$10,000 / €7,318 EUR spent on external contributions, 14 vulnerabilities fixed

Jan 28, 2014 08:52 GMT  ·  By
$10,000 / €7,318 EUR spent on external contributions, 14 vulnerabilities fixed
   $10,000 / €7,318 EUR spent on external contributions, 14 vulnerabilities fixed

Google rolled out a new stable build for the Chrome browser, bringing the revision number to 32.0.1700.102, which integrates security-related fixes shelling out a total of $10,000 / €7,311 in rewards to external contributors.

The current release of Google Chrome implements no less than 14 security patches, the most significant of the glitches addressed being two vulnerabilities identified as CVE-2013-6649 and CVE-2013-6650.

These are a use-after-free error occurring with SVG images and a memory corruption vulnerability that affected the V8 JavaScript engine of the web browser.

Revealing these issues earned Atte Kettunen of OUSPG $1,000 / €731.85, and Christian Holler received $3,000 / €2,195.

The rest of $6,000 (€4,384) was spent on contributors (cloudfuzzer and miaubiz) that worked with the Chrome team during the development cycle in order to keep other security glitches from reaching the stable build.

Google Chrome 32.0.1700.102 (currently available for all supported desktop platforms – WindowsMac, and Linux) includes other fixes for issues that affected its functionality, such as failure to scroll horizontally using the trackpad, problems with file drag and drop, disappearance of the mouse pointer upon exiting full-screen, or crashing of the QuickTime plugin.