Wednesday, May 23, 2012

Stable Channel Update

The Chrome Stable channel has been updated to 19.0.1084.52 on Windows, Mac, Linux and Chrome Frame.  

Security fixes and rewards:

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

  • [117409] High CVE-2011-3103: Crashes in v8 garbage collection. Credit to the Chromium development community (Brett Wilson).
  • [118018] Medium CVE-2011-3104: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno).
  • [$1000] [120912] High CVE-2011-3105: Use-after-free in first-letter handling. Credit to miaubiz.
  • [122654] Critical CVE-2011-3106: Browser memory corruption with websockets over SSL. Credit to the Chromium development community (Dharani Govindan).
  • [124625] High CVE-2011-3107: Crashes in the plug-in JavaScript bindings. Credit to the Chromium development community (Dharani Govindan).
  • [$1337] [125159] Critical CVE-2011-3108: Use-after-free in browser cache. Credit to “efbiaiinzinz”.
  • [Linux only] [$1000] [126296] High CVE-2011-3109: Bad cast in GTK UI. Credit to Micha Bartholomé.
  • [126337] [126343] [126378] [127349] [127819] [127868] High CVE-2011-3110: Out of bounds writes in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
  • [$500] [126414] Medium CVE-2011-3111: Invalid read in v8. Credit to Christian Holler.
  • [127331] High CVE-2011-3112: Use-after-free with invalid encrypted PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
  • [127883] High CVE-2011-3113: Invalid cast with colorspace handling in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
  • [128014] High CVE-2011-3114: Buffer overflows with PDF functions. Credit to Google Chrome Security Team (scarybeasts).
  • [$1000] [128018] High CVE-2011-3115: Type corruption in v8. Credit to Christian Holler.

Many of these bugs were detected using AddressSanitizer.

Full details about what changes are in this release are available in the SVN revision log. If you find a new issue, please let us know by filing a bug.



Anthony Laforge
Google Chrome

Labels:

9 Comments:

Blogger 蓝风火火 said...

Updated

3:24 PM, May 23, 2012  
Blogger eLDuRo said...

I tried updating to the new version but it says 19.0.1084.46 is the latest version, What's going on with that? Is it going to be released later on today? Thanks

3:48 PM, May 23, 2012  
Blogger eLDuRo said...

Nevermind! Now I was able to update to the latest version, keep up the good job GUYS! I love Google Chrome!

4:05 PM, May 23, 2012  
Blogger Hannibal said...

LMDE x64, still old flash version. please update!

8:36 AM, May 24, 2012  
Blogger Pravit said...

My Logitech wireless mouse is not working in Chrome after the upgrade. Right clicking causes the menu to flicker briefly and disappear again and I can't click on my Bookmarks or the wrench icon without the menu flickering and disappearing again. Can't believe this was not caught in testing the release of such a widely used browser. I was also never notified of this upgrade or given the choice to upgrade or not.

5:56 PM, May 25, 2012  
Blogger Rafael said...

Other locking flaps, hangs when loading a page and I roll my pc is not Google Chrome for this concert please. thank you

11:52 AM, May 26, 2012  
Blogger grabacontroller said...

Chrome keeps crashing on me too. I am running Windows 7 Home Premium Service Pack 1. 32-Bit. AMD Athlon Dual Core Processor 4450B, 2.0GB RAM, NVIDIA Geforce 6150 LE

7:13 AM, May 27, 2012  
Blogger shimax said...

Now some encrypted PDF files can not be viewed properly because of this update even though they are harmless. Only the first pages is shown or all of pages are blank.

cf. http://code.google.com/p/chromium/issues/detail?id=129591

5:14 PM, June 01, 2012  
Blogger chotisri@gmail.com said...

Chrome Channel 19.0.1084.52 is beginning to tick me off. First, it eliminates all my extensions, then, it independently opens "Settings" in a tab of its own choosing, now, I find that it has changed my pre-selected search from Google.com to Google.co.th! I may be in Thailand, but what gives anyone the right to force me to use their selection of search engine?!?! The nerve of some people!

3:17 AM, June 04, 2012  

Post a Comment

Subscribe to Post Comments [Atom]

<< Home