Jun 23, 2009

Google Chrome 2.0.172.33 Released

Google Chrome 2.0.172.33 has been released to the Stable and Beta channels. This release fixes a critical security issue and two other networking bugs.

CVE-2009-2121: Buffer overflow processing HTTP responses
Google Chrome is vulnerable to a buffer overflow in handling certain responses from HTTP servers. A specially crafted response from a server could crash the browser and possibly allow an attacker to run arbitrary code.

More info: http://code.google.com/p/chromium/is...etail?id=14508 (This issue will be made public once a majority of users are up to date with the fix.)

Severity: Critical. An attacker might be able to run code with the privileges of the logged on user.

Credit: This issue was found by the Google Chrome security team.

Other issues
This release also fixes two other network issues:
  • NTLM authentication to Squid proxies fails when trying to connect to HTTPS sites (Issue 8771)
  • Browser crash when loading some HTTPS sites (Issue 13226)
Mark Larson
Google Chrome Program Manager

Download: Google Chrome 2.0.172.33


No comments:

Boorkmark & Share

Bookmark Options