Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 1 security fix contributed by external researchers. Please see the Chrome Security Page for more information.
[$TBD] High CVE-2018-6148: Incorrect handling of CSP header. Reported by Michał Bentkowski on 2018-05-23
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.