Monday, August 22, 2011

Stable Channel Update

The Chrome Stable channel has been updated to 13.0.782.215 for all platforms.  This release contains the following security fixes.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

  • [$1000] [Windows only] [72492] Medium CVE-2011-2822: URL parsing confusion on the command line. Credit to Vladimir Vorontsov, ONsec company.
  • [82552] High CVE-2011-2823: Use-after-free in line box handling. Credit to Google Chrome Security Team (SkyLined) and independent later discovery by miaubiz.
  • [$1000] [88216] High CVE-2011-2824: Use-after-free with counter nodes. Credit to miaubiz.
  • [88670] High CVE-2011-2825: Use-after-free with custom fonts. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1283), plus indepdendent later discovery by miaubiz.
  • [$1000] [89402] High CVE-2011-2821: Double free in libxml XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
  • [$1000] [87453] High CVE-2011-2826: Cross-origin violation with empty origins. Credit to Sergey Glazunov.
  • [$1337] [Windows only] [89836] Critical CVE-2011-2806: Memory corruption in vertex handing. Credit to Michael Braithwaite of Turbulenz Limited.
  • [$1000] [90668] High CVE-2011-2827: Use-after-free in text searching. Credit to miaubiz.
  • [91517] High CVE-2011-2828: Out-of-bounds write in v8. Credit to Google Chrome Security Team (SkyLined).
  • [$1500] [32-bit only] [91598] High CVE-2011-2829: Integer overflow in uniform arrays. Credit to Sergey Glazunov.
  • [$1000] [Linux only] [91665] High CVE-2011-2839: Buggy memset() in PDF. Credit to Aki Helin of OUSPG.
The full list of changes is available in the SVN revision log.  Interested in switching to another?  Find out how.  If you find a new issue, please let us know by filing a bug.

Anthony Laforge
Google Chrome



Blogger Colin said...

miaubiz is making bank from this haha

3:21 PM, August 22, 2011  
Blogger Jack (Phred_13) said...

Forgot the “Stable updates” label. Some of us use that to determine when to update.

3:34 PM, August 22, 2011  
Blogger Manish said...

Thanks for the update.

4:17 PM, August 22, 2011  
Blogger Marcus_R said...

You say the full list of changes is available in the SVN revision log, but I can't find anything on Issue 86895, "flash key-state detection failing on Win7/Vista", even though a developer said it'd be included in the stable channel released today..?

4:59 PM, August 22, 2011  
Blogger itshaman said...

быстро исправляете ;)

10:23 PM, August 22, 2011  
Blogger SAHIL said...

it has an 'm' in front of the version no....wat is it?

10:40 PM, August 22, 2011  
Blogger Okung said...


The "m" just means that you have multiple versions of Chrome installed in C:\Users\username\AppData\Local\Google\Chrome\Application. You might have multiple versions of Chrome if you didn't download the latest version, but updated to it. The new version won't replace the old one, in case of installation failures. So in essence, when Chrome detects that you have more than one version of Chrome, it displays "m" after the version number in the [About Google Chrome] window.

12:08 AM, August 23, 2011  
Blogger petko said...

I also have the 'm' in the about window and only have one chrome installation - the stable one. Haven't touched the beta or dev, or the canary channel (if it still exists) at all.

2:06 AM, August 23, 2011  
Blogger MrZerock said...

Yeah i only use 1 version is beta and theres "m" too. Any other explain?

6:02 AM, August 23, 2011  
Anonymous Anonymous said...

If you had Google CHrome 12 or an older version on your machine and updated that's why you have the "m". It's exactly what @Okung said but I guess you didn't get it.

6:19 AM, August 23, 2011  
Blogger LadySidi said...

When I go to update, it says something like "update server failure (Error: 3). Any idea why, or when it will be fixed?

6:20 AM, August 23, 2011  
Blogger dac0302 said...

I don't understand anything here. Chrome loaded when I downloaded Ifranview, a free graphics program)I don't know why?
I went to the link "Chromium security page", but can't figure out what to do from here?

So, can someone tell me in plain English, Thanks!!

6:43 AM, August 23, 2011  
Blogger msi2 said...

When you open a new tab while the previous one is loading a page, the new tab crashes (There's an error message). I'm on WinXP. Oddly enough, that issue is still being carried on the recent devbuild (Chromium15).

10:15 AM, August 23, 2011  
Blogger petko said...

I had a fresh installation of Windows a week ago. then I directly grabbed Chrome 13 (never had any previous installation of Chrome whatsoever). And now I minor-update and the stupid 'm' is there.

Anyhow, just hope Google sorts this out cause it's annoying...

10:36 AM, August 23, 2011  
Blogger FREEWILLY said...

the "m" after the version number stands for Milestone (aka major chrome versions).

2:10 PM, August 23, 2011  
Blogger okungnyo said...


I did not have the "m" when I fresh-installed Chrome. Your copy of Chrome must have updated to a minor security-fix release, maybe that's why you didn't notice?

4:47 AM, August 24, 2011  
Blogger shayne said...

Will we be seeing a updated version of adobe flash for chrome soon=].

10:31 AM, August 25, 2011  
Anonymous Anonymous said...

it is making my search bar slow and didnt even load after press 'enter' takes very long time to open link from my bookmark...seriously, i think this isn't my pc problem but chrome latest version (13.0.782.215 m) is the link of other who are inthe same shoe as mine:

11:04 PM, August 26, 2011  
Blogger Dave said...

Its not a browser problem. My chrome launches instantly. It opens bookmarks instantly and it goes to web pages instantly. Has to be your pc.

12:38 AM, August 27, 2011  
Blogger mechandler34 said...

The flash update has been out for two days now and still no update for Chrome. What gives?

4:04 AM, August 27, 2011  
Blogger shayne said...

I hope they update it soon its a security update by adobe

1:50 AM, August 28, 2011  

Post a Comment

Subscribe to Post Comments [Atom]

<< Home