Google Chrome releases reports:
22 security fixes in this release, including:
- [737023] High CVE-2017-5111: Use after free in PDFium. Reported by
Luat Nguyen on KeenLab, Tencent on 2017-06-27
- [740603] High CVE-2017-5112: Heap buffer overflow in WebGL. Reported by
Tobias Klein on 2017-07-10
- [747043] High CVE-2017-5113: Heap buffer overflow in Skia. Reported by
Anonymous on 2017-07-20
- [752829] High CVE-2017-5114: Memory lifecycle issue in PDFium. Reported by
Ke Liu of Tencent's Xuanwu LAB on 2017-08-07
- [744584] High CVE-2017-5115: Type confusion in V8. Reported by
Marco Giovannini on 2017-07-17
- [759624] High CVE-2017-5116: Type confusion in V8. Reported by
Anonymous on 2017-08-28
- [739190] Medium CVE-2017-5117: Use of uninitialized value in Skia. Reported by
Tobias Klein on 2017-07-04
- [747847] Medium CVE-2017-5118: Bypass of Content Security Policy in Blink. Reported by
WenXu Wu of Tencent's Xuanwu Lab on 2017-07-24
- [725127] Medium CVE-2017-5119: Use of uninitialized value in Skia. Reported by
Anonymous on 2017-05-22
- [718676] Low CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. Reported by
Xiaoyin Liu on 2017-05-05
- [762099] Various fixes from internal audits, fuzzing and other initiatives