Google Chrome before 28.0.1500.71 does not properly determine the
circumstances in which a renderer process can be considered a trusted
process for sign-in and subsequent sync operations, which makes it easier
for remote attackers to conduct phishing attacks via a crafted web site.
Updated: 2016-03-23 03:40:30 UTC (commit 10817)