(LiveHacking.Com) – Google has released Chrome 15 for Windows, OS X and Linux with a redesigned New Tab page and over $26,000 of security fixes. The biggest bug bounty went to Sergey Glazunov for bugs related to cross-origin policy violations. Google paid him a little over $12,000 for his efforts.
None of the bugs fixed were rated “Critical”, however 11 of the 18 vulnerabilities were rated “high,” while 3 were ranked as “medium” and another four were tagged as “low.”
The full list of security related bugs fixed (along with any reward payment) is:
- [$500]  High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi Chancel.
-  Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to Jordi Chancel.
-  Low CVE-2011-3876: Avoid stripping whitespace at the end of download filenames. Credit to Marc Novak.
-  Low CVE-2011-3877: XSS in appcache internals page. Credit to Google Chrome Security Team (Tom Sepez) plus independent discovery by Juho Nurminen.
-  Medium CVE-2011-3878: Race condition in worker process initialization. Credit to miaubiz.
-  Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to Masato Kinugawa.
-  Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit to Vladimir Vorontsov, ONsec company.
- [$12174]      High CVE-2011-3881: Cross-origin policy violations. Credit to Sergey Glazunov.
-  High CVE-2011-3882: Use-after-free in media buffer handling. Credit to Google Chrome Security Team (Inferno).
- [$1000]  High CVE-2011-3883: Use-after-free in counter handling. Credit to miaubiz.
-  High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian Ryner of the Chromium development community.
- [$6337]       High CVE-2011-3885: Stale style bugs leading to use-after-free. Credit to miaubiz.
- [$2000]   High CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler.
- [$1000]  High CVE-2011-3888: Use-after-free with plug-in and editing. Credit to miaubiz.
- [$2000]  High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
-  High CVE-2011-3890: Use-after-free in video source handling. Credit to Ami Fischman of the Chromium development community.
-  High CVE-2011-3891: Exposure of internal v8 functions. Credit to Steven Keuchel of the Chromium development community plus independent discovery by Daniel Divricean.