October 1, 2016

Google Releases Chrome 11.0.696.71

Google has updated Chrome for Windows, Mac and Linux to version 11.0.696.71 to fix a variety of vulnerabilities which, if exploited, could allow an attacker to execute arbitrary code.

Google only paid out $1000 this time around under its rewards scheme. The recipient was Martin Barbella for discovering a stale pointer in the floats rendering. The full list of security fixes and bug fixes is as follows:

  • [72189] Low CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De Silva.
  • [82546] High CVE-2011-1804: Stale pointer in floats rendering. Credit to Martin Barbella.
  • [82873] Critical CVE-2011-1806: Memory corruption in GPU command buffer. Credit to Google Chrome Security Team (Cris Neckar).
  • [82903] Critical CVE-2011-1807: Out-of-bounds write in blob handling. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community.
  • REGRESSION: selection extended by arrow keys flickers on LinkedIn.com. (Issue 83197).
  • Have ConnectBackupJob try IPv4 first to hide potential long IPv6 connect timeout (Issue 81686).
  • Mac plugin crashes are too low in stats (Issue 82172).
  • Incorrect ACLs on the archived copy of setup.exe  (Issue 82424)

Note that some of the referenced bugs are kept private until a majority of Chrome users have updated.

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks