Google Chrome Releases reports:
24 security fixes in this release, including:
- [519558] High CVE-2015-6755: Cross-origin bypass in Blink.
Credit to Mariusz Mlynski.
- [507316] High CVE-2015-6756: Use-after-free in PDFium. Credit
to anonymous.
- [529520] High CVE-2015-6757: Use-after-free in ServiceWorker.
Credit to Collin Payne.
- [522131] High CVE-2015-6758: Bad-cast in PDFium. Credit to Atte
Kettunen of OUSPG.
- [514076] Medium CVE-2015-6759: Information leakage in
LocalStorage. Credit to Muneaki Nishimura (nishimunea).
- [519642] Medium CVE-2015-6760: Improper error handling in
libANGLE. Credit to lastland.net.
- [447860,532967] Medium CVE-2015-6761: Memory corruption in
FFMpeg. Credit to Aki Helin of OUSPG and anonymous.
- [512678] Low CVE-2015-6762: CORS bypass via CSS fonts. Credit
to Muneaki Nishimura (nishimunea).
- [542517] CVE-2015-6763: Various fixes from internal audits,
fuzzing and other initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 4.6
branch (currently 4.6.85.23).