=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2010/VULN320
_____________________________________________________________________

DATE                      : 16/08/2010

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Google Chrome versions prior to 5.0.375.127.

======================================================================
http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html
______________________________________________________________________

Stable Channel Update

Thursday, August 19, 2010 | 15:11

Labels: Stable updates

Google Chrome 5.0.375.127 has been released to the Stable Channel on
Windows, Mac, and Linux.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the
referenced bugs may be kept private until a majority of our users are
up to date with the fix.

Aside from the listed security bugs fixed in Chromium, we have also
deployed a workaround for a critical vulnerability where the root cause
lies in an external component. Credit and $1337 to Marc Schoenefeld for
enabling us to work around another Windows kernel bug [51070].

    * [$1337] [45400] Critical Memory corruption with file dialog. Credit to Sergey Glazunov.
    * [$500] [49596] High Memory corruption with SVGs. Credit to wushi of team509.
    * [$500] [49628] High Bad cast with text editing. Credit to wushi of team509.
    * [$1000] [49964] High Possible address bar spoofing with history bug. Credit to Mike Taylor.
    * [$2000] [50515] [51835] High Memory corruption in MIME type handling. Credit to Sergey Glazunov.
    * [$1337] [50553] Critical Crash on shutdown due to notifications bug. Credit to Sergey Glazunov.
    * [51146] Medium Stop omnibox autosuggest if the user might be about to type a password. Credit to Robert Hansen.
    * [$1000] [51654] High Memory corruption with Ruby support. Credit to kuzzcc.
    * [$1000] [51670] High Memory corruption with Geolocation support. Credit to kuzzcc.

If you find issues, please let us know:
http://code.google.com/p/chromium/issues/entry

Jason Kersey
Google Chrome



======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================