=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2011/VULN341
_____________________________________________________________________

DATE                      : 18/04/2011

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Google Chrome Stable channel versions prior to 10.0.648.205,
                              Google Chrome Beta Channel version prior to 11.0.696.48.

======================================================================
http://googlechromereleases.blogspot.com/2011/04/beta-channel-update_14.html
http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html
______________________________________________________________________

Beta Channel Update

Thursday, April 14, 2011 | 14:04

Note: Chrome Beta Channel has been updated to 11.0.696.48 for Linux with
the same changes as below.

The Chrome Beta channel has been updated to 11.0.696.44 for Windows,
Mac and Chrome Frame.

This release contains a new version of Adobe Flash which includes a fix
for security vulnerability.

If you find new issues, please let us know by filing a bug.

Want to change to another Chrome release channel? Find out how.

Karen Grunberg
Google Chrome

______________________________________________________________________

Stable Channel Update

| 12:29

Labels: Stable updates



The Chrome Stable channel has been updated to 10.0.648.205 for Windows, Mac,
Linux and Chrome Frame.  This release contains a new version of Adobe Flash
which includes a fix for a security vulnerability, as well as the security
fixes listed below.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced
bugs may be kept private until a majority of our users are up to date with the fix.

     * [$500] [Windows only] [70070] Critical CVE-2011-1300: Off-by-three in GPU
  process. Credit to yuri.ko616.
     * [75629] Critical CVE-2011-1301: Use-after-free in the GPU process. Credit
to Google Chrome Security Team (Inferno).
     * [$1000] [78524] Critical CVE-2011-1302: Heap overflow in the GPU process.
Credit to Christoph Diehl.


The full list of changes is available from the SVN revision log.  If you find
new issues, please let us know by filing a bug. Want to change to another Chrome
release channel? Find out how.


Jason Kersey
Google Chrome


======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 23 - 25 Rue Daviel    | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================