[$TBD][447906] High CVE-2015-1209: Use-after-free in DOM. Credit to Maksymillian Motyl.

CVE-2015-1209: Use-after-free in DOM. Credit to Maksymillian Motyl. [$TBD][453979] High CVE-2015-1210: Cross-origin-bypass in V8 bindings. Credit to anonymous.

CVE-2015-1210: Cross-origin-bypass in V8 bindings. Credit to anonymous. [$TBD][453982] High CVE-2015-1211: Privilege escalation using service workers. Credit to anonymous.

[455225] CVE-2015-1212: Various fixes from internal audits, fuzzing and other initiatives.

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed.This update includes 11 security fixes . Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.As usual, our ongoing internal security work was responsible for a wide range of fixes:Many of the above bugs were detected using AddressSanitizer or MemorySanitizer.A partial list of other changes in this build are available in the Git log . If you find a new issue, please let us know by filing a bug . More information about Chrome for Android is available on the Chrome site Jason KerseyGoogle Chrome