The Beta channel has been updated to 13.0.782.41 for Windows, Mac, Linux, and Chrome Frame.
The full list of changes is available in the SVN revision log. Interested in switching to the Beta channel? Find out how. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome
Wednesday, June 29, 2011
Tuesday, June 28, 2011
Stable Channel Update
The Chrome Stable channel has been updated to 12.0.742.112 for all platforms. This release contains an updated version of Adobe Flash, along with the security fixes noted below.
Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
Jason Kersey
Google Chrome
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
- [$1000] [77493] Medium CVE-2011-2345: Out-of-bounds read in NPAPI string handling. Credit to Philippe Arteau.
- [$1000] [84355] High CVE-2011-2346: Use-after-free in SVG font handling. Credit to miaubiz.
- [$1000] [85003] High CVE-2011-2347: Memory corruption in CSS parsing. Credit to miaubiz.
- [$500] [85102] High CVE-2011-2350: Lifetime and re-entrancy issues in the HTML parser. Credit to miaubiz.
- [$500] [85177] High CVE-2011-2348: Bad bounds check in v8. Credit to Aki Helin of OUSPG.
- [$1000] [85211] High CVE-2011-2351: Use-after-free with SVG use element. Credit to miaubiz.
- [$1000] [85418] High CVE-2011-2349: Use-after-free in text selection. Credit to miaubiz.
Jason Kersey
Google Chrome
Monday, June 27, 2011
Dev Channel Update
The Chrome Dev channel has been updated to 14.0.803.0 for all platforms. This release has the following changes and notes:
All
Jason Kersey
Google Chrome
All
- Updated V8 - 3.4.6.2
- [r90216] Change the meaning of third-party cookie blocking to allow whitelists (Issue 82039)
- Relaunches do not work in this release. You will need to manually relaunch Chrome following a forced update, an about:flags change, or any other action that attempts to relaunch the browser. (Issue 87646)
- [r90417] Remove the Global Bookmarks menu by default on Ubuntu Natty, in an attempt to fix minute long startup regression on desktop environments that use dbusmenu. (Issue 86715)
Jason Kersey
Google Chrome
Wednesday, June 22, 2011
Beta Channel Update
The Beta channel has been updated to 13.0.782.32 for Windows, Mac, Linux, and Chrome Frame.
The full list of changes is available in the SVN revision log. Interested in switching to the Beta channel? Find out how. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome
The full list of changes is available in the SVN revision log. Interested in switching to the Beta channel? Find out how. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome
Monday, June 20, 2011
Dev Channel Update
The Dev channel has been updated to 14.0.797.0 for Mac, Windows, Linux, and Chrome Frame platforms
All
Resolved Issues
More details about additional changes are available in the svn log of all revisions.
You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.
If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry
All
- Updated V8 - 3.4.4.0
- Improved support for the textarea element with screen readers.
- Improved support for the textarea element with VoiceOver.
Resolved Issues
- Print workflow: Chrome Frame displays both Print Dialog and Print Preview (Issue: 86226)
- Crash when canceling print (Issue: 86229)
- Mouse back and forward buttons stopped working (Issue: 84836)
More details about additional changes are available in the svn log of all revisions.
You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.
If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry
Karen Grunberg
Google Chrome
Google Chrome
Thursday, June 16, 2011
Dev Channel Update
The Dev channel has been updated to 14.0.794.0 for Windows, Mac, Linux and Chrome Frame platforms
All
Security
You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.
If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry
All
- Updated V8 - 3.4.3.0
- When installing items from the chrome webstore, we now always prompt with a native confirmation dialog.
- Fix for failing navigation with chrome://newtab showing.
- Fixed “invalid server certificate” errors for some secure websites whose CRLs or OCSP responses are signed by untrusted root CAs.
- Added a makeshift multiprofile button.
Security
- DNSSEC authenticated HTTPS supported.
- Intermittent connectivity issues with broken SSLv3 servers fixed.
- When reloading a page reached via a HTTP POST operation (such as the confirmation page following a form submit during an online transaction), the whole browser will crash (Issue: 86119)
- volume controls are not functioning on keyboard (issue: 84961)
You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.
If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry
Karen Grunberg
Google Chrome
Google Chrome
Beta Channel Update
The Beta channel has been updated to 13.0.782.24 for Windows, Mac, Linux, and Chrome Frame. For an overview of the features shipping in Chrome 13, check out the Google Chrome Blog.
The full list of changes (spanning 5000 revisions) is available in the SVN revision log. Interested in switching to the Beta channel? Find out how. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome
The full list of changes (spanning 5000 revisions) is available in the SVN revision log. Interested in switching to the Beta channel? Find out how. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome
Wednesday, June 15, 2011
Dev Channel Update
The Dev channel has been updated to 13.0.782.24 for Windows, Mac, Linux, and Chrome Frame. This release contains a number of stability fixes and the Flash update.
The full list of changes is available in the SVN revision log. Interested in switching to the Dev channel? Find out how. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome
The full list of changes is available in the SVN revision log. Interested in switching to the Dev channel? Find out how. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome
Tuesday, June 14, 2011
Chrome OS Beta Channel Update
The Chrome OS Beta channel has been updated to R12 release 0.12.433.114 including Chrome 12.0.742.105. The release includes below change:
- Update Flash plugin to 10.2.158.26
Josafat Garcia
Google Chrome
Stable, Beta Channel Updates
The Chrome Stable and Beta channels have been updated to 12.0.742.100 for all platforms. This release contains an updated version of Adobe Flash. Interested in switching to the Beta or Stable channels? Find out how. If you find a new issue, please let us know by filing a bug.
Jason Kersey
Google Chrome
Monday, June 13, 2011
Dev Channel Update
The Dev channel has been updated to 13.0.782.20 for Windows, Mac, Linux, and Chrome Frame. This release contains a number of stability fixes and we put hardware accelerated Canvas 2D back behind a flag.
The full list of changes is available in the SVN revision log. Interested in switching to the Dev channel? Find out how. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome
The full list of changes is available in the SVN revision log. Interested in switching to the Dev channel? Find out how. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome
Thursday, June 9, 2011
Dev Channel Update
The Dev channel has been updated to 13.0.782.14 for Windows and Chrome Frame, and 13.0.782.15 for Mac and Linux. This release contains a number of stability fixes. The full list of changes is available in the SVN revision log. Interested in switching to the Dev channel? Find out how. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome
Anthony Laforge
Google Chrome
Wednesday, June 8, 2011
Dev Channel Update
The Dev channel has been updated to 13.0.782.13 for Windows, Mac, Linux, and Chrome Frame. This release contains a number of UI tweaks and stabilities fixes. The full list of changes is available in the SVN revision log. Interested in switching to the Dev channel? Find out how. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome
Anthony Laforge
Google Chrome
Tuesday, June 7, 2011
Dev Channel Update
The Dev channel has been updated to 13.0.782.11 for Windows, Mac, and Chrome Frame. This release contains a number of UI tweaks and stabilities fixes. The full list of changes is available in the SVN revision log. Interested in switching to the Dev channel? Find out how. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome
Anthony Laforge
Google Chrome
Chrome Stable Release
The Google Chrome team is happy to announce the release of Chrome 12 to the Stable Channel for all platforms. Chrome 12.0.742.91 includes a number of new features and updates, including:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
We’d also like to call particular attention to Sergey Glazunov’s $3133.7 reward. Although the linked bug is not of critical severity, it was accompanied by a beautiful chain of lesser severity bugs which demonstrated critical impact. It deserves a more detailed write-up at a later date.
You can find out more about Chrome 12 at the official Chrome Blog. The full list of changes is available in the SVN revision logs (Trunk, Branch). Interested in switching to the Stable channel? Find out how. If you find a new issue, please let us know by filing a bug.
Jason Kersey
- Hardware accelerated 3D CSS
- New Safe Browsing protection against downloading malicious files
- Ability to delete Flash cookies from inside Chrome
- Launch Apps by name from the Omnibox
- Integrated Sync into new settings pages
- Improved screen reader support
- New warning when hitting Command-Q on Mac
- Removal of Google Gears
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
- [$2000] [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues in float handling. Credit to miaubiz.
- [75496] Medium CVE-2011-1809: Use-after-free in accessibility support. Credit to Google Chrome Security Team (SkyLined).
- [75643] Low CVE-2011-1810: Visit history information leak in CSS. Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability Research (MSVR).
- [76034] Low CVE-2011-1811: Browser crash with lots of form submissions. Credit to “DimitrisV22”.
- [$1337] [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to kuzzcc.
- [78516] High CVE-2011-1813: Stale pointer in extension framework. Credit to Google Chrome Security Team (Inferno).
- [79362] Medium CVE-2011-1814: Read from uninitialized pointer. Credit to Eric Roman of the Chromium development community.
- [79862] Low CVE-2011-1815: Extension script injection into new tab page. Credit to kuzzcc.
- [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit to kuzzcc.
- [$500] [81916] Medium CVE-2011-1817: Browser memory corruption in history deletion. Credit to Collin Payne.
- [$1000] [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to miaubiz.
- [$1000] [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages. Credit to Vladislavas Jarmalis, plus subsequent independent discovery by Sergey Glazunov.
- [$3133.7] [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey Glazunov.
- [$1000] [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey Glazunov.
We’d also like to call particular attention to Sergey Glazunov’s $3133.7 reward. Although the linked bug is not of critical severity, it was accompanied by a beautiful chain of lesser severity bugs which demonstrated critical impact. It deserves a more detailed write-up at a later date.
You can find out more about Chrome 12 at the official Chrome Blog. The full list of changes is available in the SVN revision logs (Trunk, Branch). Interested in switching to the Stable channel? Find out how. If you find a new issue, please let us know by filing a bug.
Jason Kersey
Google Chrome
Subscribe to:
Posts (Atom)
