. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the
[$
5000][
354123]
High CVE-2014-1716: UXSS in V8.
Credit to Anonymous.
[$
5000][
353004]
High CVE-2014-1717: OOB access in V8.
Credit to Anonymous.
[$
3000][
348332]
High CVE-2014-1718: Integer overflow in compositor.
Credit to Aaron Staple.
[$
3000][
343661]
High CVE-2014-1719: Use-after-free in web workers.
Credit to Collin Payne.
[$
2000][
356095]
High CVE-2014-1720: Use-after-free in DOM.
Credit to cloudfuzzer.
[$
2000][
350434]
High CVE-2014-1721: Memory corruption in V8.
Credit to Christian Holler.
[$
2000][
330626]
High CVE-2014-1722: Use-after-free in rendering.
Credit to miaubiz.
[$
1500][
337746]
High CVE-2014-1723: Url confusion with RTL characters.
Credit to George McBay.
[$
1000][
327295]
High CVE-2014-1724: Use-after-free in speech.
Credit to Atte Kettunen of OUSPG.
[
351815]
High CVE-2014-1709: IPC message injection.
Credit to geohot.
[$
3000][
357332]
Medium CVE-2014-1725: OOB read with window property.
Credit to Anonymous
[$
1000][
346135]
Medium CVE-2014-1726: Local cross-origin bypass.
Credit to Jann Horn.
[$
1000][
342735]
Medium CVE-2014-1727: Use-after-free in forms.
Credit to Khalil Zhani.
As usual, our ongoing internal security work responsible for a wide range of fixes:
Many of the above bugs were detected using
AddressSanitizer.
As we’ve
previously discussed, Chrome will now offer to remember and fill password fields in the presence of
autocomplete=off. This gives more power to users in spirit of the
priority of constituencies, and it encourages the use of the Chrome password manager so users can have more complex passwords. This change does not affect non-password fields.
A partial list of changes is available in the
SVN log. Interested in switching release channels?
Find out how. If you find a new issue, please let us know by
filing a bug.
Daniel Xie
Google Chrome
