Google Chrome 32.0.1700.102 Fixes Memory Corruption Bug in V8


$10,000 / €7,318 EUR spent on external contributions, 14 vulnerabilities fixed

Google rolled out a new stable build for the Chrome browser, bringing the revision number to 32.0.1700.102, which integrates security-related fixes shelling out a total of $10,000 / €7,311 in rewards to external contributors.

The current release of Google Chrome implements no less than 14 security patches, the most significant of the glitches addressed being two vulnerabilities identified as CVE-2013-6649 and CVE-2013-6650.

These are a use-after-free error occurring with SVG images and a memory corruption vulnerability that affected the V8 JavaScript engine of the web browser.

Revealing these issues earned Atte Kettunen of OUSPG $1,000 / €731.85, and Christian Holler received $3,000 / €2,195.

The rest of $6,000 (€4,384) was spent on contributors (cloudfuzzer and miaubiz) that worked with the Chrome team during the development cycle in order to keep other security glitches from reaching the stable build.

Google Chrome 32.0.1700.102 (currently available for all supported desktop platforms – WindowsMac, and Linux) includes other fixes for issues that affected its functionality, such as failure to scroll horizontally using the trackpad, problems with file drag and drop, disappearance of the mouse pointer upon exiting full-screen, or crashing of the Quicktime plugin.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s