Google Chrome version 0.2.149.29 was released on 5 September 2008, and all users are being automatically updated. Automatic updates are a key security feature in helping to ensure the safety of Google Chrome users.
This is a security and bug fix update, with no new functionality.
Security Updates:
- Fix a buffer overflow vulnerability in handling long filenames that display in the Save As... dialog. This is a critical risk that could lead to execution of arbitrary code.
- Fix a buffer overflow vulnerability in handling link targets displayed in the status area when the user hovers over a link. This is a critical risk that could lead to execution of arbitrary code.
- Fix an out-of-bounds memory read when parsing URLs ending with :%. This is a low risk that can be used to crash the entire browser, possibly causing loss of data in the current session.
- Change the default Downloads directory if it is set to Desktop, and ensure that Desktop cannot be the default. This mitigates the risk of malicious cluttering of the desktop with unwanted downloads, which can lead to executing unwanted files.
Other changes:
- Fix a couple of data transfer issues with the Safe Browsing service causing unnecessary traffic.
- Fix a JavaScript bug that affected facebook.com. The fix properly handles negative indicies when using for...in.
- Fix search suggestions not working properly for http://search.daum.net/, http://search.empas.com/, http://meta.ua/, http://search.naver.com/, and http://search.yahoo.com/ on several non-United States sites.