This update includes 14 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.
[$
1000][
330420] High CVE-2013-6649: Use-after-free in SVG images.
Credit to Atte Kettunen of OUSPG.
[$
3000][
331444] High CVE-2013-6650: Memory corruption in V8. This issue was fixed in v8 version 3.22.24.16.
Credit to Christian Holler.
We would also like to thank
cloudfuzzer and
miaubiz for working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $
6000 in additional rewards were issued.
Many of the above bugs were detected using
AddressSanitizer.
A partial list of changes is available in the
SVN log. Interested in switching release channels?
Find out how. If you find a new issue, please let us know by
filing a bug.
Karen Grunberg and Daniel Xie
Google Chrome
