Stable Channel Update
Tuesday, March 11, 2014
The Stable Channel has been updated to 33.0.1750.149 for Windows, Mac, and Linux.
This release also contains a Flash Player update, to version 12.0.0.77.
Security Fixes and Rewards
This update includes 7 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.
[$4000][344881] High CVE-2014-1700: Use-after-free in speech. Credit to Chamal de Silva.
[$3000][342618] High CVE-2014-1701: UXSS in events. Credit to aidanhs.
[$1000][333058] High CVE-2014-1702: Use-after-free in web database. Credit to Collin Payne.
As usual, our ongoing internal security work responsible for a wide range of fixes:
[338354] High CVE-2014-1703: Potential sandbox escape due to a use-after-free in web sockets.
[328202, 349079, 345715] CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version 3.23.17.18.
This release also contains a Flash Player update, to version 12.0.0.77.
Security Fixes and Rewards
This update includes 7 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.
[$4000][344881] High CVE-2014-1700: Use-after-free in speech. Credit to Chamal de Silva.
[$3000][342618] High CVE-2014-1701: UXSS in events. Credit to aidanhs.
[$1000][333058] High CVE-2014-1702: Use-after-free in web database. Credit to Collin Payne.
As usual, our ongoing internal security work responsible for a wide range of fixes:
[338354] High CVE-2014-1703: Potential sandbox escape due to a use-after-free in web sockets.
[328202, 349079, 345715] CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version 3.23.17.18.
Many of the above bugs were detected using AddressSanitizer.
This release fixes a number of crashes and other bugs. A full list of changes is available in the SVN log. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome
This release fixes a number of crashes and other bugs. A full list of changes is available in the SVN log. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome