Google Chrome updated to 23.0.1271.64

Posted by:
Date: Wednesday, November 7th, 2012, 08:53
Category: News, security, Software

google-chrome-logo

It’s the bug fixes that make a difference.

Late Tuesday, Google released a beta of version 23.0.1271.64 of its Chrome web browser. The update, a 56.5 megabyte download, adds the following fixes and changes:

– Medium CVE-2012-5127: Integer overflow leading to out-of-bounds read in WebP handling. Credit to Phil Turnbull.

– High CVE-2012-5116: Use-after-free in SVG filter handling. Credit to miaubiz.

– [Mac OS only] [149717] High CVE-2012-5118: Integer bounds check issue in GPU command buffers. Credit to miaubiz.

– High CVE-2012-5121: Use-after-free in video layout. Credit to Atte Kettunen of OUSPG.

– Low CVE-2012-5117: Inappropriate load of SVG subresource in img context. Credit to Felix Groebert of the Google Security Team.

– Medium CVE-2012-5119: Race condition in Pepper buffer handling. Credit to Fermin Serna of the Google Security Team.

– Medium CVE-2012-5122: Bad cast in input handling. Credit to Google Chrome Security Team (Inferno).

– Medium CVE-2012-5123: Out-of-bounds reads in Skia. Credit to Google Chrome Security Team (Inferno).

– High CVE-2012-5124: Memory corruption in texture handling. Credit to Al Patrick of the Chromium development community.

– Medium CVE-2012-5125: Use-after-free in extension tab handling. Credit to Alexander Potapenko of the Chromium development community.

– Medium CVE-2012-5126: Use-after-free in plug-in placeholder handling. Credit to Google Chrome Security Team (Inferno).

– High CVE-2012-5128: Bad write in v8. Credit to Google Chrome Security Team (Cris Neckar).

Google Chrome 23.0.1271.64 requires an Intel-based Mac with Mac OS X 10.5 or later to install and run. If you’ve tried the new version and have any feedback to offer, please let us know in the comments.

Recent Posts

One Response to “Google Chrome updated to 23.0.1271.64”

  1. They fixed a scrolling bug too! I turned off the elastic scrolling on my OS X Mountain Lion via the terminal, and Chrome didn’t register the change until today.