Google added a new version of Chrome to the stable channel with 76.0.3809.100 for Windows, Mac, and Linux, which will roll out shortly the coming days/weeks.
The update includes four security fixes, two of which ended up contributed by external researchers.
One vulnerability that rated high was CVE-2019-5868, a use-after-free in PDFium ExecuteFieldAction. Another issue that was rated medium was CVE-2019-5867, which was an out-of-bounds read in V8. That issue ended up reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research.
From an internal perspective, Google made fixes from internal audits, fuzzing and other initiatives. The bugs ended up detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.
A list of all changes is available in the log.
Click here for additional information.