Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 3 security fixes that were contributed by external researchers. Please see the Chromium security page for more information.
[$5000] High CVE-2016-1643: Type confusion in Blink. Credit to cloudfuzzer.
[$3500] High CVE-2016-1644: Use-after-free in Blink. Credit to Atte Kettunen of OUSPG.
 High CVE-2016-1645: Out-of-bounds write in PDFium. Credit to anonymous working with HP's Zero Day Initiative.
Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity or LibFuzzer.
A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
Krishna GovindGoogle Chrome