(LiveHacking.Com) – Google has released Chrome 16.0.912.77 for Windows, Mac and Linux to fix a Critical use-after-free memory problem when using Safe Browsing navigation. The bug was found by Chamal de Silva who got over $3000 from Google for finding the problem.
The full list of security related bugs fixed is:
- [$1000]  High CVE-2011-3924: Use-after-free in DOM selections. Credit to Arthur Gerkis.
- [$3133.7]  Critical CVE-2011-3925: Use-after-free in Safe Browsing navigation. Credit to Chamal de Silva. *
-  High CVE-2011-3928: Use-after-free in DOM handling. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1415).
- [$1000]  High CVE-2011-3927: Uninitialized value in Skia. Credit to miaubiz.
- [$1000]  High CVE-2011-3926: Heap-buffer-overflow in tree builder. Credit to Arthur Gerkis.
Note that the critcial bug 107182 was fixed in 16.0.912.75 but accidentally excluded from the release notes! Also note that the referenced bugs may be kept private until a majority of Chrome users are up to date with the fix. Full details about what changes have been made in this release are available in the SVN revisions log.