• Chrome & Brave Browser Updates

    Author
    Topic
    #2478047

    This is intended to alert users of updates using the STABLE desktop channel only. Check your respective browser update channels to update.

    IMPORTANT
    14/09/22 – Google Chrome 105.0.5195.127
    Release Notes:
    https://chromereleases.googleblog.com/

    This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
    [$NA][1358381] High CVE-2022-3195: Out of bounds write in Storage. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute on 2022-08-31
    [$10000][1358090] High CVE-2022-3196: Use after free in PDF. Reported by triplepwns on 2022-08-30
    [$TBD][1358075] High CVE-2022-3197: Use after free in PDF. Reported by triplepwns on 2022-08-30
    [$7000.0][1355682] High CVE-2022-3198: Use after free in PDF. Reported by MerdroidSG on 2022-08-23
    [$TBD][1355237] High CVE-2022-3199: Use after free in Frames. Reported by Anonymous on 2022-08-22
    [$1000][1355103] High CVE-2022-3200: Heap buffer overflow in Internals. Reported by Richard Lorenz, SAP on 2022-08-22
    [$TBD][1343104] High CVE-2022-3201: Insufficient validation of untrusted input in DevTools. Reported by NDevTK on 2022-07-09

    IMPORTANT
    14/09/22 – Brave 1.43.93
    Release Notes:
    https://brave.com/latest/

    Release Notes v1.43.93 (Sep 14th, 2022)

    Restored gesture requirement for async clipboard write access.
    Fixed crash on brave://settings which occurred due to brave://flags/#brave-sync-v2 being disabled.
    Fixed crash on the New Tab Page which occurred due to brave://flags/#brave-news being disabled.
    Fixed crash when the “options” dictionary is null in a Brave Wallet “SignAndSendTransaction” request to a Solana provider.
    Fixed the “Learn more” link for unverified creators on the Brave Rewards panel not working.
    Fixed blank panel on brave://welcome page which displayed in certain cases.
    Upgraded Chromium to 105.0.5195.127.

    Keep IT Lean, Clean and Mean!
    2 users thanked author for this post.
    Viewing 31 reply threads
    Author
    Replies
    • #2483386

      Windows Desktop Browser Updates

      27th Sept 2022
      Google Chrome Stable Update to 106.0.5249.62
      Release notes:: https://chromereleases.googleblog.com/

      Brave update to 1.44.101
      Release Notes: https://brave.com/latest/

      Keep IT Lean, Clean and Mean!
      2 users thanked author for this post.
    • #2484357

      Windows Desktop Browser Updates

      Sept 30th 2022
      Brave Update available to 1.44.105
      Release Notes:
      https://brave.com/latest/

      Chrome Update available to 106.0.5249.91
      Release Notes:
      https://chromereleases.googleblog.com/

      [$7000][1366813] High CVE-2022-3370: Use after free in Custom Elements. Reported by Aviv A. on 2022-09-22

      [$10000][1366399] High CVE-2022-3373: Out of bounds write in V8. Reported by Tibor Klajnscek on 2022-09-21

      Security issues fixed applicable to both Chrome and Brave versions.

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2486013

      Windows Desktop Browser Updates

      Wed 5th Oct 2022
      Google Chrome Stable 106.0.5249.103 has been released.
      More info:
      https://chromereleases.googleblog.com/

      Thurs 6th Oct 2022
      Brave 1.44.108 also released.
      https://brave.com/latest/
      (awaiting release note update..try later)

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2487627

      Oct 11th 2022

      Google Chrome106.0.5249.119 stable released.

      High CVE-2022-3445: Use after free in Skia. Reported by Nan Wang (@eternalsakura13) and Yong Liu of 360 Vulnerability Research Institute on 2022-09-16

      High CVE-2022-3446: Heap buffer overflow in WebSQL. Reported by Kaijie Xu (@kaijieguigui) on 2022-09-26

      High CVE-2022-3447: Inappropriate implementation in Custom Tabs. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2022-09-22

      High CVE-2022-3448: Use after free in Permissions API. Reported by raven at KunLun lab on 2022-09-13

      High CVE-2022-3449: Use after free in Safe Browsing. Reported by asnine on 2022-09-17

      High CVE-2022-3450: Use after free in Peer Connection. Reported by Anonymous on 2022-09-30

      More info:
      https://chromereleases.googleblog.com/

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2487700

      12th Oct 2022
      Brave v1.44.112 Desktop Update
      Release notes: https://brave.com/latest/

      Updated Sardine purchase link to be set to selected network when opened from Buy screen on Brave Wallet. (#25839)

      Removed deprecated Ethereum Testnet’s (Ropsten/Rinkeby/Kovan) and added support for Sepolia Testnet for Brave Wallet. (#25654)

      Fixed issue with SignTransaction during NFT purchase on MagicEden when using Brave Wallet. (#25802)

      Fixed crash when opening the New Tab Page in certain cases on Linux. (#25849)

      Upgraded Chromium to 106.0.5249.119. (#25926) (Changelog for 106.0.5249.119)

      This update covers the same CVE’s as Chrome 106.0.5249.119 released yesterday.

      Keep IT Lean, Clean and Mean!
    • #2491922

      Brave 1.45.113 released Oct 25th 2022

      With further fixes, additions and updates included..
      Ref Release Notes:
      https://brave.com/latest/

      Security related:

      ….[Security] Added additional password protection for Brave Wallet account removal. (#24711)
      [Security] Added additional password protection for Brave Wallet backup seed. (#24534)
      [Security] Added additional password protection for Brave Wallet show private key. (#24830)
      [Security] Enhanced protection against Brave Wallet pollution attacks. (#24415)
      [Security] Updated the Brave Wallet network selector to show the full network name. (#25114)
      [Security] Updated Brave Wallet to show the full network name in tooltip for Buy/Send/Swap widget and panel. (#25107)
      [Security] Updated the Brave Wallet transaction confirmation panel to show the full network name. (#25105)
      [Security] Fixed misleading signing request message in Brave Wallet. (#24816)…..

      Keep IT Lean, Clean and Mean!
    • #2492119

      October 25th 2022

      Chrome/107.0.5304.62 Stable Released

      Security:

      High CVE-2022-3652: Type Confusion in V8. Reported by srodulv and ZNMchtss at S.S.L Team on 2022-09-30

      High CVE-2022-3653: Heap buffer overflow in Vulkan. Reported by SeongHwan Park (SeHwa) on 2022-08-19

      High CVE-2022-3654: Use after free in Layout. Reported by Sergei Glazunov of Google Project Zero on 2022-09-19

      Medium CVE-2022-3655: Heap buffer overflow in Media Galleries. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-07-11

      Medium CVE-2022-3656: Insufficient data validation in File System. Reported by Ron Masas, Imperva on 2022-07-18

      Medium CVE-2022-3657: Use after free in Extensions. Reported by Omri Bushari, Talon Cyber Security on 2022-08-09

      Medium CVE-2022-3658: Use after free in Feedback service on Chrome OS. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-08-14

      Medium CVE-2022-3659: Use after free in Accessibility. Reported by @ginggilBesel on 2022-08-23

      Medium CVE-2022-3660: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2022-05-20

      Low CVE-2022-3661: Insufficient data validation in Extensions. Reported by Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University on 2022-08-04

      More info: https://chromereleases.googleblog.com/

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2492765

      Chrome 107.0.5304.87/ 88 Stable Desktop released
      27th October 2022

      Security Fix:

      High CVE-2022-3723: Type Confusion in V8. Reported by Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast on 2022-10-25

      ref: https://chromereleases.googleblog.com/

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2492892

      Brave Browser Desktop Update

      v1.45.116 Oct 28th, 2022

      Release Notes:

      Fixed tab hover preview not being shown correctly when “Card with preview” is selected for the “Tab hover mode” setting under brave://settings/appearance. (#26251)
      Upgraded Chromium to 107.0.5304.91….

      Ref: https://brave.com/latest/

      Keep IT Lean, Clean and Mean!
    • #2494469

      Brave 1.45.118 Released
      2nd November 2022
      https://brave.com/latest/

      Release Notes v1.45.118 (Nov 2nd, 2022)

      [Security] Fixed download crash which occurred in certain cases as reported on HackerOne by rebane2001. (#26384)

      Fixed crash caused by Crypto.com widget on the New Tab Page. (#26412)

      Fixed shields not blocking WebSocket connections when adding custom filter under brave://settings/shields/filters. (#26285)

      Keep IT Lean, Clean and Mean!
    • #2496632

      8th November 2022
      Chrome Update to 107.0.5304.107
      https://chromereleases.googleblog.com/

      High CVE-2022-3885: Use after free in V8. Reported by gzobqq@ on 2022-10-24

      High CVE-2022-3886: Use after free in Speech Recognition. Reported by anonymous on 2022-10-10

      High CVE-2022-3887: Use after free in Web Workers. Reported by anonymous on 2022-10-08

      High CVE-2022-3888: Use after free in WebCodecs. Reported by Peter Nemeth on 2022-10-16

      High CVE-2022-3889: Type Confusion in V8. Reported by anonymous on 2022-11-01

      High CVE-2022-3890: Heap buffer overflow in Crashpad. Reported by anonymous on 2022-11-01

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2496852

      Brave 1.45.123 Released
      9th November 2022
      Release Notes: https://brave.com/latest/

      Upgraded Chromium to 107.0.5304.110. (Changelog for 107.0.5304.110)

      Keep IT Lean, Clean and Mean!
    • #2498449

      Brave v1.45.127 Released
      15th November 2022
      https://brave.com/latest/

      Release Notes v1.45.127 (Nov 15th, 2022)
      Added Solana NFT support in Brave Wallet.

      Updated default search engine to Brave Search for new installations in certain regions.

      Removed FTX widget from the New Tab Page and widget gallery.

      Fixed issue where Brave Rewards appears disabled in certain cases.

      Internal bug fixes to the browser then…

      Keep IT Lean, Clean and Mean!
    • #2500442

      Brave 1.45.131 Released
      22nd November 2022
      https://brave.com/latest/

      Added header for search.brave.com so Brave Search is aware when Brave Ads are enabled. (#25430)

      Fixed issue where farbling protections for screen resolution and coordinates were incorrectly being applied to extension pages. (#26715)

      Keep IT Lean, Clean and Mean!
    • #2500839

      Chrome Update for another Zero-day!
      24th November 2022

      Chrome 107.0.5304.121/.122 for Windows and Chrome 107.0.5304.121 for mac/ Linux

      https://chromereleases.googleblog.com/

      High CVE-2022-4135: Heap buffer overflow in GPU. Reported by Clement Lecigne of Google’s Threat Analysis Group on 2022-11-22

      Patch ASAP!

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2500908

      Brave 1.45.133 Released
      25th November 2022
      Ref: https://brave.com/latest/

      Upgraded Chromium to 107.0.5304.141. (#26965) (Changelog for 107.0.5304.141)

      Addresses exploited Zero-day, update ASAP!

      Keep IT Lean, Clean and Mean!
    • #2502284

      Chrome 108.0.5359.71/ 72 Released
      29th November 2022
      https://chromereleases.googleblog.com/

      This update includes 28 security fixes…/

      High CVE-2022-4174: Type Confusion in V8. Reported by Zhenghang Xiao (@Kipreyyy) on 2022-10-27

      High CVE-2022-4175: Use after free in Camera Capture. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2022-11-04

      High CVE-2022-4176: Out of bounds write in Lacros Graphics. Reported by @ginggilBesel on 2022-09-08

      High CVE-2022-4177: Use after free in Extensions. Reported by Chaoyuan Peng (@ret2happy) on 2022-10-28

      High CVE-2022-4178: Use after free in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2022-10-18

      High CVE-2022-4179: Use after free in Audio. Reported by Sergei Glazunov of Google Project Zero on 2022-10-24

      High CVE-2022-4180: Use after free in Mojo. Reported by Anonymous on 2022-10-26

      High CVE-2022-4181: Use after free in Forms. Reported by Aviv A. on 2022-11-09

      Medium CVE-2022-4182: Inappropriate implementation in Fenced Frames. Reported by Peter Nemeth on 2022-09-28

      Medium CVE-2022-4183: Insufficient policy enforcement in Popup Blocker. Reported by David Sievers on 2021-09-22

      Medium CVE-2022-4184: Insufficient policy enforcement in Autofill. Reported by Ahmed ElMasry on 2022-09-01

      Medium CVE-2022-4185: Inappropriate implementation in Navigation. Reported by James Lee (@Windowsrcer) on 2022-10-10

      Medium CVE-2022-4186: Insufficient validation of untrusted input in Downloads. Reported by Luan Herrera (@lbherrera_) on 2022-10-21

      Medium CVE-2022-4187: Insufficient policy enforcement in DevTools. Reported by Axel Chong on 2022-11-04

      Medium CVE-2022-4188: Insufficient validation of untrusted input in CORS. Reported by Philipp Beer (TU Wien) on 2022-06-30

      Medium CVE-2022-4189: Insufficient policy enforcement in DevTools. Reported by NDevTK on 2022-07-15

      Medium CVE-2022-4190: Insufficient data validation in Directory. Reported by Axel Chong on 2022-10-27

      Medium CVE-2022-4191: Use after free in Sign-In. Reported by Jaehun Jeong(@n3sk) of Theori on 2022-10-12

      Medium CVE-2022-4192: Use after free in Live Caption. Reported by Samet Bekmezci @sametbekmezci on 2022-07-14

      Medium CVE-2022-4193: Insufficient policy enforcement in File System API. Reported by Axel Chong on 2022-08-19

      Medium CVE-2022-4194: Use after free in Accessibility. Reported by Anonymous on 2022-10-03

      Medium CVE-2022-4195: Insufficient policy enforcement in Safe Browsing. Reported by Eric Lawrence of Microsoft on 2022-10-06…

      Brave 1.46.133 Released
      1st December 2022
      Ref: https://brave.com/latest/

      Due to a much larger changelog, this has been reduced for security and fixes for a quick guide

      ….Security: Disabled block element picker in Private Windows as reported on HackerOne by xiaoyinl.

      Enabled ENS L2 resolution for Brave Wallet.

      Enabled HTTPS-Only mode for Private Windows with Tor.

      Fixed broken “Add” button when adding a custom asset to Brave Wallet.

      Fixed incorrect rendering of ERC20 “Approve” amount on Brave Wallet panel.

      Fixed NFT images not loading in the Brave Wallet panel.

      Fixed cursor position when editing Brave Wallet restore words.

      Fixed the fiat currency selector not working on the “Fund” screen of Brave Wallet.

      Fixed incorrect base currency being displayed on the Brave Wallet Market tab.

      Fixed address validation not being called after switching Brave Wallet accounts.

      Fixed broken “first” link for “Sign Transaction” in Brave Wallet panel.

      Fixed incorrect placeholder text for password input field in Brave Wallet.

      Fixed x-ipfs-path handling for redirecting URLs without a DNS record.

      Fixed crash on https://d3ward.github.io/toolz/adblock when “RU Adlist” is enabled under brave://settings/shields/filters.

      Fixed HTTPSE redirects taking precedence over adblock redirects.

      Fixed incorrect button color on toolbar when certain themes are applied.

      Fixed drag and drop indicator not disappearing from sidebar after drag and drop is complete.

      Upgraded Chromium to 108.0.5359.71…

      more listed additions/ removals and updates available on brave website.

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2503070

      IMPORTANT! Update ASAP

      Chrome 108.0.5359.94/95 Released
      2nd December 2022
      https://chromereleases.googleblog.com/

      High CVE-2022-4262: Type Confusion in V8. Reported by Clement Lecigne of Google’s Threat Analysis Group on 2022-11-29…

      Brave 1.46.134 Released
      3rd December, 2022
      https://brave.com/latest/

      Upgraded to Chromium 108.0.5359.94
      (Changelog for 108.0.5359.94)

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2504179

      Chrome 108.0.5359.98/ 99 Released
      7th December 2022
      https://chromereleases.googleblog.com/

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2504521

      Brave/1.46.138 released
      7th December 2022
      https://brave.com/latest/

      Fixed performance issue where fingerprint farbling caused some sites to load slowly or not at all. (#26700)

      Keep IT Lean, Clean and Mean!
    • #2508674

      Chrome/108.0.5359.124/ 125 update released
      Tuesday13th December 2022
      https://chromereleases.googleblog.com/

      8 Security Fixes:

      High CVE-2022-4436: Use after free in Blink Media. Reported by Anonymous on 2022-11-15

      High CVE-2022-4437: Use after free in Mojo IPC. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-11-30

      High CVE-2022-4438: Use after free in Blink Frames. Reported by Anonymous on 2022-11-07

      High CVE-2022-4439: Use after free in Aura. Reported by Anonymous on 2022-11-22

      Medium CVE-2022-4440: Use after free in Profiles. Reported by Anonymous on 2022-11-09

      Brave v1.46.144 released
      Wednesday 14th December 2022
      https://brave.com/latest/

      Release Notes:

      Updated Brave Wallet to sign Solana transactions with selected account instead of fee payer. (#27051)

      Updated Brave Wallet to not use first available pubkey as the “To” address for Solana unknown instructions. (#27187)

      Updated the “Learn more” link on the Windows 7 and 8.1 deprecation infobar. (#27176)

      Disabled Manifest V2 deprecation warning message. (#26207)

      Fixed crash when re-opening Brave News from the “Customize Dashboard” modal after following a source. (#26876)

      Fixed issue where some websites failed to load when brave://flags#brave-block-screen-fingerprinting is enabled. (#27021)

      Upgraded Chromium to 108.0.5359.128. (#27351) (Changelog for 108.0.5359.128)

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2515526

      Brave 1.46.153 Released
      Friday 6th Jan 2023
      https://brave.com/latest/

      Brave

      AND they are a year out!

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2519375

      Chrome109.0.5414.74/75 update released
      Tuesday10th January 2023
      https://chromereleases.googleblog.com/

      Security Fixes

      [1353208] High CVE-2023-0128: Use after free in Overview Mode. Reported by Khalil Zhani on 2022-08-16

      [1382033] High CVE-2023-0129: Heap buffer overflow in Network Service. Reported by asnine on 2022-11-07

      [1370028] Medium CVE-2023-0130: Inappropriate implementation in Fullscreen API. Reported by Hafiizh on 2022-09-30

      [1357366] Medium CVE-2023-0131: Inappropriate implementation in iframe Sandbox. Reported by NDevTK on 2022-08-28

      [1371215] Medium CVE-2023-0132: Inappropriate implementation in Permission prompts. Reported by Jasper Rebane (popstonia) on 2022-10-05

      [1375132] Medium CVE-2023-0133: Inappropriate implementation in Permission prompts. Reported by Alesandro Ortiz on 2022-10-17

      [1385709] Medium CVE-2023-0134: Use after free in Cart. Reported by Chaoyuan Peng (@ret2happy) on 2022-11-17

      [1385831] Medium CVE-2023-0135: Use after free in Cart. Reported by Chaoyuan Peng (@ret2happy) on 2022-11-18

      [1356987] Medium CVE-2023-0136: Inappropriate implementation in Fullscreen API. Reported by Axel Chong on 2022-08-26

      [1399904] Medium CVE-2023-0137: Heap buffer overflow in Platform Apps. Reported by avaue and Buff3tts at S.S.L. on 2022-12-10

      [1346675] Low CVE-2023-0138: Heap buffer overflow in libphonenumber. Reported by Michael Dau on 2022-07-23

      [1367632] Low CVE-2023-0139: Insufficient validation of untrusted input in Downloads. Reported by Axel Chong on 2022-09-24

      [1326788] Low CVE-2023-0140: Inappropriate implementation in File System API. Reported by harrison.mitchell, cybercx.com.au on 2022-05-18

      [1362331] Low CVE-2023-0141: Insufficient policy enforcement in CORS. Reported by scarlet on 2022-09-12

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2522534

      Brave 1.47.171 Released
      January 12th 2023
      https://brave.com/latest/
      See official site for extensive release notes…

      Brave Security Fixes:

      ….[Security] Fixed Brave Wallet showing wrong network when signing DApp messages or transactions. (#26476)

      [Security] Added mixed content check for “.onion” URLs as reported on HackerOne by xiaoyinl. (#25939)

      [Security] Improved browser privacy by reducing high resolution timer precision as reported on HackerOne by joe12387. (#24681)

      [Security] Fixed Brave Today opening non-HTTP or non-HTTPS URLs as reported on HackerOne by nishimunea. (#27602)…..

      ….Upgraded Chromium to 109.0.5414.87. (#27710)…

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2528117

      Chrome 109.0.5414.119/ 120 released
      24th January 2023
      https://chromereleases.googleblog.com/

      Security Fix Summary:

      High CVE-2023-0471: Use after free in WebTransport.

      High CVE-2023-0472: Use after free in WebRTC.

      Medium CVE-2023-0473: Type Confusion in ServiceWorker API.

      Medium CVE-2023-0474: Use after free in GuestView.

      Brave1.47.186 Released
      25th January 2023
      https://brave.com/latest/

      Release Note Summary:

      Added the ability to dismiss the end of support message on both Windows 7 and 8.1

      Fixed crash when viewing sync QR code in certain cases

      Fixed crash in “DomainBlockNavigationThrottle”

      Fixed some “$removeparam” filter rules not being applied to document requests

      Upgraded Chromium to 109.0.5414.119…

      Keep IT Lean, Clean and Mean!
    • #2532593

      7th February 2023

      Google Chrome Update 110.0.5481.77/.78
      Release Notes:
      https://chromereleases.googleblog.com/

      Brave Update 1.48.158
      Release Notes:
      https://brave.com/latest/

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2535270

      Wed 15th February 2023
      Brave1.48.164
      https://brave.com/latest/

      Thu 16th February 2023
      Google Chrome 110.0.5481.104
      https://chromereleases.googleblog.com/

      Both updated to Chromium 110.0.5481.100

      Brave (Windows Only) v1.48.167
      16th February, 2023
      https://brave.com/latest/

      Keep IT Lean, Clean and Mean!
    • #2536719

      Wednesday 22nd February 2023
      Chrome Update 110.0.5481.177/ 178
      https://chromereleases.googleblog.com/

      Security Fixes:
      Critical CVE-2023-0941: Use after free in Prompts.
      High CVE-2023-0927: Use after free in Web Payments API.
      High CVE-2023-0928: Use after free in SwiftShader.
      High CVE-2023-0929: Use after free in Vulkan
      High CVE-2023-0930: Heap buffer overflow in Video
      High CVE-2023-0931: Use after free in Video
      High CVE-2023-0932: Use after free in WebRTC
      Medium CVE-2023-0933: Integer overflow in PDF

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2536975

      Thursday 24th February 2023
      Brave v1.48.171 released
      https://brave.com/latest/

      [Security] Perform download safety check even when user is prompted for save location as reported on HackerOne by ameenbasha. (#28079)……/
      /…Upgraded Chromium to 110.0.5481.177. (#28690) (Changelog for 110.0.5481.177)

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2542044

      7th March 2023
      Chrome 111.0.5563.64/65 Released

      Various scope of CVE security updates listed within:
      https://chromereleases.googleblog.com/

      HIGH:
      CVE-2023-1213: Use after free in Swiftshader.
      CVE-2023-1214: Type Confusion in V8
      CVE-2023-1215: Type Confusion in CSS.
      CVE-2023-1216: Use after free in DevTools
      CVE-2023-1217: Stack buffer overflow in Crash reporting.
      CVE-2023-1218: Use after free in WebRTC.
      CVE-2023-1219: Heap buffer overflow in Metrics
      CVE-2023-1220: Heap buffer overflow in UMA

      MEDIUM:
      CVE-2023-1221: Insufficient policy enforcement in Extensions API.
      CVE-2023-1222: Heap buffer overflow in Web Audio API
      CVE-2023-1223: Insufficient policy enforcement in Autofill
      CVE-2023-1224: Insufficient policy enforcement in Web Payments API
      CVE-2023-1225: Insufficient policy enforcement in Navigation
      CVE-2023-1226: Insufficient policy enforcement in Web Payments API
      CVE-2023-1227: Use after free in Core.
      CVE-2023-1228: Insufficient policy enforcement in Intents
      CVE-2023-1229: Inappropriate implementation in Permission prompts
      CVE-2023-1230: Inappropriate implementation in WebApp Installs
      CVE-2023-1231: Inappropriate implementation in Autofill

      LOW:
      CVE-2023-1232: Insufficient policy enforcement in Resource Timing
      CVE-2023-1233: Insufficient policy enforcement in Resource Timing
      CVE-2023-1234: Inappropriate implementation in Intents
      CVE-2023-1235: Type Confusion in DevTools
      CVE-2023-1236: Inappropriate implementation in Internals.

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2542474

      9th March 2023
      Brave 1.49.120 released
      Security, Web3, Brave Rewards and General Updates
      now based on Chromium 111.0.5563.64
      https://brave.com/latest/

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    • #2545631

      21st March 2023
      Chrome 111.0.5563.110/ 111 Released
      https://chromereleases.googleblog.com/
      Abbreviated scope of CVE security updates listed within:

      HIGH:
      CVE-2023-1528: Use after free in Passwords.
      CVE-2023-1529: Out of bounds memory access in WebHID.
      CVE-2023-1530: Use after free in PDF.
      CVE-2023-1531: Use after free in ANGLE.
      CVE-2023-1532: Out of bounds read in GPU Video
      CVE-2023-1533: Use after free in WebProtect.
      CVE-2023-1534: Out of bounds read in ANGLE.

      22nd March 2023
      Brave 1.49.128 Released
      https://brave.com/latest/
      Various fixes and additions whilst upgraded Chromium to 111.0.5563.110

      Keep IT Lean, Clean and Mean!
      1 user thanked author for this post.
    Viewing 31 reply threads
    • The topic ‘Chrome & Brave Browser Updates’ is closed to new replies.