In association with heise online

11 November 2011, 10:32

Chrome 15 update closes holes, updates Flash

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Chrome Google has released version 15.0.874.120 of Chrome. The maintenance and security update to the WebKit-based browser upgrades the V8 JavaScript engine to version 3.5.10.23, addresses several vulnerabilities, and includes the recent Flash Player 11.1 release, which also closes critical security holes.

The Stable channel update fixes a total of five "high-risk" bugs: a heap overflow in the Ogg Vorbis decoder, a double free issue in the Theora decoder and a memory corruption regression in VP8 decoding, as well as a use-after-free error and a buffer overflow in shader variable mapping. Two medium-risk out of bounds reads in MKV and Ogg vorbis media handlers, and a low-risk issue that caused JRE7 to fail to ask for permission to run applets have also been fixed. Further details of the vulnerabilities are being withheld until "a majority of users are up-to-date with the fix".

More information about the update can be found in a post on the Google Chrome Releases blog. Chrome 15.0.874.120 for Windows, Mac OS X, Linux and Chrome Frame is available to download from google.com/chrome. Users who currently have Chrome installed can use the built-in update function.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-1377300
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit