Huntsville Macintosh Users Group
UNIX/Security News

Home | Archive | UNIX

Join the Group | About Us | Calendar | Contact Us | Site Index

Security Update: Chrome 37.0.2062.94

(2014-08-26)

Google has updated Chrome to version 37.0.2062.94. New this version:

• A number of new apps/extension APIs
• Lots of under the hood changes for stability and performance

This update includes 50 security fixes including:

• Critical CVE-2014-3176, CVE-2014-3177: A a combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox.
• High CVE-2014-3168: Use-after-free in SVG.
• High CVE-2014-3169: Use-after-free in DOM.
• High CVE-2014-3170: Extension permission dialog spoofing.
• High CVE-2014-3171: Use-after-free in bindings
• Medium CVE-2014-3172: Issue related to extension debugging.
• Medium CVE-2014-3173: Uninitialized memory read in WebGL.
• Medium CVE-2014-3174: Uninitialized memory read in Web Audio.
• CVE-2014-3175: Various fixes from internal audits, fuzzing and other initiatives.

© The Huntsville Macintosh Users Group 1995-2018
Apple, the Apple Logo, and Macintosh are registered trademarks of Apple, Inc.
Other names may be registered trademarks of their respective owners.