Stable Channel Update
Thursday, February 5, 2015
The stable channel has been updated to 40.0.2214.111 for Windows, Mac and Linux. A full list of changes is available in the log.
Security Fixes and Rewards
Daniel Xie
Google Chrome
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed.
This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.
Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.
This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.
- [$25633.7][453979] High CVE-2015-1210, CVE-2015-1211: A special reward to anonymous for cross-origin-bypass in V8 bindings and privilege escalation using service workers.
- [$5000][447906] High CVE-2015-1209: Use-after-free in DOM. Credit to Maksymillian Motyl.
- [455225] CVE-2015-1212: Various fixes from internal audits, fuzzing and other initiatives.
Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.
Google Chrome