Google Chrome 20.0.1132.43 released to Stable Channel

Google Chrome Stable Update
Google Chrome 20.0.1132.43 has been updated to the Stable channel for Windows, Mac OS, Linux, and Chrome Frame platforms to address multiple vulnerabilities. Thirteen of those are rated High, with the remaining four classified as Medium and three classified as Low. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

Overview
Google Chrome is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier. It has one box for everything: Type in the address bar and get suggestions for both search and web pages. Will give you thumbnails of your top sites, access your favorite pages instantly with lightning speed from any new tab. Desktop shortcuts allow you to launch your favorite Web apps straight from your desktop.

Install Google Chrome
To install Google Chrome 20.0.1132.43 Stable please visit http://www.google.com/chrome website.


What's new in Google Chrome 20.0.1132.43 Stable (June 26, 2012)
Google Chrome 20.0.1132.43 contains a number of new features and updates, including:
  • Updated V8 - 3.10.8.19.

Security fixes and rewards:
  • [118633] CVE-2012-2815: Leak of iframe fragment id. Credit to Elie Bursztein of Google. (Low)
  • [Windows only] [119150] [119250] CVE-2012-2816: Prevent sandboxed processes interfering with each other. Credit to Google Chrome Security Team (Justin Schuh). (High)
  • [$1000] [120222] CVE-2012-2817: Use-after-free in table section handling. Credit to miaubiz. (High)
  • [$1000] [120944] CVE-2012-2818: Use-after-free in counter layout. Credit to miaubiz. (High)
  • [120977] CVE-2012-2819: Crash in texture handling. Credit to Ken "gets" Russell of the Chromium development community. (High)
  • [121926] CVE-2012-2820: Out-of-bounds read in SVG filter handling. Credit to Atte Kettunen of OUSPG. Medium)
  • [122925] CVE-2012-2821: Autofill display problem. Credit to "simonbrown60". Medium)
  • [various] CVE-2012-2822: Misc. lower severity OOB read issues in PDF. Credit to awesome ASAN and various Googlers (Kostya Serebryany, Evgeniy Stepanov, Mateusz Jurczyk, Gynvael Coldwind). Medium)
  • [$1000] [124356] CVE-2012-2823: Use-after-free in SVG resource handling. Credit to miaubiz. (High)
  • [$1000] [125374] CVE-2012-2824: Use-after-free in SVG painting. Credit to miaubiz. (High)
  • [128688] CVE-2012-2826: Out-of-bounds read in texture conversion. Credit to Google Chrome Security Team (Inferno). Medium)
  • [Mac only] [129826] CVE-2012-2827: Use-after-free in Mac UI. Credit to the Chromium development community (Dharani Govindan). (Low)
  • [129857] CVE-2012-2828: Integer overflows in PDF. Credit to Mateusz Jurczyk of Google Security Team and Google Chrome Security Team (Chris Evans). (High)
  • [$1000] [129947] CVE-2012-2829: Use-after-free in first-letter handling. Credit to miaubiz. (High)
  • [$1000] [129951] CVE-2012-2830: Wild pointer in array value setting. Credit to miaubiz. (High)
  • [Windows only] [130276] CVE-2012-2764: Unqualified load of metro DLL. Credit to Moshe Zioni of Comsec Consulting. (Low)
  • [$1000] [130356] CVE-2012-2831: Use-after-free in SVG reference handling. Credit to miaubiz. (High)
  • [131553] CVE-2012-2832: Uninitialized pointer in PDF image codec. Credit to Mateusz Jurczyk of Google Security Team. (High)
  • [132156] CVE-2012-2833: Buffer overflow in PDF JS API. Credit to Mateusz Jurczyk of Google Security Team. (High)
  • [$1000] [132779] CVE-2012-2834: Integer overflow in Matroska container. Credit to Jüri Aedla. (High)

And some additional rewards for issues with a wider scope than Chrome:
  • [$500] [127417] CVE-2012-2825: Wild read in XSL handling. Credit to Nicholas Gregoire. Medium)
  • [64-bit Linux only] [$3000] [129930] CVE-2012-2807: Integer overflows in libxml. Credit to Jüri Aedla. (High)

Note: Many of the above bugs were detected using AddressSanitizer.

Source: Google Chrome Releases

No comments: