Hi, everyone! We've just released Chrome 117 (117.0.5938.140) for Android: it'll become available on Google Play over the next few days.
The Long Term Support Candidate has been promoted to ChromeOS LTS 114 and is rolling out to most ChromeOS devices. The current version is 114.0.5735.334 (Platform Version: 15437.70.0).
If you are currently on the ChromeOS Long Term Support (LTS) channel (and not pinned to 108), your devices will automatically update from ChromeOS LTS 108 to ChromeOS LTS 114.
Release notes for LTC-114 can be found here
This build contains additional security fixes including:
1479274 High CVE-2023-4863 Heap buffer overflow in WebP
1469754 High CVE-2023-4429 Use after free in Loader
1472492 High CVE-2023-4572 Use after free in MediaStream
1470477 High CVE-2023-4428 Out of bounds memory access in CSS
Hi everyone! We've just released Chrome Stable 117 (117.0.5938.117) for iOS; it'll become available on App Store in the next few hours.
This release includes stability and performance improvements. You can see a full list of the changes in the Git log. If you find a new issue, please let us know by filing a bug.
Harry SoudersGoogle Chrome
The Beta channel is being updated to OS version: 15604.24.0, Browser version: 118.0.5993.26 for most ChromeOS devices.
If you find new issues, please let us know one of the following ways:
Cole Brown,
Google ChromeOS
The Stable channel is being updated to OS version: 15572.50.0 Browser version: 117.0.5938.115 for most ChromeOS devices.
If you find new issues, please let us know one of the following ways
Interested in switching channels? Find out how.
Security Fixes and Rewards
VRP Reported Security Fixes:
[$TBD] [1462551] High CVE-NA Security Bug in mwifiex firmware. Reported by Lovepink on 2023-06-06
3rd Party Security Fixes:
[NA] [NA] High Fixes CVE-2023-4622 in Linux Kernel
[NA] [NA] High Fixes CVE-2023-4208 in Linux Kernel
Chrome Browser Security Fixes:
[$NA][1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP. Reported by Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at The University of Torontoʼs Munk School on 2023-09-06
[$3000][1430867] Medium CVE-2023-4900: Inappropriate implementation in Custom Tabs. Reported by Levit Nudi from Kenya on 2023-04-06
[$3000][1459281] Medium CVE-2023-4901: Inappropriate implementation in Prompts. Reported by Kang Ali on 2023-06-29
[$2000][1454515] Medium CVE-2023-4902: Inappropriate implementation in Input. Reported by Axel Chong on 2023-06-14
[$1000][1446709] Medium CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs. Reported by Ahmed ElMasry on 2023-05-18
[$1000][1453501] Medium CVE-2023-4904: Insufficient policy enforcement in Downloads. Reported by Tudor Enache @tudorhacks on 2023-06-09
[$500][1441228] Medium CVE-2023-4905: Inappropriate implementation in Prompts. Reported by Hafiizh on 2023-04-29
[$6000][1449874] Low CVE-2023-4906: Insufficient policy enforcement in Autofill. Reported by Ahmed ElMasry on 2023-05-30
[$2000][1462104] Low CVE-2023-4907: Inappropriate implementation in Intents. Reported by Mohit Raj (shadow2639) on 2023-07-04
[$TBD][1451543] Low CVE-2023-4908: Inappropriate implementation in Picture in Picture. Reported by Axel Chong on 2023-06-06
[$TBD][1463293] Low CVE-2023-4909: Inappropriate implementation in Interstitials. Reported by Axel Chong on 2023-07-09
Android Runtime Container Security Fixes:
No Android Runtime Container Security Fixes for this release
We would like to thank the security researchers that report vulnerabilities to us via bughunters.google.com to keep ChromeOS and the entire open source ecosystem secure.
Matt Nelson,Google ChromeOS
The Dev channel has been updated to 119.0.6020.3 for Windows, Mac and Linux.
A partial list of changes is available in the Git log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
Prudhvi BommanaGoogle Chrome
