Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

Congratulations to the diverse range of researchers featuring in this patch. We’re pleased to announce that the Chromium Security Rewards program has now crossed $100,000 of rewards.

  • [$1000] [54262] High URL bar spoof. Credit to Jordi Chancel.
  • [$500] [63732] High Crash with javascript dialogs. Credit to Sergey Radchenko.
  • [$1000] [68263] High Stylesheet node stale pointer. Credit to Sergey Glazunov.
  • [$1000] [68741] High Stale pointer with key frame rule. Credit to Sergey Glazunov.
  • [$500] [70078] High Crash with forms controls. Credit to Stefan van Zanden.
  • [$1000] [70244] High Crash in SVG rendering. Credit to Sławomir Błażek.
  • [64-bit Linux only] [70376] Medium Out-of-bounds read in pickle deserialization. Credit to Evgeniy Stepanov of the Chromium development community.
  • [$1000] [71114] High Stale node in table handling. Credit to Martin Barbella.
  • [$1000] [71115] High Stale pointer in table rendering. Credit to Martin Barbella.
  • [$1000] [71296] High Stale pointer in SVG animations. Credit to miaubiz.
  • [$1000] [71386] High Stale nodes in XHTML. Credit to wushi of team509.
  • [$1000] [71388] High Crash in textarea handling. Credit to wushi of team509.
  • [$1000] [71595] High Stale pointer in device orientation. Credit to Sergey Glazunov.
  • [71717] Medium Out-of-bounds read in WebGL. Credit to miaubiz.
  • [$1000] [71855] High Integer overflow in textarea handling. Credit to miaubiz.
  • [71960] Medium Out-of-bounds read in WebGL. Credit to Google Chrome Security Team (Inferno).
  • [72214] High Accidental exposure of internal extension functions. Credit to Tavis Ormandy of the Google Security Team.
  • [$1000] [72437] High Use-after-free with blocked plug-ins. Credit to Chamal de Silva.
  • [$1000] [73235] High Stale pointer in layout. Credit to Martin Barbella.
Chris Evans
Google Chrome Security Team


If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Anthony Laforge
Google Chrome
Share on Twitter Share on Facebook

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

This release incorporates a new version of Flash (10.2), which is a security update.

  • [67234] High Stale pointer in animation event handling. Credit to Rik Cabanier.
  • [$1000] [68120] High Use-after-free in SVG font faces. Credit to miaubiz.
  • [$1000] [69556] High Stale pointer with anonymous block handling. Credit to Martin Barbella.
  • [69970] Medium Out-of-bounds read in plug-in handling. Credit to Bill Budge of Google.
  • [$1000] [70456] Medium Possible failure to terminate process on out-of-memory condition. Credit to David Warren of CERT/CC.
If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Anthony Laforge
Google Chrome
Share on Twitter Share on Facebook

Share on Twitter Share on Facebook