The general idea behind rewarding security researchers for finding flaws is that they will actually find flaws. That's precisely what is happening at Google with the Chrome web browser. Google is now out with Chrome 15, fixing a large number of flaws found by third party researchers who are being paid bug bounties for their efforts.
Other high impact flaws fixed in Chrome 15 include:
- CVE-2011-2845: URL bar spoof in history handling
- CVE-2011-3882: Use-after-free in media buffer handling
- CVE-2011-3883: Use-after-free in counter handling.
- CVE-2011-3884: Timing issues in DOM traversal.
- CVE-2011-3885: Stale style bugs leading to use-after-free.
- CVE-2011-3886: Out of bounds writes in v8.
- CVE-2011-3888: Use-after-free with plug-in and editing.
- CVE-2011-3889: Heap overflow in Web Audio.
- CVE-2011-3890: Use-after-free in video source handling
- CVE-2011-3891: Exposure of internal v8 functions.
Ten flaws fixed in the Chrome 15 updates were discovered with an open source project called, AddressSanitizer. The AddressSanitizer is a memory error detector for C/C++ and is able to help identify out-of-bounds access issues as well as use-after-free memory conditions.
In addition to the identified flaws, Chrome 15 also provides new mitigation to help protect against the SSL BEAST attack. SSL BEAST takes advantage of known flaws in the TSL 1.0 implementation of SSL.
"Although Chrome is not directly affected by the attack, the NSS network library was updated to include a defense against so-called BEAST," Google Chrome developer, Karen Grunberg blogged.
Looking beyond security fixes, Google has also made some incremental feature improvements with Chrome 15. There is a new Tab page layout that shows a user's most visited sites. Additionally, Google has updated the look for the Chrome app store.
"Apps and extensions are now presented in a wall of images that’s updated every time you visit the store," Google Product Manager, Shannon Guymon blogged. "We hope this will help you quickly scan the store and find interesting things to try out. In addition, apps and extensions are easier to install—just hover over an image on the grid and click Add to Chrome."