Новая версия - 10.0.648.127 (26.2 MB).
читать дальше »
[42574] [42765] Low Possible to navigate or close the top location in a sandboxed frame. Credit to sirdarckcat of the Google Security Team.
[Linux only] [49747] Low Work around an X server bug and crash with long messages. Credit to Louis Lang.
[Linux only] [66962] Low Possible browser crash with parallel print()s. Credit to Aki Helin of OUSPG.
[$1337] [69187] Medium Cross-origin error message leak. Credit to Daniel Divricean.
[$500] [69628] High Memory corruption with counter nodes. Credit to Martin Barbella.
[$1000] [70027] High Stale node in box layout. Credit to Martin Barbella.
[$500] [70336] Medium Cross-origin error message leak with workers. Credit to Daniel Divricean.
[$1000] [70442] High Use after free with DOM URL handling. Credit to Sergey Glazunov.
[Linux only] [70779] Medium Out of bounds read handling unicode ranges. Credit to miaubiz.
[$1337] [70877] High Same origin policy bypass in v8. Credit to Daniel Divricean.
[70885] [71167] Low Pop-up blocker bypasses. Credit to Chamal de Silva.
[$1000] [71763] High Use-after-free in document script lifetime handling. Credit to miaubiz.
[71788] High Out-of-bounds write in the OGG container. Credit to Google Chrome Security Team (SkyLined); plus subsequent independent discovery by David Weston of Microsoft and MSVR.
[$1000] [72028] High Stale pointer in table painting. Credit to Martin Barbella.
[73026] High Use of corrupt out-of-bounds structure in video code. Credit to Tavis Ormandy of the Google Security Team.
[$1000] [73066] High Crash with the DataView object. Credit to Sergey Glazunov.
[$1000] [73134] High Bad cast in text rendering. Credit to miaubiz.
[$2000] [73196] High Stale pointer in WebKit context code. Credit to Sergey Glazunov.
[73716] Low Leak of heap address in XSLT. Credit to Google Chrome Security Team (Chris Evans).
[$1500] [73746] High Stale pointer with SVG cursors. Credit to Sergey Glazunov.
[$1000] [74030] High DOM tree corruption with attribute handling. Credit to Sergey Glazunov.
[$1000] [74662] High Corruption via re-entrancy of RegExp code. Credit to Christian Holler.
[$1000] [74675] High Invalid memory access in v8. Credit to Christian Holler.
