Showing more posts with label Stable updates. Show older posts

Stable Channel Update

Thursday, August 19, 2010 | 15:11

Labels:

Google Chrome 5.0.375.127 has been released to the Stable Channel on Windows, Mac, and Linux.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
Aside from the listed security bugs fixed in Chromium, we have also deployed a workaround for a critical vulnerability where the root cause lies in an external component. Credit and $1337 to Marc Schoenefeld for enabling us to work around another Windows kernel bug [51070].


  • [$1337] [45400] Critical Memory corruption with file dialog. Credit to Sergey Glazunov.
  • [$500] [49596] High Memory corruption with SVGs. Credit to wushi of team509.
  • [$500] [49628] High Bad cast with text editing. Credit to wushi of team509.
  • [$1000] [49964] High Possible address bar spoofing with history bug. Credit to Mike Taylor.
  • [$2000] [50515] [51835] High Memory corruption in MIME type handling. Credit to Sergey Glazunov.
  • [$1337] [50553] Critical Crash on shutdown due to notifications bug. Credit to Sergey Glazunov.
  • [51146] Medium Stop omnibox autosuggest if the user might be about to type a password. Credit to Robert Hansen.
  • [$1000] [51654] High Memory corruption with Ruby support. Credit to kuzzcc.
  • [$1000] [51670] High Memory corruption with Geolocation support. Credit to kuzzcc.
If you find issues, please let us know: http://code.google.com/p/chromium/issues/entry

Jason Kersey
Google Chrome

Stable Channel Update

Tuesday, August 10, 2010 | 15:49

Labels:


Google Chrome 5.0.375.126 has been released to the Stable channel on Linux, Mac, and Windows. This version contains an updated version of the Flash plugin.

If you find issues, please let us know: http://code.google.com/p/chromium/issues/entry

Jason Kersey
Google Chrome

Stable Channel Update

Monday, July 26, 2010 | 16:08

Labels:

Google Chrome 5.0.375.125 has been released to the Stable channel on Linux, Mac, Windows, and Chrome Frame.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
Aside from the listed security bugs fixed in Chromium, we have also deployed workarounds for two critical vulnerabilities where the root cause lies in external components. Credit and $1337 to Marc Schoenefeld for enabling us to work around a Windows kernel bug [48283]. Credit and $1337 to Simon Berry-Byrne for enabling us to work around a glibc bug [48733].
  • [$500] [42736] Medium Memory contents disclosure in layout code. Credit to Michail Nikolaev.
  • [$500] [43813] High Issue with large canvases. Credit to sp3x of SecurityReason.com.
  • [$500] [47866] High Memory corruption in rendering code. Credit to Jose A. Vazquez.
  • [$500] [48284] High Memory corruption in SVG handling. Credit to Aki Helin of OUSPG.
  • [48597] Low Avoid hostname truncation and incorrect eliding. Credit to Google Chrome Security Team (Inferno).
If you find issues, please let us know: http://code.google.com/p/chromium/issues/entry

Jason Kersey
Google Chrome

Stable Channel Update

Friday, July 2, 2010 | 13:50

Labels:


Google Chrome 5.0.375.99 has been released to the Stable channel on Linux, Mac, and Windows.
This release fixes the following security issues:
  • [42396] Low OOB read with WebGL. Credit to Sergey Glazunov; Google Chrome Security Team (SkyLined).
  • [42575] [42980] Medium Isolate sandboxed iframes more strongly. Credit to sirdarckcat of Google Security Team.
  • [$500] [43488] High Memory corruption with invalid SVGs. Credit to Aki Hekin of OUSPG; wushi of team509.
  • [$500] [44424] High Memory corruption in bidi algorithm. Credit to wushi of team509.
  • [45164] Low Crash with invalid image. Credit to Jose A. Vazquez.
  • [$1000] [45983] High Memory corruption with invalid PNG (libpng bug). Credit to Aki Helin of OUSPG.
  • [$500] [46360] High Memory corruption in CSS style rendering. Credit to wushi of team509.
  • [46575] Low Annoyance with print dialogs. Credit to Mats Ahlgren.
  • [47056] Low Crash with modal dialogs. Credit to Aki Helin of OUSPG.
 If you find issues, please let us know: http://code.google.com/p/chromium/issues/entry

Jason Kersey
Google Chrome

Stable Channel Update

Thursday, June 24, 2010 | 16:27

Labels:

Google Chrome 5.0.375.86 has been released to the Stable channel on Linux, Mac, and Windows.

The integrated flash player has been enabled by default and the following security issues were resolved:
  • [38105] Medium XSS via application/json response (regression). Credit to Ben Davis for original discovery and Emanuele Gentili for regression discovery.
  • [43322] Medium Memory error in video handling. Credit to Mark Dowd under contract to Google Chrome Security Team.
  • [43967] High Subresource displayed in omnibox loading. Credit to Michal Zalewski of Google Security Team.
  • [45267] High Memory error in video handling. Credit to Google Chrome Security Team (Cris Neckar).
  • [$500] [46126] High Stale pointer in x509-user-cert response. Credit to Rodrigo Marcos of SECFORCE.
If you find issues, please let us know: http://code.google.com/p/chromium/issues/entry

Anthony Laforge,
Google Chrome Team

Stable Channel Update

Tuesday, June 8, 2010 | 14:00

Labels:

Google Chrome 5.0.375.70 has been released to the Stable channel on Linux, Mac, and Windows.

This release fixes the following security issues:
  • [15766] Medium Cross-origin keystroke redirection. Credit to Michal Zalewski of Google Security Team.
  • [$2000] [39985] High Cross-origin bypass in DOM methods. Credit to Sergey Glazunov.
  • [$500] [42723] High Memory error in table layout. Credit to wushi of team509.
  • [Linux only] [43304] High Linux sandbox escape. Credit to Mark Dowd under contract to Google Chrome Security Team.
  • [43307] High Bitmap stale pointer. Credit to Mark Dowd under contract to Google Chrome Security Team.
  • [43315] High Memory corruption in DOM node normalization. Credit to Mark Dowd under contract to Google Chrome Security Team.
  • [43487] High Memory corruption in text transforms. Credit to wushi of team509.
  • [43902] Medium XSS in innerHTML property of textarea. Credit to sirdarckcat of Google Security Team.
  • [44740] High Memory corruption in font handling. Credit: Apple.
  • [44868] High Geolocation events fire after document deletion. Credit to Google Chrome Security Team (Justin Schuh).
  • [44955] High Memory corruption in rendering of list markers. Credit: Apple.
If you find issues, please let us know: http://code.google.com/p/chromium/issues/entry

Anthony Laforge,
Google Chrome Team