May
16

By

Chrome 19 :Get a fast, free web browser

Category: Google, Web/Internet Tags: , ,

Google released a new, stable version of its Chrome browser that adds tab synching to the mix.Google today released Chrome version 19. On the security side, the new version fixes 20 vulnerabilities: eight high-severity flaws, seven medium-severity flaws, and five low-severity flaws. You can update to the latest version using the software’s built-in silent updater, or you can download the latest version of Chrome directly from google.com/chrome.

What’s New:

Adding tab syncing is just the latest syncing feature Google is adding to Chrome.

Google chrome 19
Here are the 20 security vulnerabilities fixed in Google Chrome 19.0.1084.46 (for full details, check out googlechromereleases):

  • [112983] Low CVE-2011-3083: Browser crash with video + FTP. Credit to Aki Helin of OUSPG.
  • [113496] Low CVE-2011-3084: Load links from internal pages in their own process. Credit to Brett Wilson of the Chromium development community.
  • [118374] Medium CVE-2011-3085: UI corruption with long autofilled values. Credit to “psaldorn”.
  • [$1000] [118642] High CVE-2011-3086: Use-after-free with style element. Credit to Arthur Gerkis.
  • [118664] Low CVE-2011-3087: Incorrect window navigation. Credit to Charlie Reis of the Chromium development community.
  • [$500] [120648] Medium CVE-2011-3088: Out-of-bounds read in hairline drawing. Credit to Aki Helin of OUSPG.
  • [$1000] [120711] High CVE-2011-3089: Use-after-free in table handling. Credit to miaubiz.
  • [$500] [121223] Medium CVE-2011-3090: Race condition with workers. Credit to Arthur Gerkis.
  • [121734] High CVE-2011-3091: Use-after-free with indexed DB. Credit to Google Chrome Security Team (Inferno).
  • [$1000] [122337] High CVE-2011-3092: Invalid write in v8 regex. Credit to Christian Holler.
  • [$500] [122585] Medium CVE-2011-3093: Out-of-bounds read in glyph handling. Credit to miaubiz.
  • [122586] Medium CVE-2011-3094: Out-of-bounds read in Tibetan handling. Credit to miaubiz.
  • [$1000] [123481] High CVE-2011-3095: Out-of-bounds write in OGG container. Credit to Hannu Heikkinen.
  • [Linux only] [123530] Low CVE-2011-3096: Use-after-free in GTK omnibox handling. Credit to Arthur Gerkis.
  • [123733] [124182] High CVE-2011-3097: Out-of-bounds write in sampled functions with PDF. Credit to Kostya Serebryany of Google and Evgeniy Stepanov of Google.
  • [Windows only] [124216] Low CVE-2011-3098: Bad search path for Windows Media Player plug-in. Credit to Haifei Li of Microsoft and MSVR (MSVR:159).
  • [124479] High CVE-2011-3099: Use-after-free in PDF with corrupt font encoding name. Credit to Mateusz Jurczyk of Google Security Team and Gynvael Coldwind of Google Security Team.
  • [124652] Medium CVE-2011-3100: Out-of-bounds read drawing dash paths. Credit to Google Chrome Security Team (Inferno).
  • [Linux only] [$500] [118970] Medium CVE-2011-3101: Work around Linux Nvidia driver bug. Credit to Aki Helin of OUSPG.
  • [$1500] [125462] High CVE-2011-3102: Off-by-one out-of-bounds write in libxml. Credit to Jüri Aedla.

Money Invested :

Google also announced that it paid out around $14,500 as part of its security bug bounty program this time around.

What’s Next :

In other Chrome news, an analyst this week said that Chrome for iOS is coming soon. Ben Schachter with Macquarie Securities didn’t go into detail about how he knew the mobile browser was in the works, but said “it could significantly benefit Google’s strategic and operational mobile positioning.”