Chrome 73 Released

Now the Android version of popular browser has Lite page mode that speeds up website download and reduces traffic consumption
13 March 2019   1035

Google has released another update Chrome.

  • The Android application has Lite pages mode for optimizing pages, speeding up their loading and reducing traffic, as well as a new download manager.
  • Settings for account management and synchronization are collected in a separate section - Sync and Google services.
  • Improved video mode “picture in picture”. A floating window can now make web applications (PWA): chat rooms, instant messengers, video conferencing. And added the button "Skip advertising".
  • It is forbidden to load external resources in scripts provided by extensions. Extension developers now need to use background handlers.

The previous version was released in late January.

Two Vulnerabilities to be Found at SDL

Two of six serious vulnerabilities in this cross-platform multimedia library create conditions for remote code execution.
04 July 2019   1017

The SDL (Simple Direct Layer) library set, which provides tools for hardware accelerated 2D and 3D graphics rendering, input processing, audio playback, 3D output via OpenGL / OpenGL ES, and many other related operations, revealed 6 vulnerabilities. Including in the SDL2_image library, two problems have been discovered that allow organizing remote code execution in the system. Attacks can be made on applications that use SDL to load images.

Both vulnerabilities (CVE-2019-5051, CVE-2019-5051) are present in the IMG_LoadPCX_RW function and are caused by the lack of the necessary error handler and integer overflow that can be exploited through the transfer of a specially crafted PCX file. Issues have already been fixed in the SDL_image 2.0.5 release. Information about the remaining 4 vulnerabilities has not yet been disclosed.

Vulnerabilities were found by Talos, so you can find more info at their website.