Comment 0 for bug 1215361

Revision history for this message
ilf (ilf) wrote :

And again a new stable release with lots of security fixes:

Here are the CVEs:

CVE-2013-2887: Various fixes from internal audits, fuzzing and other initiatives (Chrome 29).
CVE-2013-2900: Incomplete path sanitization in file handling.
CVE-2013-2901: Integer overflow in ANGLE.
CVE-2013-2902: Use after free in XSLT.
CVE-2013-2903: Use after free in media element.
CVE-2013-2904: Use after free in document parsing.
CVE-2013-2905: Information leak via overly broad permissions on shared memory files.

(I should write a script for this.)