Google has released new security fixes for its Google chrome 2.0.172.43 and has released the same to Stable channel. Below are the fixes :

1) CVE-2009-2935 Unauthorized memory read from Javascript

A flaw in the V8 Javascript engine might allow specially-crafted Javascript on a web page to read unauthorized memory, bypassing security checks. It is possible that this could lead to disclosing unauthorized data to an attacker or allow an attacker to run arbitrary code.

2) Security Fix: Treat weak signatures as invalid

Google Chrome no longer connects to HTTPS (SSL) sites whose certificates are signed using MD2 or MD4 hashing algorithms. These algorithms are considered weak and might allow an attacker to spoof an invalid site as a valid HTTPS site.

3) CVE-2009-2414  Stack consumption vulnerability in libxml2

Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework.

4) CVE-2009-2416  Multiple use-after-free vulnerabilities in libxml2

Pages using XML can cause a Google Chrome tab process to crash. A malicious XML payload may be able to trigger a use-after-free condition. Other tabs are unaffected.

Click here for detailed information.

Stay tuned for more.

Advertisements

Mozilla released a security and stability update for Firefox 3.5.x and 3.0.x users on Monday, August 3rd.

It is strongly recommend that all Firefox users upgrade to this latest release. If you already have Firefox 3.5 or Firefox 3, you will receive an automated update notification within 24 to 48 hours. This update can also be applied manually by selecting “Check for Updates…” from the Help menu.

Firefox 3.5.2 and Firefox 3.0.13 are now available for Windows, Mac, and Linux as free downloads:

1) Firefox 3.5.2 is available at http://firefox.com/

2) Firefox 3.0.13 is available at http://www.mozilla.com/firefox/all-older.html

For a list of changes and more information, please review the Firefox 3.5.2 Release Notes and the Firefox 3.0.13 Release Notes.

Source

Stay tuned for more.