This release also contains a Flash Player update, to version 220.127.116.11.
Security Fixes and Rewards
This update includes 9 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.
[$5000] High CVE-2014-1730: Type confusion in V8. Credit to Anonymous.
[$1500] High CVE-2014-1731: Type confusion in DOM. Credit to John Butler.
 High CVE-2014-1736: Integer overflow in V8. Credit to SkyLined working with HP's Zero Day Initiative
[$1000] Medium CVE-2014-1732: Use-after-free in Speech Recognition. Credit to Khalil Zhani[$500] Medium CVE-2014-1733: Compiler bug in Seccomp-BPF. Credit to Jed Davis
As usual, our ongoing internal security work responsible for a wide range of fixes:
-  CVE-2014-1734: Various fixes from internal audits, fuzzing and other initiatives.
- [359130, 359525, 360429] CVE-2014-1735: Multiple vulnerabilities in V8 fixed in version 18.104.22.168.
Many of the above bugs were detected using AddressSanitizer.
This release fixes a number of crashes and other bugs. A full list of changes is available in the SVN log. If you find a new issue, please let us know by filing a bug.