Tuesday
Mar082011
Google Releases Chrome10.0.648.127 to Stable Channel
Tuesday, March 8, 2011 at 04:00PM
Google has release Chrome update 10.0.648.127 for MacOSX to the stable channel. This update includes features such as Flash Sand-Box for Windows and improved JavaScript performance. In addition the following vulnerabilities have been addressed (Directly from Google Site):
- [42574] [42765] Low Possible to navigate or close the top location in a sandboxed frame. Credit to sirdarckcat of the Google Security Team.
- [Linux only] [49747] Low Work around an X server bug and crash with long messages. Credit to Louis Lang.
- [Linux only] [66962] Low Possible browser crash with parallel print()s. Credit to Aki Helin of OUSPG.
- [$1337] [69187] Medium Cross-origin error message leak. Credit to Daniel Divricean.
- [$500] [69628] High Memory corruption with counter nodes. Credit to Martin Barbella.
- [$1000] [70027] High Stale node in box layout. Credit to Martin Barbella.
- [$500] [70336] Medium Cross-origin error message leak with workers. Credit to Daniel Divricean.
- [$1000] [70442] High Use after free with DOM URL handling. Credit to Sergey Glazunov.
- [Linux only] [70779] Medium Out of bounds read handling unicode ranges. Credit to miaubiz.
- [$1337] [70877] High Same origin policy bypass in v8. Credit to Daniel Divricean.
- [70885] [71167] Low Pop-up blocker bypasses. Credit to Chamal de Silva.
- [$1000] [71763] High Use-after-free in document script lifetime handling. Credit to miaubiz.
- [71788] High Out-of-bounds write in the OGG container. Credit to Google Chrome Security Team (SkyLined); plus subsequent independent discovery by David Weston of Microsoft and MSVR.
- [$1000] [72028] High Stale pointer in table painting. Credit to Martin Barbella.
- [73026] High Use of corrupt out-of-bounds structure in video code. Credit to Tavis Ormandy of the Google Security Team.
- [$1000] [73066] High Crash with the DataView object. Credit to Sergey Glazunov.
- [$1000] [73134] High Bad cast in text rendering. Credit to miaubiz.
- [$2000] [73196] High Stale pointer in WebKit context code. Credit to Sergey Glazunov.
- [73716] Low Leak of heap address in XSLT. Credit to Google Chrome Security Team (Chris Evans).
- [$1500] [73746] High Stale pointer with SVG cursors. Credit to Sergey Glazunov.
- [$1000] [74030] High DOM tree corruption with attribute handling. Credit to Sergey Glazunov.
- [$1000] [74662] High Corruption via re-entrancy of RegExp code. Credit to Christian Holler.
- [$1000] [74675] High Invalid memory access in v8. Credit to Christian Holler.
This update is critical and the second one in the last eight days.
tagged Condition:GREEN in Chrome, Google, Updates
Reader Comments