The Google Chrome development team has now released a new version of the stable channel, Chrome v77.0.3865.120 which is mainly a security improvement that has fixed multiple high-risk security vulnerabilities. According to the Google Chrome blog, the vulnerabilities addressed in this release include a severity vulnerability and three high-risk vulnerabilities, so users should upgrade as soon as possible.
This update includes 8 security fixes. Below, we highlight fixes that were contributed by external researchers.
[$20500] High CVE-2019-13693: Use-after-free in IndexedDB.
Reported by Guang Gong of Alpha Team, Qihoo 360 on 2019-09-19
[$TBD] High CVE-2019-13694: Use-after-free in WebRTC.
Reported by banananapenguin on 2019-09-18
[$15000] High CVE-2019-13695: Use-after-free in audio.
Reported by Man Yue Mo of Semmle Security Research Team on 2019-09-17
[$7500] High CVE-2019-13696: Use-after-free in V8.
Reported by Guang Gong of Alpha Team, Qihoo 360 on 2019-09-04
[$2000] High CVE-2019-13697: Cross-origin size leak.
Reported by Luan Herrera @lbherrera_ on 2019-08-05