Google Chrome 85.0.4183.83 軟體資訊交流 Mac

What's new in this version:

Google Chrome 85.0.4183.83
- Change log not available for this version


Google Chrome 84.0.4147.135
- Fixed: Heap buffer overflow in SwiftShader


Google Chrome 84.0.4147.125
Fixes:
- Use after free in ANGLE
- Use after free in task scheduling
- Use after free in media
- Use after free in audio
- Inappropriate implementation in installer
- Incorrect security UI in media
- Heap buffer overflow in Skia
- Use after free in media
- Use after free in IndexedDB
- Use after free in WebXR
- Use after free in Blink
- Use after free in offline mode
- Medium CVE-2020-6554: Use after free in extensions
- Medium CVE-2020-6555: Out of bounds read in WebGL


Google Chrome 84.0.4147.105
Security Fixes:
- Type Confusion in V8
- Inappropriate implementation in WebView
- Use after free in SCTP
- Use after free in CSS
- Heap buffer overflow in Skia
- Use after free in WebUSB
- Various fixes from internal audits, fuzzing and other initiatives


Google Chrome 84.0.4147.89
- Change log not available for this version


Google Chrome 83.0.4103.116
- Change log not available for this version


Google Chrome 83.0.4103.106
- Disable CertVerifyProcInternalTest.EVVerificationMultipleOID
- [M83] Revert "[Media Device Management] Check if the interface is already bound
- Roll ChromeOS Orderfiles from 83-4103.77-1591006230-benchmark-83.0.4103.99-r1 to 83-4103.97-1591611962-benchmark-83.0.4103.103-r1
- [Viz, capture] Merge to M83: Fix corruption bug: Invalidate marked buffer on reuse and remark frames on size change
- Merge to M83: Re-land: Fix UAF in TtsPlatformImpl if a BrowserContext is deleted
- [M83] Drop 'future=True' for SBProtectionLevel - it launched in M83
- Roll ChromeOS Silvermont AFDO profile from 83-4103.77-1591006230-benchmark-83.0.4103.99-r1 to 83-4103.97-1591611962-benchmark-83.0.4103.103-r1
- Roll ChromeOS Broadwell AFDO profile from 83-4103.50-1590404133-benchmark-83.0.4103.92-r1 to 83-4103.77-1591610071-benchmark-83.0.4103.103-r1
- Roll ChromeOS Airmont AFDO profile from 83-4103.50-1590408034-benchmark-83.0.4103.92-r1 to 83-4103.97-1591614391-benchmark-83.0.4103.103-r1
- Merge ": Update a shadow node on resetting" to M83 branch
- [M83] Revert "fido: add FidoDiscoveryFactory::ResetRequestState()"
- Pass the PreferredColorScheme to SVGImage
- Merge M83: "[WebAudio] Call SetFormat() for every sink Initialize() call."
- Ash Tray: RemovePrivacyScreenToastController Obs in Dtor
- Roll ChromeOS Orderfiles from 83-4103.50-1590401629-benchmark-83.0.4103.92-r1 to 83-4103.77-1591006230-benchmark-83.0.4103.99-r1
- [WebView] Fix single-window-mode JS injection
- Fix observers in ChallengeResponseAuthKeysLoader
- Replace time restrictions with deny interactive logon type instead
- Roll ChromeOS Silvermont AFDO profile from 83-4103.77-1591006230-benchmark-83.0.4103.98-r1 to 83-4103.77-1591006230-benchmark-83.0.4103.99-r1
- Roll ChromeOS Silvermont AFDO profile from 83-4103.50-1590401629-benchmark-83.0.4103.92-r1 to 83-4103.77-1591006230-benchmark-83.0.4103.98-r1
- Forward built-in-admin-name and administrators-group-name as part of
- Collect and forward OS version to UploadDeviceDetails RPC
- Demo mode: Add new Chrome and Android apps to demo mode metrics
- Remove -stable GPU Mac OS usage
- Switch away from GPU synthetic dimensions
- [ShareButtonInToolbar] add explicit end animation state to explicit show
- Disable GPU buildbucket test
- Mark fast/speech/scripted/speechrecognition-restart-onend.html as flaky


Google Chrome 83.0.4103.97
- Change log not available for this version


Google Chrome 83.0.4103.61
Security Fixes:
- Use after free in reader mode
- Use after free in media
- Use after free in WebRTC
- Type Confusion in V8
- Insufficient policy enforcement in developer tools
- Insufficient validation of untrusted input in clipboard
- Insufficient policy enforcement in developer tools
- Insufficient policy enforcement in developer tools
- Insufficient policy enforcement in Blink
- Use after free in Blink
- Incorrect security UI in full screen
- Insufficient policy enforcement in tab strip
- Inappropriate implementation in installer
- Inappropriate implementation in full screen
- Inappropriate implementation in sharing
- Insufficient policy enforcement in enterprise
- Insufficient policy enforcement in URL formatting
- Insufficient policy enforcement in developer tools
- Insufficient policy enforcement in payments
- Insufficient data validation in ChromeDriver
- Insufficient data validation in media router
- Insufficient policy enforcement in navigations
- Insufficient policy enforcement in downloads
- Insufficient policy enforcement in downloads
- Inappropriate implementation in developer tools
- Insufficient data validation in loader
- Incorrect security UI in site information
- Various fixes from internal audits, fuzzing and other initiatives


Google Chrome 81.0.4044.138
- Cherry picking usrsctp stack overflow fix to M81
- [chromedriver] Regenerate atoms files from selenium
- Fix "Completion handler not called" crash in //ios/web_view. by Hiroshi Ichikawa Revert "WebApp: Handle OS shortcut deletion for bookmark apps in web apps land."
- Element moving betor no-op between lifecycles
- Removes spammy log in blink::WebRtcAudioSink
- Allow Device Service access from any thread
- [Autofill] Fixed requesting invalid country codes from CountryData
- Fix customized built-in element constructor behavior
- Only run Mac non-isolated scripts in compile tasks
- Remove mdm enrollment check in AllowSigninRestrictions


Google Chrome 81.0.4044.129
- Change log not available for this version


Google Chrome 81.0.4044.122
- Compiles //components/sessions/core/ios with ARC
- Invalidate view background when root element adds/removes paint properties
- Bump theme pak version from 72 to 73 on M81
- [ios] Creates flag to enable Messages only for iOS13
- LZMA: Unconditionally flush output files after unmapping
- [ios] Checks if Bookmarks rootNode is not nullptr before caching row
- Block gcpw login if allowed domains registry key is missing
- [SelfShare] Update manifests for renamed/unified handler
- Check ResourceContext is alive before binding SafeBrowsing in weblayer/webview
- Move unmapping of large pages out of the spin-lock in PartitionAlloc
- Merge to M81: [viz, capture] Add debug logging to FrameSinkVideoCapturer
- Merge to M81: Add webrtc logging in WebrtcVideoFrameAdapter. Do not cause lifecycle change during AX serialization by Aaron Leventhal · 6 days ago
- [Merge M81][Web Payment] Browser context owned callback
- Revert "[ios] Disables failing tests in RestoreTestCase"
- Revert "Only use SupervisedUserNavigationObserver for child accounts"
- Reland "Don't decode invalid punycode in URL formatter"
- [Merge to M81] Do not allow window dragging/resizing in oobe or login screen


Google Chrome 81.0.4044.113
- Revert "Don't decode invalid punycode in URL formatter"
- Don't decode invalid punycode in URL formatter
- Flush the output file after writing if it was mapped into memory
- Revert "[css-grid] Exclude implicit grid tracks from the resolved value"
- Fix crash when launching Release Notes PWA in Chrome OS
- SpeechRecognizerImpl: use a WeakPtr to itself for all tasks
- Compute omnibox background color from toolbar color, for custom themes
- Donot refresh login UI if auth enforcement was already performed on
- Make gcpw default cred provider
- [GCPW] Add retry mechanism for WinHttpUrlFetcher
- Update Google static pins
- network_config.js: Avoid assert when vpnType_ is undefined
- Switched to using a groupping role for embedded objects with children
- viz: Use child sequence number from parent if embed token changes
- M81: Support Sharp PPD color parsing by Lei Zhang Always return a valid IOSChromeSyncedTabDelegate::GetCurrentEntryIndex
- Don't set occlusion region when the frame is disabled
- Add sliders to modify mic gain in system tray
- GpuVDA: Override ProvidePictureBuffersWithVisibleRect()
- Ash,Wallpaper: Add support for reloading WallpaperType::ONE_SHOT
- Add option to enable system tray mic gain in chrome://flags
- Modify system tray icons to match new specs
- [MERGE 81] weblayer: increase allowed version skew to 4
- [Cherry-pick] WebUI Tab Strip: Add alert indicator for HID connected
- Add feature flag for mic gain settings in system tray
- Fixing NPE in cacheEvent of BTSUma
- [merge] media: Disallow CDM reset in mojo media services
- 4044: [code coverage] Merge script changes for separated test types
- CrOS network config: Cleanup and fix partial setting of ConfigProperties
- Require kvm for browser tests
- Handle visible_rect in V4L2/VAAPI VDAs when origin != (0, 0)
- V4L2SVDA: Validate visible rectangle
- media: Fix non-zero offset in visible rect
- VdaVD: Advertise a VideoFrame's visible size as the coded size


Google Chrome 81.0.4044.92
Fixed:
- Use after free in extensions
- Use after free in audio
- Out of bounds read in WebSQL
- Type Confusion in V8
- Insufficient validation of untrusted input in clipboard
- Insufficient policy enforcement in full screen
- Insufficient policy enforcement in navigations
- Insufficient policy enforcement in extensions
- Use after free in devtools
- Insufficient policy enforcement in extensions
- Use after free in window management
- Inappropriate implementation in WebView
- Insufficient policy enforcement in extensions
- Insufficient policy enforcement in navigations
- Inappropriate implementation in extensions
- Insufficient policy enforcement in omnibox
- Inappropriate implementation in cache
- Insufficient data validation in developer tools
- Uninitialized Use in WebRTC
- Insufficient policy enforcement in trusted types
- Insufficient policy enforcement in trusted types
- Inappropriate implementation in developer tools
- Use after free in V8
- Various fixes from internal audits, fuzzing and other initiatives


Google Chrome 80.0.3987.163
- media/gpu/v4l2(s)vda: stop accessing device members from child thread
- [Picture-in-Picture] Fix crash when closing window
- [Sync] Add feature flag to disable cache guid mismatch logic
- Fix sync Nigori cache GUID left empty upon mismatch
- [Sync] Implement Nigori cache guid mismatch
- [M81] OOBE - Make recommended apps illustration smaller
- [M81] OOBE - Add scroll shadows to the sign in screen
- M81 merge: Fix themes for supervised users on extensions lite
- [M81] Batch whitelist Imprivata extensions
- Android: Update Play Core
- Fixes bad code affected by -ftrivial-auto-var-init=pattern
- [M81] [Extensions] Fix couple of ProcessManager UaF issues
- [M81 Merge] Disallow pasting SVG use elements data URI
- remoting: Check autorepeat on keydown
- Do not attempt update for Tether networks
- M81 Merge: Add UMA for child installing extensions from
- Wait until native is loaded before issuing voice search queries
- Remove pref store initialization check from
- Fix in-session password change success detection for Ping IdP
- [Merge to M-81] Desks: Add a flag to limit windows in Alt-Tab to the current active desk
- Update help center URL of ADB sideloading


Google Chrome 80.0.3987.162
- Revert "3987: pin v8 to 9c25291e705136181ede345dabcf05fb054812af."
- 3987: [iOS]Updated "shard size" to "swarming tasks" for EG tests
- Android: Update Play Core
- [Merge to M80] Worker: Stop passing creator's origin for starting a dedicated worker
- M80 merge: Enable supervised users to install extensions from policy allowlist
- Pepper: support GpuMemoryBuffer-based frame in MediaStream Video
- Clear context from orphan handlers when BaseAudioContext is going away
- [PM] Fix invariant tracking
- Crash when a process node is destroyed while still hosting worker nodes
- Protect AutofillPopupControllerImpl from being destroyed in Show()
- Protect automatic pull handlers with Mutex
- 3987: pin v8 to 9c25291e705136181ede345dabcf05fb054812af
- Make finished_source_handlers_ hold scoped_refptrs
- [Merge] Reland: Sequentialise access to callbacks in DWriteFontLookupTableBuilder
- [M80 merge] Verify if the context is still available
- Reland "Use SupportsWeakPtr for messaging from rendering thread to main thread"
- Reland "[Merge M80] - Point usrsctp to a68325e7d9ed844cc84ec134192d788586ea6cc1."
- Update comment now that the speculative fix is (mostly) confirmed
- Speculative fix for crashes in ~FileChooserImpl()
- Use WeakPtr for cross-thread posting
- MojoVideoEncodeAcceleratorService: handle potential later Initialize()
- Break connections before removing from active_source_handlers_
- Revert "[Merge M81] - Point usrsctp to a68325e7d9ed844cc84ec134192d788586ea6cc1."
- [Merge M81] - Point usrsctp to a68325e7d9ed844cc84ec134192d788586ea6cc1
- Revert "Use SupportsWeakPtr for messaging from rendering thread to main thread"
- Use SupportsWeakPtr for messaging from rendering thread to main thread
- Reland "media/gpu/vaapi: Create VAImage with va surface size on UploadVideoFrameToSurface()"
- M80 "Fix flicker on Dru when capturing"
- 3987: Move all public ios swarming tests to new template pool


Google Chrome 80.0.3987.149
- Make finished_source_handlers_ hold scoped_refptrs
- Verify if the context is still available
- 3987_137: Roll v8 to 9c25291e705136181ede345dabcf05fb054812af
- [Merge] Reland: Sequentialise access to callbacks in DWriteFontLookupTableBuilder
- Update comment now that the speculative fix is (mostly) confirmed
- Speculative fix for crashes in ~FileChooserImpl()
- Use WeakPtr for cross-thread posting
- MojoVideoEncodeAcceleratorService: handle potential later Initialize()
- Break connections before removing from active_source_handlers_
- Use SupportsWeakPtr for messaging from rendering thread to main thread
- [Merge M80 minibranch] - Point usrsctp to a68325e7d9ed844cc84ec134192d788586ea6cc1
- arc: net: Prevent Service property update loops
- arc: net: print NetworkConfiguration service name
- media/gpu/vaapi: fix kNone VaapiVDA decode case
- media/gpu/vaapi: fix VASurfaceID leak in VaapiVideoDecodeAccelerator
- arc: net: Consistently get IP configs of host networks
- Cherry pick to M80
- Roll airmont AFDO profile from 80-3987.89-1581937220-benchmark-80.0.3987.133-r1 to 80-3987.89-1581937220-benchmark-80.0.3987.134-r1 by Chrome Release Autoroll
- Fix crash in OwnerSettingsServiceChromeOS::StorePendingChanges
- Roll airmont AFDO profile from 80-3987.89-1581937220-benchmark-80.0.3987.131-r1 to 80-3987.89-1581937220-benchmark-80.0.3987.133-r1 by Chrome Release Autoroll
- Roll airmont AFDO profile from 80-3987.89-1581937220-benchmark-80.0.3987.129-r1 to 80-3987.89-1581937220-benchmark-80.0.3987.131-r1 by Chrome Release Autoroll


Google Chrome 80.0.3987.132
Security fixes:
- High CVE-2020-6420: Insufficient policy enforcement in media
- Various fixes from internal audits, fuzzing and other initiatives


Google Chrome 80.0.3987.122
- Change log not available for this version


Google Chrome 80.0.3987.116
- Change log not available for this version


Google Chrome 80.0.3987.106
- Performance: Respect navigation's AllowTimingDetails() override in workerStart()
- Disable NV12 dynamic textures on AMD GPUs in general
- Revert "Remove scroll offset rounding in position:sticky"
- Roll broadwell AFDO profile from 80-3987.76-1581332381-benchmark-80.0.3987.100-r1 to 80-3987.76-1581332381-benchmark-80.0.3987.104-r1
- Roll airmont AFDO profile from 80-3987.76-1581334369-benchmark-80.0.3987.100-r1 to 80-3987.76-1581334369-benchmark-80.0.3987.104-r1
- [M80] Revert "FrameHost::SubresourceResponseStarted: s/ url / origin_of_final_url /."
- Roll silvermont AFDO profile from 80-3987.76-1581334760-benchmark-80.0.3987.100-r1 to 80-3987.76-1581334760-benchmark-80.0.3987.104-r1
- [ChromeDriver] Restore Chrome binary search order by Tricia Crichton · 2 days ago
- Roll ChromeOS orderfile from 80-3987.76-1581334760-benchmark-80.0.3987.98-r1 to 80-3987.76-1581334760-benchmark-80.0.3987.100-r1
- Updating XTBs based on .GRDs from branch 3987 by Ben Mason
- Roll broadwell AFDO profile from 80-3987.76-1581332381-benchmark-80.0.3987.98-r1 to 80-3987.76-1581332381-benchmark-80.0.3987.100-r1
- Roll airmont AFDO profile from 80-3987.76-1581334369-benchmark-80.0.3987.98-r1 to 80-3987.76-1581334369-benchmark-80.0.3987.100-r1
- Roll silvermont AFDO profile from 80-3987.76-1581334760-benchmark-80.0.3987.98-r1 to 80-3987.76-1581334760-benchmark-80.0.3987.100-r1
- Roll ChromeOS orderfile from 80-3987.76-1580727679-benchmark-80.0.3987.97-r1 to 80-3987.76-1581334760-benchmark-80.0.3987.98-r1


Google Chrome 80.0.3987.100
- Change log not available for this version


Google Chrome 80.0.3987.87
- Change log not available for this version


Google Chrome 79.0.3945.117
- Change log not available for this version


Google Chrome 79.0.3945.88
- Change log not available for this version


Google Chrome 79.0.3945.79
- Change log not available for this version


Google Chrome 78.0.3904.108
- Reland "Fix ownership of BluetoothAdapter in BluetoothDeviceChooserController"
- Fix OOB in OnBluetoothScanningPromptEvent
- Revert "Fix ownership of BluetoothAdapter in BluetoothDeviceChooserController"
- Fix ownership of BluetoothAdapter in BluetoothDeviceChooserController
- [libusb] Fix racy UAF in libusb_get_next_timeout
- Add to rendering orphan handlers when destination is running
- [TransactionalLevelDB] Fix iterating 'Prev' from evicted iterators
- Avoid unexpected render frame host reentrancy during Window destruction
- Fix a crash in ManagePasswordsState with use-after-free
- Updating XTBs based on .GRDs from branch 3904
- Fix compile
- Get the element central location correctly if there is drop down menu
- Re-add "Close Other Tabs" to tabstrip context menu
- [Feed] Import [email protected]
- Fix IsInitialScrollHitTestReliable for fixed elements
- Fix main thread viewport pan from outside root scroller
- OOBE: Fix high CPU usage on login screen
- [Passwords] Fix for LoginDatabase that got downgraded from 25 to 24
- Revise SameSite cookie warning messages to correct misleading wording


Google Chrome 78.0.3904.97
- Change log not available for this version


Google Chrome 78.0.3904.70
Security Fixes:
This update includes 37 security fixes. Below, we highlight fixes that were contributed by external researchers:
- Use-after-free in media
- Buffer overrun in Blink
- URL spoof in navigation
- Privilege elevation in Installer
- URL bar spoofing
- CSP bypass
- Extension permission bypass
- Out-of-bounds read in PDFium
- File storage disclosure
- HTTP authentication spoof
- File download protection bypass
- File download protection bypass
- Cross-context information leak
- Buffer overflow in expat
- Cross-origin data leak
- CSS injection
- Address bar spoofing
- Service worker state error
- Notification obscured
- IDN spoof
- Notification obscured

As usual, our ongoing internal security work was responsible for a wide range of fixes:
- Various fixes from internal audits, fuzzing and other initiatives