The Chrome Stable channel has been updated to 19.0.1084.52 on Windows, Mac, Linux and Chrome Frame.
Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
- [117409] HighCVE-2011-3103: Crashes in v8 garbage collection. Credit to the Chromium development community (Brett Wilson).
- [118018] MediumCVE-2011-3104: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno).
- [$1000] [120912] HighCVE-2011-3105: Use-after-free in first-letter handling. Credit to miaubiz.
- [122654] CriticalCVE-2011-3106: Browser memory corruption with websockets over SSL. Credit to the Chromium development community (Dharani Govindan).
- [124625] HighCVE-2011-3107: Crashes in the plug-in JavaScript bindings. Credit to the Chromium development community (Dharani Govindan).
- [$1337] [125159] CriticalCVE-2011-3108: Use-after-free in browser cache. Credit to “efbiaiinzinz”.
- [Linux only] [$1000] [126296] HighCVE-2011-3109: Bad cast in GTK UI. Credit to Micha Bartholomé.
- [126337] [126343] [126378] [127349] [127819] [127868] HighCVE-2011-3110: Out of bounds writes in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
- [$500] [126414] MediumCVE-2011-3111: Invalid read in v8. Credit to Christian Holler.
- [127331] HighCVE-2011-3112: Use-after-free with invalid encrypted PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
- [127883] HighCVE-2011-3113: Invalid cast with colorspace handling in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
- [128014] HighCVE-2011-3114: Buffer overflows with PDF functions. Credit to Google Chrome Security Team (scarybeasts).
- [$1000] [128018] HighCVE-2011-3115: Type corruption in v8. Credit to Christian Holler.
|
