Google Chrome 6.0.472.59 has been released to the Stable and Beta channels for Windows, Mac, and Linux.  In addition, it has been released to the beta channel for Chrome Frame.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
  • [$500] [50250] High Use-after-free when using document APIs during parse. Credit to David Weston of Microsoft + Microsoft Vulnerability Research (MSVR) and wushi of team 509 (independent discoveries).
  • [$1000] [50712] High Use-after-free in SVG styles. Credit to kuzzcc.
  • [$500] [51252] High Use-after-free with nested SVG elements. Credit to kuzzcc.
  • [Linux only] [51709] Low Possible browser assert in cursor handling. Credit to “magnusmorton”.
  • [$500] [51919] High Race condition in console handling. Credit to kuzzcc.
  • [53176] Low Unlikely browser crash in pop-up blocking. Credit to kuzzcc.
  • [$500 x 2] [Mac only] [53361] Critical Fix bug 45400 properly on the Mac. Credit to Sergey Glazunov and “remy.saissy”.
  • [$500] [53394] High Memory corruption in Geolocation. Credit to kuzzcc.
  • [Linux only] [53930] High Memory corruption in Khmer handling. Credit to Google Chrome Security Team (Chris Evans).
  • [54006] Low Failure to prompt for extension history access. Credit to “adriennefelt”.

More details about additional changes are available in the svn revision log.  If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel - find out how.

Jason Kersey
Google Chrome