Original URL: http://www.theregister.co.uk/2010/08/23/google_chrome_5_patches/

Google knits 11 patches into Chrome browser

Stable version gets Boba Fett treatment

By Kelly Fiveash

Posted in Applications, 23rd August 2010 11:55 GMT

Google applied patches to three critical and eight high risk vulns in a new iteration of its Chrome browser released late last week.

As is standard practice at Mountain View, the company kept its reference bugs private while its users update Chrome with the fixes.

"Aside from the listed security bugs fixed in Chromium, we have also deployed a workaround for a critical vulnerability where the root cause lies in an external component," noted Google in a blog post.

It ponied up $1,337 to Marc Schoenefeld for coming up with a workaround to a Windows kernel bug.

Two other nasty vulns that were patched in the 5.0.375.127 stable channel release were also merited to Chrome bug bounty hunters, each of whom received payouts from Google for their efforts.

Sergey Glazunov is currently the Boba Fett of the Chrome security world. He has so far amassed $8,011 in Google's so-called "e-leet" scheme, according to CNet.

The company is yet to reward any individual with its biggest single payment of $3,133.70 for a severe Chrome vuln. ®