- new upstream release 14.0.835.163 (101024)
- security fixes:
* [49377] High CVE-2011-2835: Race condition in the certificate cache
* [57908] Low CVE-2011-2837: Use PIC / pie compiler flags
* [75070] Low CVE-2011-2838: Treat MIME type more authoritatively when
loading plug-ins
* [76771] High CVE-2011-2839: Crash in v8 script object wrappers
* [78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with unusual
user interaction
* [78639] High CVE-2011-2841: Garbage collection error in PDF
* [82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers
* [85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files
* [$1000] [89219] High CVE-2011-2846: Use-after-free in unload event handling
* [$1000] [89330] High CVE-2011-2847: Use-after-free in document loader
* [89564] Medium CVE-2011-2848: URL bar spoof with forward button
* [89795] Low CVE-2011-2849: Browser NULL pointer crash with WebSockets
* [89991] Medium CVE-2011-3234: Out-of-bounds read in box handling
* [90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer characters
* [90173] Medium CVE-2011-2851: Out-of-bounds read in video handling
* [91120] High CVE-2011-2852: Off-by-one in v8
* [91197] High CVE-2011-2853: Use-after-free in plug-in handling
* [92651] [94800] High CVE-2011-2854: Use-after-free in ruby / table style
handing
* [92959] High CVE-2011-2855: Stale node in stylesheet handling
* [93416] High CVE-2011-2856: Cross-origin bypass in v8
* [93420] High CVE-2011-2857: Use-after-free in focus controller
* [93472] High CVE-2011-2834: Double free in libxml XPath handling
* [93497] Medium CVE-2011-2859: Incorrect permissions assigned to
non-gallery pages
* [93587] High CVE-2011-2860: Use-after-free in table style handling
* [93596] Medium CVE-2011-2861: Bad string read in PDF
* [93906] High CVE-2011-2862: Unintended access to v8 built-in objects
* [95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan characters
* [95625] Medium CVE-2011-2858: Out-of-bounds read with triangle arrays
* [95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a session
* [95920] High CVE-2011-2875: Type confusion in v8 object sealing
- detailed changelog at http://goo.gl/6B1kT
|