{"id":255920,"date":"2021-07-22T00:44:23","date_gmt":"2021-07-21T22:44:23","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=255920"},"modified":"2022-04-03T06:41:13","modified_gmt":"2022-04-03T04:41:13","slug":"google-chrome-92-0-4515-107","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2021\/07\/22\/google-chrome-92-0-4515-107\/","title":{"rendered":"Google Chrome 92.0.4515.107"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2021\/06\/Chrome-01.jpg\" \/>[<a href=\"https:\/\/borncity.com\/win\/2021\/07\/22\/google-chrome-92-0-4515-107\/\" target=\"_blank\" rel=\"noopener\">English<\/a>]Google hat zum 20. Juli 2021 den Google Chrome 92.0.4515.107 f\u00fcr Windows, Mac und Linux freigegeben. Es ist ein Update auf die Version 92, die neue Features mitbringt, aber auch gleich 35 Schwachstellen in \u00e4lteren Browserversionen beseitigt.<!--more--><\/p>\n<p>Im Google-Blog gibt es <a href=\"https:\/\/chromereleases.googleblog.com\/2021\/07\/stable-channel-update-for-desktop_20.html\" target=\"_blank\" rel=\"noopener\">diesen Beitrag<\/a> mit einer Liste der im Chrome 92.0.4515.107 f\u00fcr den Desktop geschlossenen Schwachstellen. Hier einige hervorgehobene Schwachstellen, die beseitigt wurden.<\/p>\n<ul>\n<li>[$15000][1210985] High CVE-2021-30565: Out of bounds write in Tab Groups. Reported by David Erceg on 2021-05-19<\/li>\n<li>[$10000][1202661] High CVE-2021-30566: Stack buffer overflow in Printing. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-04-26<\/li>\n<li>[$10000][1211326] High CVE-2021-30567: Use after free in DevTools. Reported by DDV_UA on 2021-05-20<\/li>\n<li>[$8500][1219886] High CVE-2021-30568: Heap buffer overflow in WebGL. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-06-15<\/li>\n<li>[$500][1218707] High CVE-2021-30569: Use after free in sqlite. Reported by Chris Salls (@salls) of Makai Security on 2021-06-11<\/li>\n<li>[$TBD][1101897] High CVE-2021-30571: Insufficient policy enforcement in DevTools. Reported by David Erceg on 2020-07-03<\/li>\n<li>[$TBD][1214234] High CVE-2021-30572: Use after free in Autofill. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-05-28<\/li>\n<li>[$TBD][1216822] High CVE-2021-30573: Use after free in GPU. Reported by Security For Everyone Team &#8211; https:\/\/securityforeveryone.com on 2021-06-06<\/li>\n<li>[$TBD][1227315] High CVE-2021-30574: Use after free in protocol handling. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-07-08<\/li>\n<li>[$15000][1213313] Medium CVE-2021-30575: Out of bounds read in Autofill. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-05-26<\/li>\n<li>[$10000][1194896] Medium CVE-2021-30576: Use after free in DevTools. Reported by David Erceg on 2021-04-01<\/li>\n<li>[$10000][1204811] Medium CVE-2021-30577: Insufficient policy enforcement in Installer. Reported by Jan van der Put (REQON B.V) on 2021-05-01<\/li>\n<li>[$7500][1201074] Medium CVE-2021-30578: Uninitialized Use in Media. Reported by Chaoyuan Peng\u00a0 on 2021-04-21<\/li>\n<li>[$7500][1207277] Medium CVE-2021-30579: Use after free in UI framework. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-05-10<\/li>\n<li>[$5000][1189092] Medium CVE-2021-30580: Insufficient policy enforcement in Android intents. Reported by @retsew0x01 on 2021-03-17<\/li>\n<li>[$5000][1194431] Medium CVE-2021-30581: Use after free in DevTools. Reported by David Erceg on 2021-03-31<\/li>\n<li>[$5000][1205981] Medium CVE-2021-30582: Inappropriate implementation in Animation. Reported by George Liu\u00a0 on 2021-05-05<\/li>\n<li>[$3000][1179290] Medium CVE-2021-30583: Insufficient policy enforcement in image handling on Windows. Reported by Muneaki Nishimura (nishimunea) on 2021-02-17<\/li>\n<li>[$3000][1213350] Medium CVE-2021-30584: Incorrect security UI in Downloads. Reported by @retsew0x01 on 2021-05-26<\/li>\n<li>[$N\/A][1023503] Medium CVE-2021-30585: Use after free in sensor handling. Reported by niarci on 2019-11-11<\/li>\n<li>[$TBD][1201032] Medium CVE-2021-30586: Use after free in dialog box handling on Windows. Reported by kkomdal with kkwon and neodal on 2021-04-21<\/li>\n<li>[$N\/A][1204347] Medium CVE-2021-30587: Inappropriate implementation in Compositing on Windows. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-04-30<\/li>\n<li>[$5000][1195650] Low CVE-2021-30588: Type Confusion in V8. Reported by Jose Martinez (tr0y4) from VerSprite Inc. on 2021-04-04<\/li>\n<li>[$3000][1180510] Low CVE-2021-30589: Insufficient validation of untrusted input in Sharing. Reported by Kirtikumar Anandrao Ramchandani (@Kirtikumar_A_R) and Patrick Walker (@homesen) on 2021-02-20<\/li>\n<\/ul>\n<p>Weitere Probleme wurden intern durch Audits und Fuzzing aufgesp\u00fcrt und behoben. Die Chrome-Version f\u00fcr Windows, Mac und Linux wird in den n\u00e4chsten Tagen \u00fcber die automatische Update-Funktion auf die Systeme ausgerollt. Die Liste mit den Neuerungen findet sich auf <a href=\"https:\/\/web.archive.org\/web\/20220328125303\/https:\/\/chromestatus.com\/features\/schedule\" target=\"_blank\" rel=\"noopener\">dieser Google-Seite<\/a> sowie <a href=\"https:\/\/chromestatus.com\/features#milestone%3D92\" target=\"_blank\" rel=\"noopener\">hier<\/a>.\u00a0 heise hat <a href=\"https:\/\/www.heise.de\/news\/Chrome-92-ist-da-Mehr-Actions-weniger-Verbrauch-6143837.html\" target=\"_blank\" rel=\"noopener\">hier<\/a> einiges zum neuen Chrome 92 geschrieben. Sie k\u00f6nnen diese Build aber auch <a href=\"https:\/\/www.google.com\/intl\/de_de\/chrome\/\" target=\"_blank\" rel=\"noopener\">hier herunterladen<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[English]Google hat zum 20. Juli 2021 den Google Chrome 92.0.4515.107 f\u00fcr Windows, Mac und Linux freigegeben. Es ist ein Update auf die Version 92, die neue Features mitbringt, aber auch gleich 35 Schwachstellen in \u00e4lteren Browserversionen beseitigt.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1356,426,185],"tags":[406],"class_list":["post-255920","post","type-post","status-publish","format-standard","hentry","category-google-chrome-internet","category-sicherheit","category-update","tag-chrome"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/255920","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=255920"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/255920\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=255920"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=255920"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=255920"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}