Chrome Stable Release
Wednesday, January 12, 2011 | 15:15
Labels: Stable updates
Chrome on stable channel has been updated to 8.0.552.237 for all platforms. Chrome OS has also been updated, to 8.0.552.334. These releases contain the security fixes listed below.
Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
We’re delighted to offer our first “elite” $3133.7 Chromium Security Reward to Sergey Glazunov. Critical bugs are harder to come by in Chrome, but Sergey has done it. Sergey also collects a $1337 reward and several other rewards at the same time, so congratulations Sergey!
Also of note is a clarification on our default charity policy. Some researchers are unable to accept rewards, or even provide a suggestion for a charity. In such cases, it feels like a shame to lose a charitable contribution so we will default reward money to the Red Cross.
Jason Kersey
Google Chrome
Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
We’re delighted to offer our first “elite” $3133.7 Chromium Security Reward to Sergey Glazunov. Critical bugs are harder to come by in Chrome, but Sergey has done it. Sergey also collects a $1337 reward and several other rewards at the same time, so congratulations Sergey!
Also of note is a clarification on our default charity policy. Some researchers are unable to accept rewards, or even provide a suggestion for a charity. In such cases, it feels like a shame to lose a charitable contribution so we will default reward money to the Red Cross.
- [58053] Medium Browser crash in extensions notification handling. Credit to Eric Roman of the Chromium development community.
- [$1337] [65764] High Bad pointer handling in node iteration. Credit to Sergey Glazunov.
- [66334] High Crashes when printing multi-page PDFs. Credit to Google Chrome Security Team (Chris Evans).
- [$1000] [66560] High Stale pointer with CSS + canvas. Credit to Sergey Glazunov.
- [$500] [66748] High Stale pointer with CSS + cursors. Credit to Jan Tošovský.
- [67100] High Use after free in PDF page handling. Credit to Google Chrome Security Team (Chris Evans).
- [$1000] [67208] High Stack corruption after PDF out-of-memory condition. Credit to Jared Allar of CERT.
- [$1000] [67303] High Bad memory access with mismatched video frame sizes. Credit to Aki Helin of OUSPG; plus independent discovery by Google Chrome Security Team (SkyLined) and David Warren of CERT.
- [$500] [67363] High Stale pointer with SVG use element. Credited anonymously; plus indepdent discovery by miaubiz.
- [$1000] [67393] Medium Uninitialized pointer in the browser triggered by rogue extension. Credit to kuzzcc.
- [$1000] [68115] High Vorbis decoder buffer overflows. Credit to David Warren of CERT.
- [$1000] [68170] High Buffer overflow in PDF shading. Credit to Aki Helin of OUSPG.
- [$1000] [68178] High Bad cast in anchor handling. Credit to Sergey Glazunov.
- [$1000] [68181] High Bad cast in video handling. Credit to Sergey Glazunov.
- [$1000] [68439] High Stale rendering node after DOM node removal. Credit to Martin Barbella; plus independent discovery by Google Chrome Security Team (SkyLined).
- [$3133.7] [68666] Critical Stale pointer in speech handling. Credit to Sergey Glazunov.
Jason Kersey
Google Chrome
24 comments:
Matias said...
Is Sergey making a living out of bug fixing?? lol Congratulation man!
3:34 PM, January 12, 2011
Manish said...
Congratulations Sergey!
4:07 PM, January 12, 2011
Diego_SAG#1 said...
thanks for the fixes :D
cant´t wait for the stable release of chrome 9 xD
4:29 PM, January 12, 2011
William said...
We were long overdue for an update! I thought for sure it was going to be version 9 though! Congrats to Sergey, ballin!!!
Patiently waiting for Chrome 10 stable and crankshaft...just sounds cool/fast!!!! =]
5:03 PM, January 12, 2011
William said...
My CR-48 is at 8.0.552.343 for awhile now...
But your saying it's updated to .334???
This post is a mistake or I'm confused.
5:12 PM, January 12, 2011
gsctt said...
Sergey Glazunov should be hired by Google to join the Google Chrome team.
All users of Google Chrome need him.
Thanks Sergey!
5:30 PM, January 12, 2011
Larry said...
I'm as impressed as everyone, but what "speech handling" does Chrome do?
5:33 PM, January 12, 2011
Brad said...
More security the better :)
6:09 PM, January 12, 2011
nick4fake said...
nice
10:55 PM, January 12, 2011
Ricardo Z. Vendramini said...
Is Sergey making a living out of bug fixing?? lol Congratulation man! [2]
3:30 AM, January 13, 2011
Fussolia said...
I have the same issue as William... What's up with that?
6:21 AM, January 13, 2011
Don Hardaway, Ph.D. said...
It would be nice if Google could provide some communication to the CR-48 testers regarding the a list of bugs they are working on and in what order. I am still wondering when Citrix and being able to print on a network printer will be fixed.
6:28 AM, January 13, 2011
Ben said...
Here you go Don Hardaway:
http://code.google.com/p/chromium-os/updates/list
2:37 PM, January 13, 2011
Ben said...
William:
Chrome OS 0.9.128.14 (Official Build ede4cb9c) beta x86-mario
Google Chrome 8.0.552.344
I've heard that if you are in developer mode you have to flip the switch back for it to update.
Hope that helps.
2:43 PM, January 13, 2011
Schmaltz Herring said...
Thank you Google for making such a good browser.
10:55 PM, January 13, 2011
John said...
Now add a file manager for cameras, usb sticks and etc.
11:06 PM, January 13, 2011
KiKiM said...
Sergey is a russian name, congrats
russia is ruling! yeah!!!!
1:56 PM, January 14, 2011
Aleksander said...
The only thing that stops me from switching to Chrome is password sync. Please take this into consideration when releasing the next version! Include it! ;-)
6:55 AM, January 15, 2011
Shimon said...
Where is my Chrome 9?!
5:45 AM, January 16, 2011
Sim said...
in this release very often disappear checkboxes and arrows on scrollbars
8:12 PM, January 17, 2011
Martin Bartlett said...
Sergey's getting RICH!! :-)
12:16 AM, January 18, 2011
Pallieter Koopmans said...
For the default donation maybe the Google.org Foundation should be used?
5:06 AM, January 20, 2011
Lindblum said...
Thanks for keeping up the good work. Where can I go to ask about the state of development of vertical tabs (side tabs)? It's there, but it feels incomplete. I'm hoping to see an experience comparable to Firefox's TabKit addon, where you can resize the tab column, and switch tabs by rolling the scroll button while over the tabs (Try it once, you'll love it! It's time-saving). Maybe even style the tabs to look similar to the default (horizontal) tabs. Thank you.
7:11 AM, January 20, 2011
Thomas said...
I think there may be an issue with form submission on 8.0.552.237.
I am using on Ubuntu Linux, and since the last update am having problems logging into some web pages, where there is a username/password form.
Chrome appears not to do anything when I click logon, or press enter, though the same form works fine in firefox.
It is difficult to show a reproduction though, since the two or three times I have produced it, it's been on company servers (on groundwork logon screen, and oracle application server control).
Has any behaviour around that changed in 8.0.552.237?
8:19 AM, January 25, 2011
Post a Comment