===================================================================== CERT-Renater Note d'Information No. 2010/VULN231 _____________________________________________________________________ DATE : 25/06/2010 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running Google Chrome versions prior to 5.0.375.86. ====================================================================== http://googlechromereleases.blogspot.com/2010/06/stable-channel-update_24.html ______________________________________________________________________ Thursday, June 24, 2010 | 16:27 Labels: Stable updates Google Chrome 5.0.375.86 has been released to the Stable channel on Linux, Mac, and Windows. The integrated flash player has been enabled by default and the following security issues were resolved: * [38105] Medium XSS via application/json response (regression). Credit to Ben Davis for original discovery and Emanuele Gentili for regression discovery. * [43322] Medium Memory error in video handling. Credit to Mark Dowd under contract to Google Chrome Security Team. * [43967] High Subresource displayed in omnibox loading. Credit to Michal Zalewski of Google Security Team. * [45267] High Memory error in video handling. Credit to Google Chrome Security Team (Cris Neckar). * [$500] [46126] High Stale pointer in x509-user-cert response. Credit to Rodrigo Marcos of SECFORCE. If you find issues, please let us know: http://code.google.com/p/chromium/issues/entry Anthony Laforge, Google Chrome Team ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================