[$1000] High CVE-2014-3154: Use-after-free in filesystem api. Credit to Collin Payne.
[$1000] High CVE-2014-3155: Out-of-bounds read in SPDY. Credit to James March, Daniel Sommermann and Alan Frindell of Facebook.
[$500] Medium CVE-2014-3156: Buffer overflow in clipboard. Credit to Atte Kettunen of OUSPG.
As usual, our ongoing internal security work was responsible for the following fix: