Chrome Releases
Release updates from the Chrome team
Stable Channel Update
Tuesday, May 15, 2012
The Google Chrome team is happy to announce the arrival of Chrome 19 to the Stable Channel for Windows, Mac, Linux and Chrome Frame. Chrome 19 contains a number of new features like tab sync.
More detailed updates are available on the
Chrome Blog
.
Security fixes and rewards:
Please see
the Chromium security page
for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
[
112983
]
Low
CVE-2011-3083: Browser crash with video + FTP.
Credit to Aki Helin of OUSPG.
[
113496
]
Low
CVE-2011-3084: Load links from internal pages in their own process.
Credit to Brett Wilson of the Chromium development community.
[
118374
]
Medium
CVE-2011-3085: UI corruption with long autofilled values.
Credit to “psaldorn”.
[$
1000
] [
118642
]
High
CVE-2011-3086: Use-after-free with style element.
Credit to Arthur Gerkis.
[
118664
]
Low
CVE-2011-3087: Incorrect window navigation.
Credit to Charlie Reis of the Chromium development community.
[$
500
] [
120648
]
Medium
CVE-2011-3088: Out-of-bounds read in hairline drawing.
Credit to Aki Helin of OUSPG.
[$
1000
] [
120711
]
High
CVE-2011-3089: Use-after-free in table handling.
Credit to miaubiz.
[$
500
] [
121223
]
Medium
CVE-2011-3090: Race condition with workers.
Credit to Arthur Gerkis.
[
121734
]
High
CVE-2011-3091: Use-after-free with indexed DB.
Credit to Google Chrome Security Team (Inferno).
[$
1000
] [
122337
]
High
CVE-2011-3092: Invalid write in v8 regex.
Credit to Christian Holler.
[$
500
] [
122585
]
Medium
CVE-2011-3093: Out-of-bounds read in glyph handling.
Credit to miaubiz.
[
122586
]
Medium
CVE-2011-3094: Out-of-bounds read in Tibetan handling.
Credit to miaubiz.
[$
1000
] [
123481
]
High
CVE-2011-3095: Out-of-bounds write in OGG container.
Credit to Hannu Heikkinen.
[Linux only] [
123530
]
Low
CVE-2011-3096: Use-after-free in GTK omnibox handling.
Credit to Arthur Gerkis.
[
123733
] [
124182
]
High
CVE-2011-3097: Out-of-bounds write in sampled functions with PDF.
Credit to Kostya Serebryany of Google and Evgeniy Stepanov of Google.
[Windows only] [
124216
]
Low
CVE-2011-3098: Bad search path for Windows Media Player plug-in.
Credit to Haifei Li of Microsoft and MSVR (MSVR:159).
[
124479
]
High
CVE-2011-3099: Use-after-free in PDF with corrupt font encoding name.
Credit to Mateusz Jurczyk of Google Security Team and Gynvael Coldwind of Google Security Team.
[
124652
]
Medium
CVE-2011-3100: Out-of-bounds read drawing dash paths.
Credit to Google Chrome Security Team (Inferno).
And some additional rewards for issues with a wider scope than Chrome:
[Linux only] [$
500
] [
118970
]
Medium
CVE-2011-3101: Work around Linux Nvidia driver bug.
Credit to Aki Helin of OUSPG.
[$
1500
] [
125462
]
High
CVE-2011-3102: Off-by-one out-of-bounds write in libxml.
Credit to Jüri Aedla.
Many of the above bugs were detected using
AddressSanitizer
.
We’d also like to thank Aki Helin of OUSPG, Sławomir Błażek, Chamal de Silva, miaubiz, Arthur Gerkis and Christian Holler for working with us during the development cycle and preventing security regressions from ever reaching the stable channel. $9000 of additional rewards were issued for this awesomeness.
Full details about what changes are in this release are available in the
SVN revision log
. Interested in hopping on the stable channel?
Find out how
. If you find a new issue, please let us know by
filing a bug
.
Anthony Laforge
Google Chrome
Labels
Admin Console
43
Android WebView
19
Beta
21
Beta update
4
Beta updates
1992
chrome
15
Chrome Dev for Android
122
Chrome for Android
924
Chrome for iOS
363
Chrome for Meetings
5
Chrome OS
1149
Chrome OS Flex
22
Chrome OS Management
12
Chromecast Update
6
ChromeOS
194
ChromeOS Flex
191
Desktop Update
1085
dev update
266
Dev updates
1491
Early Stable Updates
45
Extended Stable updates
122
Flash Player update
5
Flex
1
Hangouts Meet hardware
5
LTS
84
stable
9
Stable updates
1214
Archive
2024
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2023
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2022
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2021
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2020
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2019
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2018
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2017
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2016
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2015
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2014
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2012
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2010
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2009
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2008
Dec
Nov
Oct
Sep
Give us feedback in our
Product Forums
.