Google Just Fixed A Bunch Of Bugs In Chrome
Google released a big stable channel update for Chrome: Chrome 20 (20.0.1132.43). Along with it comes over 20 bug fixes and rewards.
Many of the bugs, Google says, were detected using AddressSanitizer.
Google lists them as follows:
-  Low CVE-2012-2815: Leak of iframe fragment id. Credit to Elie Bursztein of Google.
- [Windows only]   High CVE-2012-2816: Prevent sandboxed processes interfering with each other. Credit to Google Chrome Security Team (Justin Schuh).
- [$1000]  High CVE-2012-2817: Use-after-free in table section handling. Credit to miaubiz.
- [$1000]  High CVE-2012-2818: Use-after-free in counter layout. Credit to miaubiz.
-  High CVE-2012-2819: Crash in texture handling. Credit to Ken “gets” Russell of the Chromium development community.
-  Medium CVE-2012-2820: Out-of-bounds read in SVG filter handling. Credit to Atte Kettunen of OUSPG.
-  Medium CVE-2012-2821: Autofill display problem. Credit to “simonbrown60”.
- [various] Medium CVE-2012-2822: Misc. lower severity OOB read issues in PDF. Credit to awesome ASAN and various Googlers (Kostya Serebryany, Evgeniy Stepanov, Mateusz Jurczyk, Gynvael Coldwind).
- [$1000]  High CVE-2012-2823: Use-after-free in SVG resource handling. Credit to miaubiz.
- [$1000]  High CVE-2012-2824: Use-after-free in SVG painting. Credit to miaubiz.
-  Medium CVE-2012-2826: Out-of-bounds read in texture conversion. Credit to Google Chrome Security Team (Inferno).
- [Mac only]  Low CVE-2012-2827: Use-after-free in Mac UI. Credit to the Chromium development community (Dharani Govindan).
-  High CVE-2012-2828: Integer overflows in PDF. Credit to Mateusz Jurczyk of Google Security Team and Google Chrome Security Team (Chris Evans).
- [$1000]  High CVE-2012-2829: Use-after-free in first-letter handling. Credit to miaubiz.
- [$1000]  High CVE-2012-2830: Wild pointer in array value setting. Credit to miaubiz.
- [Windows only]  Low CVE-2012-2764: Unqualified load of metro DLL. Credit to Moshe Zioni of Comsec Consulting.
- [$1000]  High CVE-2012-2831: Use-after-free in SVG reference handling. Credit to miaubiz.
-  High CVE-2012-2832: Uninitialized pointer in PDF image codec. Credit to Mateusz Jurczyk of Google Security Team.
-  High CVE-2012-2833: Buffer overflow in PDF JS API. Credit to Mateusz Jurczyk of Google Security Team.
- [$1000]  High CVE-2012-2834: Integer overflow in Matroska container. Credit to Jüri Aedla.
- [$500]  Medium CVE-2012-2825: Wild read in XSL handling. Credit to Nicholas Gregoire.
- [64-bit Linux only] [$3000]  High CVE-2012-2807: Integer overflows in libxml. Credit to Jüri Aedla.
Google notes that details of some of the bugs may be kept secret until everyone has a chance to update to the latest version.
We’re sure to get plenty more Chrome news today at Google I/O, as yesterday was primarily about Android. Google did, however, announce that Chrome For Android is now out of beta, and if you have the right device, you can start using it.