4959010605239516958"><img src="https://simg.open-open.com/show/aa585101562ee4595777bcae2e149d87.png" alt="Google Chrome 61 正式版发布 加入更多开发者 API" width="700" height="315" /></a></p> <p>PaymentRequest API 可以提供安全、无缝的跨平台结账体验。在 Chrome 61 中,浏览器还支持网络信息 API,这意味着网站可以访问设备信息,比如设备内存 API 可以检测内存占有,以优化网页应用。</p> <p>在 Android 版 Chrome 61 中,新增加了全新的 Web Share API 网络分享功能,浏览器可以激活 Android 原生分享功能。</p> <p>Chrome 61.0.3163.79 contains a number of fixes and improvements -- a list of changes is available in the <a href="https://chromium.googlesource.com/chromium/src/+log/60.0.3112.113..61.0.3163.79?pretty=fuller&n=10000">log</a>. Watch out for upcoming <a href="/misc/goto?guid=4959010605495313536">Chrome</a> and <a href="/misc/goto?guid=4959010605609982604">Chromium</a> blog posts about new features and big efforts delivered in 61.</p> <p><strong>Security Fixes and Rewards</strong></p> <p>Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.</p> <p> </p> <p>This update includes <a href="https://bugs.chromium.org/p/chromium/issues/list?can=1&q=type%3Abug-security+os%3DAndroid%2Cios%2Clinux%2Cmac%2Cwindows%2Call+label%3ARelease-0-M61">22</a> security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the <a href="/misc/goto?guid=4958988003424629591">Chrome Security Page</a> for more information.</p> <p>[$5000][<a href="/misc/goto?guid=4959010605905762563">737023</a>] High CVE-2017-5111: Use after free in PDFium. Reported by Luật Nguyễn (@l4wio) of KeenLab, Tencent on 2017-06-27</p> <p>[$5000][<a href="/misc/goto?guid=4959010606004525428">740603</a>] High CVE-2017-5112: Heap buffer overflow in WebGL. Reported by Tobias Klein (www.trapkit.de) on 2017-07-10</p> <p>[$5000][<a href="/misc/goto?guid=4959010606105179094">747043</a>] High CVE-2017-5113: Heap buffer overflow in Skia. Reported by Anonymous on 2017-07-20</p> <p>[$3500][<a href="/misc/goto?guid=4959010606218322522">752829</a>] High CVE-2017-5114: Memory lifecycle issue in PDFium. Reported by Ke Liu of Tencent's Xuanwu LAB on 2017-08-07</p> <p>[$3000][<a href="/misc/goto?guid=4959010606342809343">744584</a>] High CVE-2017-5115: Type confusion in V8. Reported by Marco Giovannini on 2017-07-17</p> <p>[$TBD][<a href="/misc/goto?guid=4959010606453519390">759624</a>] High CVE-2017-5116: Type confusion in V8. Reported by Anonymous on 2017-08-28</p> <p>[$1000][<a href="/misc/goto?guid=4959010606586635823">739190</a>] Medium CVE-2017-5117: Use of uninitialized value in Skia. Reported by Tobias Klein (www.trapkit.de) on 2017-07-04</p> <p>[$1000][<a href="/misc/goto?guid=4959010606711483337">747847</a>] Medium CVE-2017-5118: Bypass of Content Security Policy in Blink. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-07-24</p> <p>[$N/A][<a href="/misc/goto?guid=4959010606828451074">725127</a>] Medium CVE-2017-5119: Use of uninitialized value in Skia. Reported by Anonymous on 2017-05-22</p> <p>[$N/A][<a href="/misc/goto?guid=4959010606937629833">718676</a>] Low CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. Reported by Xiaoyin Liu (@general_nfs) on 2017-05-05</p> <p>We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.</p> <p>As usual, our ongoing internal security work was responsible for a wide range of fixes:</p> <ul> <li> <p>[<a href="/misc/goto?guid=4959010607050437415">762099</a>] Various fixes from internal audits, fuzzing and other initiatives</p> </li> </ul> <p>Many of our security bugs are detected using <a href="/misc/goto?guid=4958988004717619409">AddressSanitizer</a>, <a href="/misc/goto?guid=4958988004806098531">MemorySanitizer</a>, <a href="/misc/goto?guid=4959010607251618676">UndefinedBehaviorSanitizer</a>, <a href="/misc/goto?guid=4958988004883787486">Control Flow Integrity</a>, <a href="/misc/goto?guid=4959010607423222063">libFuzzer</a>, or <a href="/misc/goto?guid=4958861607691837013">AFL</a>.</p> <p><strong>下载地址:</strong></p> <p><a href="/misc/goto?guid=4958323896571430974">https://www.google.com/chrome/</a></p> <p>来自: cnBeta.COM</p>