The Beta and Stable channels of Chrome, Google’s popular browser, have been updated to version 18.0.1025.151. With this latest update, a number of improvements in the security sector were also rolled out.
Some of the security experts that uncovered the vulnerabilities, including miaubiz, Arthur Gerkis, and Sławomir Błażek, were rewarded by Google with $6,000 (€4,500) for their finds.
The most important fixes that mark this release are for use-after-free issues identified in different scenarios, such as run-in handling, line box handling, v8 bindings, SVG resource handling, focus handling and when applying style command.
The medium severity security holes include an out-of-bounds read in Skia clipping, a cross-origin iframe replacement, a use-after-free in media handling and a read-after-free in script bindings.
A single low severity flaw, described as “cross-origin violation parenting pop-up window,” was addressed.
0 comments:
Post a Comment