Security fixes and rewards: We highlight fixes contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.
[$10000][377392] High CVE-2014-3153: Linux kernel futex() memory corruption vulnerability. Credit to Pinkie Pie.
If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 horizontal bars in the upper right corner of the browser).
This update includes 4 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.
[$1000][369525] High CVE-2014-3154: Use-after-free in filesystem api. Credit to Collin Payne.
[$1000][369539] High CVE-2014-3155: Out-of-bounds read in SPDY. Credit to James March, Daniel Sommermann and Alan Frindell of Facebook.
[$500][369621] Medium CVE-2014-3156: Buffer overflow in clipboard. Credit to Atte Kettunen of OUSPG.
As usual, our ongoing internal security work was responsible for the following fix:
This release fixes a number of crashes and other bugs. A full list of changes is available in the SVN log. If you find a new issue, please let us know by filing a bug. Karen Grünberg Google Chrome
