Batu69 Posted June 23, 2015 Share Posted June 23, 2015 Google has released an update to cure security flaws including cross-origin bypasses. Symantec Google has released a new update for the Chrome browser which cures a number of security problems including two cross-origins bypass flaws and a scheme validation error.The latest release of the Chrome browser, version 43.0.2357.130 for Windows, Mac, and Linux, includes release notes on four security problems contributed by four third-party researchers. One of the reported flaws, a scheme validation error reported by an anonymous researcher, earned them $5000 as a bug bounty. Other rewards are yet to be decided.The list of fixes is below:[464922] High CVE-2015-1266: Scheme validation error in WebUI. Credit to anonymous.[494640] High CVE-2015-1268: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.[497507] Medium CVE-2015-1267: Cross-origin bypass in Blink. Credit to anonymous.[461481] Medium CVE-2015-1269: Normalization error in HSTS/HPKP preload list. Credit to Mike Ruddy. In related news, earlier this month Google boosted bug discovery in Android with the launch of the new Android Security Rewards program. Valid bugs submitted through the program earn a minimum reward of $500, with rewards reaching up to $8,000 for particularly interesting or nasty security flaws.News source Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.