-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                              ASB-2011.0004.2
           Google have released an update for Chrome, correcting
                     several security vulnerabilities
                              17 January 2011

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Google Chrome prior to 8.0.552.237
Operating System:     Windows
                      Linux variants
                      Mac OS X
Impact/Access:        Execute Arbitrary Code/Commands -- Remote with User Interaction
                      Denial of Service               -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2011-0485 CVE-2011-0484 CVE-2011-0483
                      CVE-2011-0482 CVE-2011-0481 CVE-2011-0480
                      CVE-2011-0479 CVE-2011-0478 CVE-2011-0477
                      CVE-2011-0476 CVE-2011-0475 CVE-2011-0474
                      CVE-2011-0473 CVE-2011-0472 CVE-2011-0471
                      CVE-2011-0470  
Member content until: Sunday, February 13 2011

Revision History:     January 17 2011: Added CVE references
                      January 14 2011: Initial Release

OVERVIEW

        Google have released an update for Chrome, correcting several security 
        vulnerabilities.


IMPACT

        The vendor has provided the following information regarding these
        vulnerabilities:
        
        "* [58053] Medium Browser crash in extensions notification handling. 
           Credit to Eric Roman of the Chromium development community.
         * [$1337] [65764] High Bad pointer handling in node iteration. 
           Credit to Sergey Glazunov.
         * [66334] High Crashes when printing multi-page PDFs. Credit to 
           Google Chrome Security Team (Chris Evans).
         * [$1000] [66560] High Stale pointer with CSS + canvas. Credit to 
           Sergey Glazunov.
         * [$500] [66748] High Stale pointer with CSS + cursors. Credit to 
           Jan Toovsk.
         * [67100] High Use after free in PDF page handling. Credit to Google 
           Chrome Security Team (Chris Evans).
         * [$1000] [67208] High Stack corruption after PDF out-of-memory 
           condition. Credit to Jared Allar of CERT.
         * [$1000] [67303] High Bad memory access with mismatched video frame 
           sizes. Credit to Aki Helin of OUSPG; plus independent discovery by 
           Google Chrome Security Team (SkyLined) and David Warren of CERT.
         * [$500] [67363] High Stale pointer with SVG use element. Credited 
           anonymously; plus indepdent discovery by miaubiz.
         * [$1000] [67393] Medium Uninitialized pointer in the browser 
           triggered by rogue extension. Credit to kuzzcc.
         * [$1000] [68115] High Vorbis decoder buffer overflows. Credit to 
           David Warren of CERT.
         * [$1000] [68170] High Buffer overflow in PDF shading. Credit to 
           Aki Helin of OUSPG.
         * [$1000] [68178] High Bad cast in anchor handling. Credit to Sergey 
           Glazunov.
         * [$1000] [68181] High Bad cast in video handling. Credit to Sergey 
           Glazunov.
         * [$1000] [68439] High Stale rendering node after DOM node removal. 
           Credit to Martin Barbella; plus independent discovery by Google 
           Chrome Security Team (SkyLined).
         * [$3133.7] [68666] Critical Stale pointer in speech handling. Credit 
           to Sergey Glazunov." [1]


MITIGATION

        The latest version of Google Chrome (currently 8.0.552.237) can be
        downloaded from the vendor's website. [1]
                                                                                                        
        The update can also be applied from within Google Chrome using 
        the built in update feature.


REFERENCES

        [1] Chrome Stable Release
            http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iD8DBQFNM4d4/iFOrG6YcBERAvdmAKDIYCrvr7kgFwcetI85OfO6BdXuXACggfRh
G2qUdLEU5ggeC/iz3d3G/Uo=
=u/pQ
-----END PGP SIGNATURE-----