- new upstream release 15.0.874.102 (106587)
* [86758] High CVE-2011-2845: URL bar spoof in history handling.
* [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs.
* [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of
download filenames.
* [91218] Low CVE-2011-3877: XSS in appcache internals page.
* [94487] Medium CVE-2011-3878: Race condition in worker process
initialization.
* [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs.
* [95992] Low CVE-2011-3880: Don't permit as a HTTP header delimiter.
* [96047][96885][98053][99512][99750] High CVE-2011-3881: Cross-origin
policy violations.
* [96292] High CVE-2011-3882: Use-after-free in media buffer handling.
* [96902] High CVE-2011-3883: Use-after-free in counter handling.
* [97148] High CVE-2011-3884: Timing issues in DOM traversal.
* [97599][98064][98556][99294][99880][100059] High CVE-2011-3885: Stale
style bugs leading to use-after-free.
* [98773][99167] High CVE-2011-3886: Out of bounds writes in v8.
* [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs.
* [99138] High CVE-2011-3888: Use-after-free with plug-in and editing.
* [99211] High CVE-2011-3889: Heap overflow in Web Audio.
* [99553] High CVE-2011-3890: Use-after-free in video source handling.
* [100332] High CVE-2011-3891: Exposure of internal v8 functions.
|