Apple (Yes, Apple) Helps Fix A Couple Chrome Security Bugs

Sure, Apple and Google are at war, but that doesn’t mean they can’t help one another out from time to time. Especially with regard to WebKit, the rendering engine that both use in their Safari and Chrome web browsers. That’s exactly what happened yesterday with the latest stable build of Chrome.

According to this post on the Google Chrome Releases blog, Apple gets credit for two of the eleven security issues that were fixed with the release of Chrome 5.0.375.70 on Windows, Mac, and Linux. Google does these posts with each new release to the various Chrome channels, and gives credit to the people who find bugs. They even reward money to those who find critical bugs — for example, one person got $2,000 this batch of fixes, and another got $500 (and some have humorously gotten $1,337 in the past).

Apple didn’t get paid for its two fixes, but both were labeled as “high” security issues. The two were:

[44740High Memory corruption in font handling. Credit: Apple.

[44955High Memory corruption in rendering of list markers. Credit: Apple.

It’s not clear if these two security bugs were specific to Chrome or if they were a part of WebKit itself — but it seems likely that it’s the latter. Last year, Google overtook Apple in WebKit commits, but Apple is still obviously heavily involved. Safari 5 was just released a couple days ago with a few new features.