In association with heise online

05 October 2011, 10:32

Chrome 14 update brings Flash 11, closes security holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Google Chrome Google has released version 14.0.835.202 of Chrome, a maintenance and security update for all supported platforms. This stable channel update includes the new Flash Player 11 release and addresses a total of nine vulnerabilities.

Rated as 'critical' by Google, a memory corruption problem has been fixed in the shader translator. Other holes closed include eight 'high-risk' bugs ranging from a use-after-free error in text line box handling and stale fonts in text handling, to a cross-origin problem, lifetime and threading issues in audio node handling, and use-after-free and memory corruption exploits in V8, the browser's JavaScript engine. However, Google's fix for the SSL/TLS vulnerability has yet to make it from the development version to the stable branch.

As part of its Chromium Security Reward program, Google paid out a total of $10,000 to security researchers for reporting these vulnerabilities. Further details of the vulnerabilities are being withheld until "a majority of users are up-to-date with the fix".

Further details about the update, including a link to the full SVN revision log, can be found in a post on the Google Chrome Releases blog. Chrome 14.0.835.202 is available to download for Windows, Mac OS X and Linux from google.com/chrome. Users who currently have Chrome installed can use the built-in update function by clicking Tools, selecting About Google Chrome and clicking the Update button.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-1354670
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit