The new Google Chrome 11.0.696.7 contains fixes for a total of four security flaws, one rated as low, one high and two as critical.
The low severity vulnerability (CVE-2011-1801) was discovered by security researcher Chamal De Silva and consists of a bypass of the pop-up blocker.
The high impact one is identified as CVE-2011-1804 and is caused by a stale pointer in floats rendering. It is credited to Martin Barbella who earned $1,000 for the discovery.
It was the only vulnerability in this release rewarded through the Chromium vulnerability reward program, as both critical ones were discovered by members of the Chrome Security Team.
One of the critical flaws (CVE-2011-1806) consists of a memory corruption issue in the GPU command buffer and was identified by Chrome security engineer Cris Neckar.
The second one (CVE-2011-1807) is caused by an out-of-bounds write in blob handling and is credited to Inferno of the Chrome Security Team and Kostya Serebryany of the Chromium development community.
In addition to vulnerability patches, this update also includes fixes for non-security-related bugs. One of them concerns a text selection issue on LinkedIn that was fixed in the past, but regressed in a recent release.
A change was also made to the ConnectBackupJob procedure to try IPv4 addresses first in preparation for IPv6 Day when some networks might take a very long time to respond to IPv6 requests.
Other fixes address incorrect reporting of Mac plugin crashes and incorrect ACLs in the archived copy of setup.exe.