Stable update: 2 WebKit security fixes
Tuesday, June 9, 2009 | 12:47
Labels: Stable updates
Google Chrome's Stable channel has been updated to version 2.0.172.31 to fix two security issues in WebKit.
CVE-2009-1690 Memory corruption
A memory corruption issue exists in WebKit's handling of recursion in certain DOM event handlers. Visiting a maliciously crafted website may lead to a tab crash or arbitrary code execution in the Google Chrome sandbox. This update addresses the issue through improved memory management.
Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.
Mitigations:
- A victim would need to visit a page under an attacker's control.
- Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.
CVE-2009-1718 Drag and drop information leak
An issue exists in WebKit's handling of drag events. This may lead to the disclosure of sensitive information when content is dragged over a maliciously crafted web page. This update addresses the issue through improved handling of drag events.
Severity: Medium. An attacker might be able to read data belonging to another web site, if a user can be convinced to select and drag data on an attacker-controlled site.
Mark Larson
Google Chrome Program Manager
12 comments:
Diego said...
These security inssues are in the beta and dev channel? (In beta we have 2.0.172.30)
12:58 PM, June 09, 2009
Andy said...
I second Diego's question. I'm trying to update my Chrome Beta, but it says its updated, which, if I'm going by the numbers, is wrong.
1:05 PM, June 09, 2009
Diego said...
Ok, i get updated now. Thxs.
3:59 PM, June 09, 2009
Elias Heymann said...
5:37 PM, June 09, 2009
Elias said...
where to download the associated snapshot?
5:40 PM, June 09, 2009
Ariel Méndez said...
in the dev channel... the download speed don´t appear! please fix it! thanks!!
5:51 PM, June 09, 2009
wiert said...
This update post should at least be labled "Stable updates", as currently it is not found in this list:
http://googlechromereleases.blogspot.com/search/label/Stable%20updates
3:24 AM, June 10, 2009
motobass said...
Oh sure, blame WebKit. :)
6:56 AM, June 10, 2009
joegrind said...
I've been having annoying page hang-ups, freezes etc ever since stable hit 2.0...I haven't seen any other complaints regarding this....I've been reporting these issues via Chrome. I've done the install/ reinstall SEVERAL times. I figure something is unique to my system....how can I proceed?
7:05 AM, June 10, 2009
Tim Wood said...
When will this update make it into alternate download (aka standalone/offline) installer? My office's web filtering SUCKS and has blocked dl.google.com for reason "Questionable Browsing". F-ing BS.
URL I usually get the standalone installer from is: http://www.google.com/chrome/eula.html?standalone=1
Thanks!
10:38 AM, June 10, 2009
yonie said...
Am I the only one having problems with this latest release? This version has me crashing on certain AJAX heavy sites like Facebook
7:54 PM, June 10, 2009
seiichiro said...
I finished upgrade, but couldn't open option dialog and about menu. So, I couldn't get my chrome version.
1:47 AM, June 11, 2009
Post a Comment