Chrome Releases: Stable Channel Update

Chrome Releases

Release updates from the Chrome team

Stable Channel Update

Tuesday, June 26, 2012

The Google Chrome team is happy to announce the arrival of Chrome 20 (20.0.1132.43) to the Stable Channel for Windows, Mac, Linux, and Chrome Frame.

Security fixes and rewards:

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

[118633] Low CVE-2012-2815: Leak of iframe fragment id. Credit to Elie Bursztein of Google.
[Windows only] [119150] [119250] High CVE-2012-2816: Prevent sandboxed processes interfering with each other. Credit to Google Chrome Security Team (Justin Schuh).
[$1000] [120222] High CVE-2012-2817: Use-after-free in table section handling. Credit to miaubiz.
[$1000] [120944] High CVE-2012-2818: Use-after-free in counter layout. Credit to miaubiz.
[120977] High CVE-2012-2819: Crash in texture handling. Credit to Ken “gets” Russell of the Chromium development community.
[121926] Medium CVE-2012-2820: Out-of-bounds read in SVG filter handling. Credit to Atte Kettunen of OUSPG.
[122925] Medium CVE-2012-2821: Autofill display problem. Credit to “simonbrown60”.
[various] Medium CVE-2012-2822: Misc. lower severity OOB read issues in PDF. Credit to awesome ASAN and various Googlers (Kostya Serebryany, Evgeniy Stepanov, Mateusz Jurczyk, Gynvael Coldwind).
[$1000] [124356] High CVE-2012-2823: Use-after-free in SVG resource handling. Credit to miaubiz.
[$1000] [125374] High CVE-2012-2824: Use-after-free in SVG painting. Credit to miaubiz.
[128688] Medium CVE-2012-2826: Out-of-bounds read in texture conversion. Credit to Google Chrome Security Team (Inferno).
[Mac only] [129826] Low CVE-2012-2827: Use-after-free in Mac UI. Credit to the Chromium development community (Dharani Govindan).
[129857] High CVE-2012-2828: Integer overflows in PDF. Credit to Mateusz Jurczyk of Google Security Team with contributions by Gynvael Coldwind of Google Security Team and Google Chrome Security Team (Chris Evans).
[$1000] [129947] High CVE-2012-2829: Use-after-free in first-letter handling. Credit to miaubiz.
[$1000] [129951] High CVE-2012-2830: Wild pointer in array value setting. Credit to miaubiz.
[Windows only] [130276] Low CVE-2012-2764: Unqualified load of metro DLL. Credit to Moshe Zioni of Comsec Consulting.
[$1000] [130356] High CVE-2012-2831: Use-after-free in SVG reference handling. Credit to miaubiz.
[131553] High CVE-2012-2832: Uninitialized pointer in PDF image codec. Credit to Mateusz Jurczyk of Google Security Team with contributions by Gynvael Coldwind of Google Security Team.
[132156] High CVE-2012-2833: Buffer overflow in PDF JS API. Credit to Mateusz Jurczyk of Google Security Team.
[$1000] [132779] High CVE-2012-2834: Integer overflow in Matroska container. Credit to Jüri Aedla.

And some additional rewards for issues with a wider scope than Chrome:

[$500] [127417] Medium CVE-2012-2825: Wild read in XSL handling. Credit to Nicholas Gregoire.

[64-bit Linux only] [$3000] [129930] High CVE-2012-2807: Integer overflows in libxml. Credit to Jüri Aedla.

Many of the above bugs were detected using AddressSanitizer.

We’d also like to thank Arthur Gerkis, Atte Kettunen of OUSPG and miaubiz for working with us during the development cycle and preventing security regressions from ever reaching the stable channel. Various additional rewards were issued for this awesomeness.

Full details about what changes are in this release are available in the SVN revision log. Interested in hopping on the stable channel? Find out how. If you find a new issue, please let us know by filing a bug.

Dharani Govindan
Google Chrome

Labels: Stable updates

Labels

Admin Console 43
Android WebView 19
Beta 21
Beta update 4
Beta updates 2018
chrome 15
Chrome Dev for Android 129
Chrome for Android 946
Chrome for iOS 374
Chrome for Meetings 5
Chrome OS 1149
Chrome OS Flex 22
Chrome OS Management 12
Chromecast Update 6
ChromeOS 210
ChromeOS Flex 207
Desktop Update 1109
dev update 266
Dev updates 1506
Early Stable Updates 49
Extended Stable updates 127
Flash Player update 5
Flex 1
Hangouts Meet hardware 5
LTS 88
stable 11
Stable updates 1237

Archive

2024
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2023
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2022
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2021
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2020
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2019
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2018
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2017
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2016
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2015
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2014
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2013
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2012
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2011
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2010
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2009
- Dec
- Nov
- Oct
- Sep
- Aug
- Jul
- Jun
- May
- Apr
- Mar
- Feb
- Jan

2008
- Dec
- Nov
- Oct
- Sep

Give us feedback in our
Product Forums.

Google
Privacy
Terms