One of the vulnerabilities is classified as “critical” by Google. It involves a use-after-free flaw in Safe Browsing navigation. Chamal de Dilva was paid a hefty $3,133.70 for finding that bug (not sure what the 70 cents were for). That flaw was actually fixed in the previous update but was not included in the release notes.
The remaining fixed flaws, classified as “high” on Google’s severity scale, are use-after-free in DOM selections and handling (two flaws), uninitialized value in Skia, and heap-buffer-overflow in tree builder.
Arthur Gerkis was awarded $2,000 for finding two of the bugs, and miaubiz was awarded $1,000 for finding one bug. Wushi of team509 got credit for reporting a bug through TippingPoint’s Zero Day Initiative but no money. All of the bugs, except the uninitialized value in Skia, were detected using AddressSanitizer.
In addition, Google released a number of performance, stability, and security improvements to its Chromebooks laptop operating system. The update fixed a problem with the device not scanning for networks and no UI notification on connection timeout.