Google Chrome 27.0.1453.110 Stable Now Available for Download

Google has released Google Chrome 27.0.1453.110 Stable for Windows, Mac, Linux and Chrome Frame to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to cause a denial-of-service condition, obtain sensitive information, or execute arbitrary code.

Overview
Google Chrome 27 brings several new features and improvements, including:
  • Web pages load 5% faster on average.
  • chrome.syncFileSystem API.
  • Improved ranking of predictions, improved spell correction, and numerous fundamental improvements for Omnibox predictions.
  • Updated Pepper Flash to 11.7.700.203.

Download Google Chrome Stable Channel (June 4, 2013)
Google Chrome 27.0.1453.110 Stable is available here: http://www.google.com/chrome

Google Chrome 27.0.1453.110 Stable

What's new in Google Chrome 27.0.1453.110?
This build contains the following updates:

Security fixes:
  • [Windows only] [$2000] [243339] CVE-2013-2854: Bad handle passed to renderer. Credit to Collin Payne. (High)
  • [$500] [242322] CVE-2013-2855: Memory corruption in dev tools API. Credit to "daniel.zulla". (Medium)
  • [$1000] [242224] CVE-2013-2856: Use-after-free in input handling. Credit to miaubiz. (High)
  • [$1000] [240124] CVE-2013-2857: Use-after-free in image handling. Credit to miaubiz. (High)
  • [$500] [239897] CVE-2013-2858: Use-after-free in HTML5 Audio. Credit to "cdel921". (High)
  • [$1500] [237022] CVE-2013-2859: Cross-origin namespace pollution. Credit to "bobbyholley". (High)
  • [$1337] [225546] CVE-2013-2860: Use-after-free with workers accessing database APIs. Credit to Collin Payne. (High)
  • [$1000] [209604] CVE-2013-2861: Use-after-free with SVG. Credit to miaubiz. (High)
  • [$1000] [161077] CVE-2013-2862: Memory corruption in Skia GPU handling. Credit to Atte Kettunen of OUSPG. (High)
  • [232633] CVE-2013-2863: Memory corruption in SSL socket handling. Credit to Sebastien Marchand of the Chromium development community. (Critical)
  • [239134] CVE-2013-2864: Bad free in PDF viewer. Credit to Mateusz Jurczyk, with contributions by Gynvael Coldwind, both from Google Security Team. (High)

In addition:
  • [246389] CVE-2013-2865: Various fixes from internal audits, fuzzing and other initiatives. (High)

For more information about changes that are in this version of Chrome 27, go to the following Google website: svn revision log.

Reference:
Google Chrome Stable Update
at
Labels:

No comments:

Post a Comment