Chrome Releases
Release updates from the Chrome team
Dev Channel Update for Chrome OS
Friday, December 7, 2018
The Dev channel has been updated to 72.0.3626.8 (Platform version: 11316.6.0) for most Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements.
A list of
changes can be found
here
.
If you find new issues, please let us know by visiting our
forum
or
filing a bug
. Interested in switching channels?
Find out how
. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 vertical dots in the upper right corner of the browser).
David McMahon
Google Chrome
Beta Channel Update for Chrome OS
Thursday, December 6, 2018
The Beta channel has been updated to 71.0.3578.85 (Platform version:
11151.51.0
) for most Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements.
A list of
changes can be found
here
.
If you find new issues, please let us know by visiting our
forum
or
filing a bug
. Interested in switching channels?
Find out how
. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 vertical dots in the upper right corner of the browser).
Kevin Bleicher
Google Chrome
Dev Channel Update for Desktop
Wednesday, December 5, 2018
The dev channel has been updated to 72.0.3626.7 for Windows, Mac &
Linux.
A partial list of changes is available in the
log
. Interested in
switching
release channels? Find out
how
. If you find a new issue, please let us know by
filing a bug
. The
community help forum
is also a great place to reach out for help or learn about common issues.
Srinivas Sista
Google Chrome
Chrome for Android Update
Tuesday, December 4, 2018
Good news, everyone! Chrome 71 (71.0.3578.83) for Android has been released and will be
available on Google Play
over the course of the next few weeks. This release includes stability and performance improvements.
A list of the changes in this build is available in the
Git log
.
If you find a new issue, please let us know by
filing a bug
. More information about Chrome for Android is available on the
Chrome site
.
Ben Mason
Google Chrome
Stable Channel Update for Desktop
Tuesday, December 4, 2018
The Chrome team is delighted to announce the promotion of Chrome 71 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.
Chrome 71.0.3578.80 contains a number of fixes and improvements -- a list of changes is available in the
log
. Watch out for upcoming
Chrome
and
Chromium
blog posts about new features and big efforts delivered in 71.
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes
43
security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the
Chrome Security Page
for more information.
[$N/A][
905940
]
High
CVE-2018-17480: Out of bounds write in V8.
Reported by Guang Gong of Alpha Team, Qihoo 360 via Tianfu Cup on 2018-11-16
[$6000][
901654
]
High
CVE-2018-17481: Use after frees in PDFium.
Reported by Anonymous on 2018-11-04
[$5000][
895362
]
High
CVE-2018-18335: Heap buffer overflow in Skia.
Reported by Anonymous on 2018-10-15
[$5000][
898531
]
High
CVE-2018-18336: Use after free in PDFium.
Reported by Huyna at Viettel Cyber Security on 2018-10-24
[$3000][
886753
]
High
CVE-2018-18337: Use after free in Blink.
Reported by cloudfuzzer on 2018-09-19
[$3000][
890576
]
High
CVE-2018-18338: Heap buffer overflow in Canvas.
Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-09-29
[$3000][
891187
]
High
CVE-2018-18339: Use after free in WebAudio.
Reported by cloudfuzzer on 2018-10-02
[$3000][
896736
]
High
CVE-2018-18340: Use after free in MediaRecorder.
Reported by Anonymous on 2018-10-18
[$3000][
901030
]
High
CVE-2018-18341: Heap buffer overflow in Blink.
Reported by cloudfuzzer on 2018-11-01
[$3000][
906313
]
High
CVE-2018-18342: Out of bounds write in V8.
Reported by Guang Gong of Alpha Team, Qihoo 360 on 2018-11-17
[$1000][
882423
]
High
CVE-2018-18343: Use after free in Skia.
Reported by Tran Tien Hung (@hungtt28) of Viettel Cyber Security on 2018-09-10
[$TBD][
866426
]
High
CVE-2018-18344: Inappropriate implementation in Extensions.
Reported by Jann Horn of Google Project Zero on 2018-07-23
[$TBD][
900910
]
High
To be allocated: Multiple issues in SQLite via WebSQL.
Reported by Wenxiang Qian of Tencent Blade Team on 2018-11-01
[$8000][
886976
]
Medium
CVE-2018-18345: Inappropriate implementation in Site Isolation.
Reported by Masato Kinugawa and Jun Kokatsu (@shhnjk) on 2018-09-19
[$2000][
606104
]
Medium
CVE-2018-18346: Incorrect security UI in Blink.
Reported by Luan Herrera (@lbherrera_) on 2016-04-23
[$2000][
850824
]
Medium
CVE-2018-18347: Inappropriate implementation in Navigation.
Reported by Luan Herrera (@lbherrera_) on 2018-06-08
[$2000][
881659
]
Medium
CVE-2018-18348: Inappropriate implementation in Omnibox.
Reported by Ahmed Elsobky (@0xsobky) on 2018-09-07
[$2000][
894399
]
Medium
CVE-2018-18349: Insufficient policy enforcement in Blink.
Reported by David Erceg on 2018-10-11
[$1000][
799747
]
Medium
CVE-2018-18350: Insufficient policy enforcement in Blink.
Reported by Jun Kokatsu (@shhnjk) on 2018-01-06
[$1000][
833847
]
Medium
CVE-2018-18351: Insufficient policy enforcement in Navigation.
Reported by Jun Kokatsu (@shhnjk) on 2018-04-17
[$1000][
849942
]
Medium
CVE-2018-18352: Inappropriate implementation in Media.
Reported by Jun Kokatsu (@shhnjk) on 2018-06-06
[$1000][
884179
]
Medium
CVE-2018-18353: Inappropriate implementation in Network Authentication.
Reported by Wenxu Wu (@ma7h1as) of Tencent Security Xuanwu Lab on 2018-09-14
[$1000][
889459
]
Medium
CVE-2018-18354: Insufficient data validation in Shell Integration.
Reported by Wenxu Wu (@ma7h1as) of Tencent Security Xuanwu Lab on 2018-09-26
[$500][
896717
]
Medium
CVE-2018-18355: Insufficient policy enforcement in URL Formatter.
Reported by evi1m0 of Bilibili Security Team on 2018-10-18
[$TBD][
883666
]
Medium
CVE-2018-18356: Use after free in Skia.
Reported by Tran Tien Hung (@hungtt28) of Viettel Cyber Security on 2018-09-13
[$TBD][
895207
]
Medium
CVE-2018-18357: Insufficient policy enforcement in URL Formatter.
Reported by evi1m0 of Bilibili Security Team on 2018-10-15
[$TBD][
899126
]
Medium
CVE-2018-18358: Insufficient policy enforcement in Proxy.
Reported by Jann Horn of Google Project Zero on 2018-10-26
[$TBD][
907714
]
Medium
CVE-2018-18359: Out of bounds read in V8.
Reported by cyrilliu of Tencent Zhanlu Lab on 2018-11-22
[$500][
851821
]
Low
To be allocated: Inappropriate implementation in PDFium.
Reported by Salem Faisal Elmrayed on 2018-06-12
[$500][
856135
]
Low
To be allocated: Use after free in Extensions.
Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-06-25
[$500][
879965
]
Low
To be allocated: Inappropriate implementation in Navigation.
Reported by Luan Herrera (@lbherrera_) on 2018-09-03
[$500][
882270
]
Low
To be allocated: Inappropriate implementation in Navigation.
Reported by Jesper van den Ende on 2018-09-09
[$500][
890558
]
Low
To be allocated: Insufficient policy enforcement in Navigation.
Reported by Ryan Pickren (ryanpickren.com) on 2018-09-29
[$TBD][
895885
]
Low
To be allocated: Insufficient policy enforcement in URL Formatter.
Reported by evi1m0 of Bilibili Security Team on 2018-10-16
This bug was fixed in Chrome 69, but was incorrectly omitted from the release notes at the time:
[$3000][
853937
]
Medium
To be allocated: Insufficient policy enforcement in Payments.
Reported by Jun Kokatsu (@shhnjk) on 2018-06-18
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
As usual, our ongoing internal security work was responsible for a wide range of fixes:
[
911706
] Various fixes from internal audits, fuzzing and other initiatives
Many of our security bugs are detected using
AddressSanitizer
,
MemorySanitizer
,
UndefinedBehaviorSanitizer
,
Control Flow Integrity
,
libFuzzer
, or
AFL
.
Interested in switching release channels? Find out how
here
. If you find a new issue, please let us know by
filing a bug
.
The
community help forum
is also a great place to reach out for help or learn about common issues.
Thank you,
Krishna Govind
Chrome Beta for Android Update
Monday, December 3, 2018
Ladies and gentlemen, behold! Chrome Beta 71 (71.0.3578.83) for Android has been released and is
available in Google Play
. A partial list of the changes in this build is available in the
Git log
. Details on new features is available on the
Chromium blog
, and developers should check out our updates related to the web platform
here
.
If you find a new issue, please let us know by
filing a bug
. More information about Chrome for Android is available on the
Chrome site
.
Ben Mason
Google Chrome
Beta Channel Update for Desktop
Monday, December 3, 2018
The beta channel has been updated to
71.0.3578.80
for Windows, Mac, and, Linux.
A full list of changes in this build is available in the
log
. Interested in switching release channels? Find out how
here
. If you find a new issue, please let us know by
filing a bug
.
The
community help forum
is also a great place to reach out for help or learn about common issues.
Krishna Govind
Google Chrome
Chrome Beta for Android Update
Thursday, November 29, 2018
Ladies and gentlemen, behold! Chrome Beta 71 (71.0.3578.75) for Android has been released and is
available in Google Play
. A partial list of the changes in this build is available in the
Git log
. Details on new features is available on the
Chromium blog
, and developers should check out our updates related to the web platform
here
.
If you find a new issue, please let us know by
filing a bug
. More information about Chrome for Android is available on the
Chrome site
.
Ben Mason
Google Chrome
Beta Channel Update for Chrome OS
Wednesday, November 28, 2018
The Beta channel has been updated to 71.0.3578.71 (Platform version:
11151.45.0
) for most Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements.
A list of
changes can be found
here
If you find new issues, please let us know by visiting our
forum
or
filing a bug
. Interested in switching channels?
Find out how
. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 vertical dots in the upper right corner of the browser).
Kevin Bleicher
Google Chrome
Beta Channel Update for Desktop
Wednesday, November 28, 2018
The beta channel has been updated to
71.0.3578.75
for Windows, Mac, and, Linux.
A full list of changes in this build is available in the
log
. Interested in switching release channels? Find out how
here
. If you find a new issue, please let us know by
filing a bug
.
The
community help forum
is also a great place to reach out for help or learn about common issues.
Krishna Govind
Google Chrome
Labels
Admin Console
Android WebView
Beta
Beta updates
chrome
Chrome Beta for Android
Chrome Dev for Android
Chrome for Android
Chrome for iOS
Chrome for Meetings
Chrome OS
Chrome OS Management
Chromecast Update
Desktop Update
dev update
Dev updates
Flash Player update
Hangouts Meet hardware
Stable updates
Archive
2018
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2017
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2016
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2015
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2014
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2012
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2010
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2009
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2008
Dec
Nov
Oct
Sep
Feed
Google
on
Follow @googlechrome
Follow
Follow