Chrome 35 launches with more Developer Control
Google today released Chrome version 35 for Windows, Minux and Mac.
Chrome 35 addresses 23 security issues which Google chose to highlight. here is the following.
- [$3000] High CVE-2014-1743: Use-after-free in styles. Credit to
- [$3000] High CVE-2014-1744: Integer overflow in audio. Credit to
- [$1000] High CVE-2014-1745: Use-after-free in SVG. Credit to Atte Kettunen
- [$1000] Medium CVE-2014-1746: Out-of-bounds read in media filters.
Credit to Holger Fuhrmannek.
- [$1000] Medium CVE-2014-1747: UXSS with local MHTML file.
Credit to packagesu.
- [$500] Medium CVE-2014-1748: UI spoofing with scrollbar.
Credit to Jordan Milne.
-  CVE-2014-1749: Various fixes from internal audits, fuzzing and
-  CVE-2014-3152: Integer underflow in V8 fixed in
Google spent near $9,500 in bug bounties this release.