Stable Channel Update
Thursday, November 5, 2009 | 13:18
Labels: Stable updates
The stable channel has been updated to 3.0.195.32, and includes the following security and stability fixes:
- Resolved a history issue that affected going back from queries in Google Maps. (Issue: 21353)
- Fixed issue with Adobe Acrobat Reader 9.2, where no content would be displayed. (Issue: 24883)
- Fixed an infinite loop in AAC decoding. (Webkit Issue: 27239)
- Fixed a top crasher. (Issue: 22205)
- Fix issues where setInterval sometimes eats 100% CPU. (Issue: 25892)
Security Fixes:
CVE-2009-XXXX User not warned for some file types that can execute JavaScript
The user was not warned about certain possibly dangerous file types such as SVG, MHT and XML files. In some browsers, JavaScript can execute within these types of files. Because the JavaScript runs in the local context, it may be able to access local resources.
More info: http://code.google.com/p/chromium/issues/detail?id=23979
(This issue will be made public once a majority of users are up to date with the fix.)
(This issue will be made public once a majority of users are up to date with the fix.)
Severity: Medium
Credit: Inferno of SecureThoughts.com
Mitigations:
Credit: Inferno of SecureThoughts.com
Mitigations:
- A victim would need to visit a page under an attacker's control.
- The victim would furthermore need to open a malicious file.
CVE-2009-XXXX Possible memory corruption in the Gears plugin
A malicious site could use the Gears SQL API to put SQL metadata into a bad state, which could cause a subsequent memory corruption. This may lead to a Gears plugin crash or possibly arbitrary code execution.
More info: http://code.google.com/p/chromium/issues/detail?id=26179
(This issue will be made public once a majority of users are up to date with the fix.)
(This issue will be made public once a majority of users are up to date with the fix.)
Severity: High
Credit: This issue was found by the Google Chrome security team.
Mitigations:
Credit: This issue was found by the Google Chrome security team.
Mitigations:
- A victim would need to visit a page under an attacker's control.
- The victim would furthermore need to "click-through" the Gears dialog confirming that they trust the attacker's evil page.
Anthony Laforge
Google Chrome Program Manager
13 comments:
Manish said...
Finally the fix for Adobe Acrobat Reader 9.2 (Issue: 24883) is released to stable release.
1:22 PM, November 05, 2009
erg said...
ei, the download system is very slow.
When I download a file, the speed is 60 kps but my internet has 2 MB of speed.
Why don´t solve this problem?
1:23 PM, November 05, 2009
Philipp said...
@erg i doubt that your connection speed has anything to do with chrome..
1:33 PM, November 05, 2009
MWP said...
1:42 PM, November 05, 2009
MWP said...
Orkut still doesn't work.
Now my Chrome doesn't post here!
I did it with IE8.
Win vis 32
1:44 PM, November 05, 2009
Anthony said...
Do you know if there is a bug on file for the Orkut issue that I could take a look at?
1:48 PM, November 05, 2009
Phil said...
2:11 PM, November 05, 2009
Phil said...
Sometime anti-virus module may slow down web browser, Antivir Premium Webguard is slowing Chrome a lot for me and I disable it
opening 31 bookmarks with webguard : 3m30 and without 20 sec, cache cleared between each try
2:13 PM, November 05, 2009
Mhelan's Tristan said...
I'm having this problem with some flash based games when google chrome shows 2 mouse pointers, one on the game and the other one the OS's pointer, which should be hidden and only the game's pointer visible. It's quite annoying.
6:22 PM, November 05, 2009
david said...
It might just be me, but my inbox on facebook along with the "view all friends" overlay popup doesn't work anymore. Hasn't for some days now. This is strictly a Chrome issue, works on Firefox and IE. I'm on stable channel!
4:32 AM, November 06, 2009
jhone said...
Hi,
I am currently using orkut and facebook i always choose orkut as my regular usage..
Because orkut was really nice social site and this article giving me info about orkut so i really like it..
r4ds
3:59 AM, November 07, 2009
Rong said...
In firefox or IE, you could resize pictures you post on blogspot. Chrome doesnt allow me to do this.
2:06 AM, November 10, 2009
Vic Jang said...
traditional Chinese phonetic input is still not allowed when in the omnibox after TAB is pressed.
http://www.google.com/support/chrome/bin/answer.py?hl=en&answer=95655
6:52 PM, November 10, 2009
Post a Comment