Google Releases Chrome 19, Fixes More Than 20 Bugs

Google has released Chrome 19 and fixed more than 20 vulnerabilities in its browser, including eight high-risk bugs. The company paid security researchers $7,500 in rewards as part of its bug bounty program, including two rewards for vulnerabilities that applied to Chrome as well as other applications.

Chrome patchGoogle has released Chrome 19 and fixed more than 20 vulnerabilities in its browser, including eight high-risk bugs. The company paid security researchers $7,500 in rewards as part of its bug bounty program, including two rewards for vulnerabilities that applied to Chrome as well as other applications.

This is a major update to Chrome, relative to the recent ones that Google has pushed out. The company updates Chrome on a frequent basis, essentially whenever there are even two or three vulnerabilities to be fixed. But in this release, Google fixed 21 vulnerabilities, with there being a large number of high-risk flaws among them.

The full list of bugs fixed in Chrome 19 include:

  • [112983] Low CVE-2011-3083: Browser crash with video + FTP. Credit to Aki Helin of OUSPG.
  • [113496] Low CVE-2011-3084: Load links from internal pages in their own process. Credit to Brett Wilson of the Chromium development community.
  • [118374] Medium CVE-2011-3085: UI corruption with long autofilled values. Credit to “psaldorn”.
  • [$1000] [118642] High CVE-2011-3086: Use-after-free with style element. Credit to Arthur Gerkis.
  • [118664] Low CVE-2011-3087: Incorrect window navigation. Credit to Charlie Reis of the Chromium development community.
  • [$500] [120648] Medium CVE-2011-3088: Out-of-bounds read in hairline drawing. Credit to Aki Helin of OUSPG.
  • [$1000] [120711] High CVE-2011-3089: Use-after-free in table handling. Credit to miaubiz.
  • [$500] [121223] Medium CVE-2011-3090: Race condition with workers. Credit to Arthur Gerkis.
  • [121734] High CVE-2011-3091: Use-after-free with indexed DB. Credit to Google Chrome Security Team (Inferno).
  • [$1000] [122337] High CVE-2011-3092: Invalid write in v8 regex. Credit to Christian Holler.
  • [$500] [122585] Medium CVE-2011-3093: Out-of-bounds read in glyph handling. Credit to miaubiz.
  • [122586] Medium CVE-2011-3094: Out-of-bounds read in Tibetan handling. Credit to miaubiz.
  • [$1000] [123481] High CVE-2011-3095: Out-of-bounds write in OGG container. Credit to Hannu Heikkinen.
  • [Linux only] [123530] Low CVE-2011-3096: Use-after-free in GTK omnibox handling. Credit to Arthur Gerkis.
  • [123733] [124182] High CVE-2011-3097: Out-of-bounds write in sampled functions with PDF. Credit to Kostya Serebryany of Google and Evgeniy Stepanov of Google.
  • [Windows only] [124216] Low CVE-2011-3098: Bad search path for Windows Media Player plug-in. Credit to Haifei Li of Microsoft and MSVR (MSVR:159).
  • [124479] High CVE-2011-3099: Use-after-free in PDF with corrupt font encoding name. Credit to Mateusz Jurczyk of Google Security Team and Gynvael Coldwind of Google Security Team.
  • [124652] Medium CVE-2011-3100: Out-of-bounds read drawing dash paths. Credit to Google Chrome Security Team (Inferno).


And some additional rewards for issues with a wider scope than Chrome:

  • [Linux only] [$500] [118970] Medium CVE-2011-3101: Work around Linux Nvidia driver bug. Credit to Aki Helin of OUSPG.
  • [$1500] [125462] High CVE-2011-3102: Off-by-one out-of-bounds write in libxml. Credit to Jüri Aedla.

 

Suggested articles