Google Chrome 19 is out

Google today released Chrome version 19. On the security side, the new version fixes 20 vulnerabilities: eight high-severity flaws, seven medium-severity flaws, and five low-severity flaws. You can update to the latest version using the software's built-in silent updater, or you can download the latest version of Chrome directly from google.com/chrome.

Here are the 20 security vulnerabilities fixed in Google Chrome 19.0.1084.46 (for full details, check out the SVN log):

• [112983] Low CVE-2011-3083: Browser crash with video + FTP. Credit to Aki Helin of OUSPG.
• [113496] Low CVE-2011-3084: Load links from internal pages in their own process. Credit to Brett Wilson of the Chromium development community.
• [118374] Medium CVE-2011-3085: UI corruption with long autofilled values. Credit to “psaldorn”.
• [$1000] [118642] High CVE-2011-3086: Use-after-free with style element. Credit to Arthur Gerkis.
• [118664] Low CVE-2011-3087: Incorrect window navigation. Credit to Charlie Reis of the Chromium development community.
• [$500] [120648] Medium CVE-2011-3088: Out-of-bounds read in hairline drawing. Credit to Aki Helin of OUSPG.
• [$1000] [120711] High CVE-2011-3089: Use-after-free in table handling. Credit to miaubiz.
• [$500] [121223] Medium CVE-2011-3090: Race condition with workers. Credit to Arthur Gerkis.
• [121734] High CVE-2011-3091: Use-after-free with indexed DB. Credit to Google Chrome Security Team (Inferno).
• [$1000] [122337] High CVE-2011-3092: Invalid write in v8 regex. Credit to Christian Holler.
• [$500] [122585] Medium CVE-2011-3093: Out-of-bounds read in glyph handling. Credit to miaubiz.
• [122586] Medium CVE-2011-3094: Out-of-bounds read in Tibetan handling. Credit to miaubiz.
• [$1000] [123481] High CVE-2011-3095: Out-of-bounds write in OGG container. Credit to Hannu Heikkinen.
• [Linux only] [123530] Low CVE-2011-3096: Use-after-free in GTK omnibox handling. Credit to Arthur Gerkis.
• [123733] [124182] High CVE-2011-3097: Out-of-bounds write in sampled functions with PDF. Credit to Kostya Serebryany of Google and Evgeniy Stepanov of Google.
• [Windows only] [124216] Low CVE-2011-3098: Bad search path for Windows Media Player plug-in. Credit to Haifei Li of Microsoft and MSVR (MSVR:159).
• [124479] High CVE-2011-3099: Use-after-free in PDF with corrupt font encoding name. Credit to Mateusz Jurczyk of Google Security Team and Gynvael Coldwind of Google Security Team.
• [124652] Medium CVE-2011-3100: Out-of-bounds read drawing dash paths. Credit to Google Chrome Security Team (Inferno).
• [Linux only] [$500] [118970] Medium CVE-2011-3101: Work around Linux Nvidia driver bug. Credit to Aki Helin of OUSPG.
• [$1500] [125462] High CVE-2011-3102: Off-by-one out-of-bounds write in libxml. Credit to Jüri Aedla.

For Chrome 19, Google paid security researchers a grand total $7,500 in rewards as part of its bug bounty program. The last $2,000 went to two rewards for vulnerabilities that applied to Chrome as well as other applications. An additional $9,000 went to Aki Helin of OUSPG, S?awomir B?a?ek, Chamal de Silva, miaubiz, Arthur Gerkis, and Christian Holler for helping Google during its development cycle and preventing security regressions from reaching the Chrome stable build.

The total $14,500 payout is really just a drop in the bucket for Google given that the search giant recently quintupled its maximum bug bounty to $20,000. The company has so far received over 780 qualifying vulnerability reports that span across the hundreds of Google-developed services, as well as the software written by 50 or so firms it has acquired. In just over a year, the program has paid out around $460,000 to roughly 200 individuals.

Update on May 16 - Chrome 19: The Best Web browser just keeps getting better

See also:

• Google Chrome warns of malware on PhysOrg
• Google kills Iranian blog with 3 million hacked bank accounts
• Syria pushing malware via Skype to spy on activists
• Malicious Chrome extensions hijack Facebook accounts
• Malware tricks Facebook users into exposing credit cards
• Up to 1.5 million Visa, MasterCard credit card numbers stolen