Google has patched 11 vulnerabilities in its Chrome browser, one of them critical, and paid out more than $8,500 in rewards to researchers for reporting bugs.
The most serious vulnerability that Google fixed in Chrome 13.0.782.215 is a critical memory-corruption flaw in Chrome’s vertex handling. That bug earned researcher Michael Braithwaite a bug bounty of $1337, the highest reward Google paid in this release. The memory-corruption flaw is present in versions of Chrome running on Windows only.
Sergey Glazunov, an independent security researcher, earned $2,500 in rewards for reporting two bugs fixed in the new version of Chrome, and Google’s own security team discovered two of the other flaws.
Of the other 10 vulnerabilities fixed in this release, nine of them are rated high and the last one is rated medium.
The full list of vulnerabilities Google fixed is:
code.google.com/p/chromium/issues/detail?id=72492
code.google.com/p/chromium/issues/detail?id=82552
code.google.com/p/chromium/issues/detail?id=87453
code.google.com/p/chromium/issues/detail?id=88216
code.google.com/p/chromium/issues/detail?id=88670
code.google.com/p/chromium/issues/detail?id=89836
code.google.com/p/chromium/issues/detail?id=90668
code.google.com/p/chromium/issues/detail?id=91517
code.google.com/p/chromium/issues/detail?id=91598
code.google.com/p/chromium/issues/detail?id=91665
draft.blogger.com/blogger.g?blogID=8982037438137564684
googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+GoogleChromeReleases+%28Google+Chrome+Releases%29
googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+GoogleChromeReleases+%28Google+Chrome+Releases%29