The Chrome team recently announced the promotion of Google Chrome 46 to the stable channel for Windows, Mac and Linux. This latest release Google Chrome 46.0.2490.71 comes with a number of bug fixes and improvements, including a number of security fixes highlighted below.
- Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
- Use-after-free in PDFium. Credit to anonymous.
- Use-after-free in ServiceWorker. Credit to Collin Payne.
- Bad-cast in PDFium. Credit to Atte Kettunen of OUSPG.
- Information leakage in LocalStorage. Credit to Muneaki Nishimura (nishimunea).
- Improper error handling in libANGLE. Credit to Ronald Crane, an independent security researcher.
- Memory corruption in FFMpeg. Credit to Aki Helin of OUSPG and Khalil Zhani.
- CORS bypass via CSS fonts. Credit to Muneaki Nishimura (nishimunea)
- Various fixes from internal audits, fuzzing and other initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 4.6 branch (currently 184.108.40.206).
- Many of the above bugs were detected using AddressSanitizer or MemorySanitizer.
Install/Update Google Chrome 46 on Ubuntu Vivid Vervet, Ubuntu 14.10 Utopic Unicorn, Ubuntu 14.04 Trusty Tahr (LTS), Pinguy OS 14.04, Elementary OS 0.3 Freya and Linux Mint 17.2 Rafaela, Linux Mint 17.1Rebecca, Linux Mint 17 Qiana
32 bit OS
wget https://dl.google.com/linux/direct/google-chrome-stable_current_i386.deb sudo dpkg -i google-chrome-stable_current_i386.deb sudo rm -rf google-chrome-stable_current_i386.deb
64 bit OS
wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb sudo dpkg -i google-chrome-stable_current_amd64.deb sudo rm -rf google-chrome-stable_current_amd64.deb
If you run into missing dependencies, then run the following command to install all dependencies:
sudo apt-get install -f