A new Flexera Community experience is coming on November 18th, click here for more information.
The Nov 1st, SA91892 Chrome vulnerability has disappeared from my dashboard, now that a new lower criticality alert from Chrome has shown up.
Please explain? I need to be able to report on those earlier numbers even if a new alert has shown up.
(I don't see this happening with Adobe or iTunes updates)
Nov 07, 2019 10:36 AM
Hello,
Thanks for raising the question. I have created a case 01944133 for you to discuss further details. By design, when a new advisory is issued for the same product then it replaces the older advisory as the vendor recommends to upgrade to the latest version as mentioned in the new advisory. In this case, SA91938 replaces SA91892. Google recommends upgrading to 78.0.3904.97 as this vulnerability is reported to all versions prior to this. Whereas the extremely critical advisory SA91892 recommends upgrading to 78.0.3904.87. However, upgrading to this version would still make Google Chrome insecure because of SA91938.
I hope this explains the reason for replacing the advisory with the new one but we can discuss further details in the support case.
Best Regards,
Waqas
Nov 08, 2019 08:21 AM