The stable channel of Google Chrome for Windows, Mac and Linux has been updated to 21.0.1180.89. Besides some important bug fixes, the update also comes with a number of eight security improvements.
The three high-severity vulnerabilities
addressed by this update have been identified by miaubiz
, Nicholas Gregoire, and Fermin Serna of the Google Security Team, miaubiz
and Gregoire each being rewarded with $1,000 (€800) for their findings.
These bugs include a bad cast with run-ins, a bad cast in XSL transforms, and a slate buffer issue in URL loading.
The medium-severity security holes include a cross-site scripting (XSS) issue in SSL interstitial – found by Emmanuel Bronshtein –, a race condition with workers and XHR, and an out of bounds read in line breaking, both identified by miaubiz.
Two low-severity problems have also been addressed. Users are advised to update Chrome to the latest version.
is available for download here