Google yesterday released a security update for the Google Chrome web browser that brings the version of the browser to 10.0.648.204. The update is as usually installed via automatic updates on most Google Chrome installations. Chrome users who have automatic updates disabled can check for new updates under the Tools icon > About Google chrome option.
The update is available for all supported operating system (Microsoft Windows, Linux and Apple Machintosh) as well as Chrome Frame, a plugin for Microsoft’s Internet explorer that allows Internet Explorer users to utilize Chrome’s rendering engine in the Microsoft browser.
A total of six security issues have been fixed in the new version of Google Chrome, of which all have received a severity rating of high, the second highest rating.
- CVE-2011-1291: Buffer error in base string handling.
- CVE-2011-1292: Use-after-free in the frame loader.
- CVE-2011-1293: Use-after-free in HTMLCollection.
- CVE-2011-1294: Stale pointer in CSS handling.
- CVE-2011-1295: DOM tree corruption with broken node parentage.
- CVE-2011-1296: Stale pointer in SVG text handling.
The update has been rolled out for the stable channel of the browser, but it is likely that the security fixes have been fixed in beta, dev and canary builds as well previously.
Some Chrome users are reporting crashes related to the Flash plugin on sites such as Gmail or the Irish RTE. (via)
In other news: The Chrome Dev channel has been updated as well to version 12.0.712.0 on all supported operating systems. The update is not a security update though. It adds multi-tab selection to the browser and updates the V8 rendering engine to 18.104.22.168. Mac users get “new and improved bookmark bar animations”. (via)
This entry was posted in Chrome Extensions
. Bookmark the permalink