The first issue was in the V8 JavaScript engine, which could “allow specially-crafted Javascript on a web page to read unauthorized memory, bypassing security checks.”

The second issue allows poorly formed XML to crash the browser tab. “A malicious XML payload may be able to trigger a use-after-free condition. Other tabs are unaffected.”

The final bug could allow “sites whose certificates are signed using MD2 or MD4 hashing algorithms … to spoof an invalid site as a valid HTTPS site.”

Thankfully, none of these risks were rated as critical thanks to Google Chrome’s sandbox environment. The update will be pushed out to all current Chrome users.

The security holes would allow an attacker to run arbitrary code in the Google Chrome sandbox and even with the privileges of the logged on user.

Other changes include:

• Fix: Solving captcha images broken at orkut.com. (Issue15569)
• Make forward/backward navigation work even when redirection is involved. (Issue 9663, issue 10531)
• Fix: Daylight savings time not recognized for some CET locales. (Issue 12579)
• Fix a browser crash on closing a URL request. (Issue 8942)
• Update the V8 Javascript engine to version 1.1.10.14 to fix issues with regular expressions.
• Update Gears to the latest release, 0.5.25.0.

The update will be pushed out automatically to Chrome users.