谷歌浏览器google chrome稳定版迎来v80首个版本发布,详细版本号为v80.0.3987.87,上一个正式版v79.0.3945.130发布于1月17日,时隔19天google又发布了新版chrome浏览器,本次升级主要是更新了安全修复和稳定性改进及用户体验。
谷歌浏览器v80正式版主要更新,引入samesite cookie可能会破坏网站功能,启用这项功能之后意味着只有从安全链接访问cookies的时候,它们才可以在第三方上下文中使用。
谷歌浏览器v79正式版主要更新,对密码检查工具的内置支持,通过安全浏览api实时将恶意网站列入黑名单,可预防网络钓鱼的常规可用性,禁止加载https“混合内容”,支持选项卡冻结,chrome sync个人资料部分的新界面,以及对后退缓存机制的支持。
谷歌浏览器v78正式版主要更新,带来了多项功能和改进,在windows 10(版本 1511 )系统上默认启用。还引入了内置的密码检查工具,目的是如果在用户登录期间发现异常就会发出提醒,允许用户在新标签页中添加,以及安装来自于chrome web store上的主题。
chrome稳定版已经更新到v80.0.3987.87
安全修复程序和奖励
更新包括56项安全修复
[$5000][1034394] high cve-2020-6381: integer overflow in javascript. reported by the uk's national cyber security centre (ncsc) on 2019-12-09
[$2000][1031909] high cve-2020-6382: type confusion in javascript. reported by soyeon park and wen xu from sslab, gatech on 2019-12-08
[$500][1020745] high cve-2019-18197: multiple vulnerabilities in xml. reported by blackberry security incident response team on 2019-11-01
[$500][1042700] high cve-2019-19926: inappropriate implementation in sqlite. reported by richard lorenz, sap on 2020-01-16
[$n/a][1035399] high cve-2020-6385: insufficient policy enforcement in storage. reported by sergei glazunov of google project zero on 2019-12-18
[$n/a][1038863] high cve-2019-19880, cve-2019-19925: multiple vulnerabilities in sqlite. reported by richard lorenz, sap on 2020-01-03
[$n/a][1042535] high cve-2020-6387: out of bounds write in webrtc. reported by natalie silvanovich of google project zero on 2020-01-16
[$n/a][1042879] high cve-2020-6388: out of bounds memory access in webaudio. reported by sergei glazunov of google project zero on 2020-01-16
[$n/a][1042933] high cve-2020-6389: out of bounds write in webrtc. reported by natalie silvanovich of google project zero on 2020-01-16
[$n/a][1045874] high cve-2020-6390: out of bounds memory access in streams. reported by sergei glazunov of google project zero on 2020-01-27
[$10000][1017871] medium cve-2020-6391: insufficient validation of untrusted input in blink. reported by michał bentkowski of securitum on 2019-10-24
[$5000][1030411] medium cve-2020-6392: insufficient policy enforcement in extensions. reported by microsoft edge team on 2019-12-03
[$5000][1035058] medium cve-2020-6393: insufficient policy enforcement in blink. reported by mark amery on 2019-12-17
[$3000][1014371] medium cve-2020-6394: insufficient policy enforcement in blink. reported by phil freo on 2019-10-15
[$3000][1022855] medium cve-2020-6395: out of bounds read in javascript. reported by pierre langlois from arm on 2019-11-08
[$3000][1035271] medium cve-2020-6396: inappropriate implementation in skia. reported by william luc ritchie on 2019-12-18
[$2000][1027408] medium cve-2020-6397: incorrect security ui in sharing. reported by khalil zhani on 2019-11-22
[$2000][1032090] medium cve-2020-6398: uninitialized use in pdfium. reported by pdknsk on 2019-12-09
[$2000][1039869] medium cve-2020-6399: insufficient policy enforcement in appcache. reported by luan herrera (@lbherrera_) on 2020-01-07
[$1000][1038036] medium cve-2020-6400: inappropriate implementation in cors. reported by takashi yoneuchi (@y0n3uchy) on 2019-12-27
[$500][1017707] medium cve-2020-6401: insufficient validation of untrusted input in omnibox. reported by tzachy horesh on 2019-10-24
[$500][1029375] medium cve-2020-6402: insufficient policy enforcement in downloads. reported by vladimir metnew (@vladimir_metnew) on 2019-11-28
[$tbd][1006012] medium cve-2020-6403: incorrect security ui in omnibox. reported by khalil zhani on 2019-09-19
[$n/a][1024256] medium cve-2020-6404: inappropriate implementation in blink. reported by kanchi on 2019-11-13
[$n/a][1042145] medium cve-2020-6405: out of bounds read in sqlite. reported by yongheng chen(ne0) & rui zhong(zr33) on 2020-01-15
[$n/a][1042254] medium cve-2020-6406: use after free in audio. reported by sergei glazunov of google project zero on 2020-01-15
[$n/a][1042578] medium cve-2019-19923: out of bounds memory access in sqlite. reported by richard lorenz, sap on 2020-01-16
[$1000][1026546] low cve-2020-6408: insufficient policy enforcement in cors. reported by zhong zhaochen of andsecurity.cn on 2019-11-20
[$1000][1037889] low cve-2020-6409: inappropriate implementation in omnibox. reported by divagar s and bharathi v from karya technologies on 2019-12-26
[$500][881675] low cve-2020-6410: insufficient policy enforcement in navigation. reported by evi1m0 of bilibili security team on 2018-09-07
[$500][929711] low cve-2020-6411: insufficient validation of untrusted input in omnibox. reported by khalil zhani on 2019-02-07
[$n/a][968505] low cve-2020-6412: insufficient validation of untrusted input in omnibox. reported by zihan zheng (@zzh1996) of university of science and technology of china on 2019-05-30
[$n/a][1005713] low cve-2020-6413: inappropriate implementation in blink. reported by michał bentkowski of securitum on 2019-09-19
[$n/a][1021855] low cve-2020-6414: insufficient policy enforcement in safe browsing. reported by lijo a.t on 2019-11-06
[$n/a][1029576] low cve-2020-6415: inappropriate implementation in javascript. reported by avihay cohen @ seraphicalgorithms on 2019-11-30
[$n/a][1031895] low cve-2020-6416: insufficient data validation in streams. reported by woojin oh(@pwn_expoit) of stealien on 2019-12-08
[$n/a][1033824] low cve-2020-6417: inappropriate implementation in installer. reported by renato "wrath" moraes and altieres "fallenhawk" rohr on 2019-12-13
[1048330] various fixes from internal audits, fuzzing and other initiatives
google chrome 稳定版 离线安装包 官方本地下载地址:
google chrome v80.0.3987.87 无更新功能版 64位
sha1:cae546bddec2f68d0c4c03c57122f7942b9e7989
sha256:c8c58c5618729a415ded01c4d0b26a1de1ae8c5dd1db1a4ca668eb56916df8c1
google chrome v80.0.3987.87 无更新功能版 32位
sha1:a01ff2313b50e1c303ee43758bef77b896794884
sha256:5b0c80c632322cdb5faa41152bc9f0889daa5dadb8e19c1860c1f8a3c1889c0c
google chrome v80.0.3987.87 版
sha1:c34561f67ff26353d362df3ebea69965fb33fee4
sha256:f4e5655d8c026eb0b0796f988c4026dae6c7e16cb310e2e172db195a9a93b44a
google chrome 官方带更新功能版 网盘:
