Chrome Releases
Release updates from the Chrome team
Stable Channel Update
Tuesday, June 26, 2012
The Google Chrome team is happy to announce the arrival of Chrome 20 (20.0.1132.43) to the Stable Channel for Windows, Mac, Linux, and Chrome Frame.
Security fixes and rewards:
Please see
the Chromium security page
for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
[
118633
]
Low
CVE-2012-2815: Leak of iframe fragment id.
Credit to Elie Bursztein of Google.
[Windows only] [
119150
] [
119250
]
High
CVE-2012-2816: Prevent sandboxed processes interfering with each other.
Credit to Google Chrome Security Team (Justin Schuh).
[$
1000
] [
120222
]
High
CVE-2012-2817: Use-after-free in table section handling.
Credit to miaubiz.
[$
1000
] [
120944
]
High
CVE-2012-2818: Use-after-free in counter layout.
Credit to miaubiz.
[
120977
]
High
CVE-2012-2819: Crash in texture handling.
Credit to Ken “gets” Russell of the Chromium development community.
[
121926
]
Medium
CVE-2012-2820: Out-of-bounds read in SVG filter handling.
Credit to Atte Kettunen of OUSPG.
[
122925
]
Medium
CVE-2012-2821: Autofill display problem.
Credit to “simonbrown60”.
[various]
Medium
CVE-2012-2822: Misc. lower severity OOB read issues in PDF.
Credit to awesome ASAN and various Googlers (Kostya Serebryany, Evgeniy Stepanov, Mateusz Jurczyk, Gynvael Coldwind).
[$
1000
] [
124356
]
High
CVE-2012-2823: Use-after-free in SVG resource handling.
Credit to miaubiz.
[$
1000
] [
125374
]
High
CVE-2012-2824: Use-after-free in SVG painting.
Credit to miaubiz.
[
128688
]
Medium
CVE-2012-2826: Out-of-bounds read in texture conversion.
Credit to Google Chrome Security Team (Inferno).
[Mac only] [
129826
]
Low
CVE-2012-2827: Use-after-free in Mac UI.
Credit to the Chromium development community (Dharani Govindan).
[
129857
]
High
CVE-2012-2828: Integer overflows in PDF.
Credit to Mateusz Jurczyk of Google Security Team
with contributions by Gynvael Coldwind of Google Security Team
and Google Chrome Security Team (Chris Evans).
[$
1000
] [
129947
]
High
CVE-2012-2829: Use-after-free in first-letter handling.
Credit to miaubiz.
[$
1000
] [
129951
]
High
CVE-2012-2830: Wild pointer in array value setting.
Credit to miaubiz.
[Windows only] [
130276
]
Low
CVE-2012-2764: Unqualified load of metro DLL.
Credit to Moshe Zioni of Comsec Consulting.
[$
1000
] [
130356
]
High
CVE-2012-2831: Use-after-free in SVG reference handling.
Credit to miaubiz.
[
131553
]
High
CVE-2012-2832: Uninitialized pointer in PDF image codec.
Credit to Mateusz Jurczyk of Google Security Team
with contributions by Gynvael Coldwind of Google Security Team
.
[
132156
]
High
CVE-2012-2833: Buffer overflow in PDF JS API.
Credit to Mateusz Jurczyk of Google Security Team.
[$
1000
] [
132779
]
High
CVE-2012-2834: Integer overflow in Matroska container.
Credit to Jüri Aedla.
And some additional rewards for issues with a wider scope than Chrome:
[$
500
] [
127417
]
Medium
CVE-2012-2825: Wild read in XSL handling.
Credit to Nicholas Gregoire.
[64-bit Linux only] [$
3000
] [
129930
]
High
CVE-2012-2807: Integer overflows in libxml.
Credit to Jüri Aedla.
Many of the above bugs were detected using
AddressSanitizer
.
We’d also like to thank Arthur Gerkis, Atte Kettunen of OUSPG and miaubiz for working with us during the development cycle and preventing security regressions from ever reaching the stable channel. Various additional rewards were issued for this awesomeness.
Full details about what changes are in this release are available in the
SVN revision log
. Interested in hopping on the stable channel?
Find out how
. If you find a new issue, please let us know by
filing a bug
.
Dharani Govindan
Google Chrome
Labels
Admin Console
43
Android WebView
19
Beta
21
Beta update
4
Beta updates
1991
chrome
15
Chrome Dev for Android
122
Chrome for Android
923
Chrome for iOS
362
Chrome for Meetings
5
Chrome OS
1149
Chrome OS Flex
22
Chrome OS Management
12
Chromecast Update
6
ChromeOS
194
ChromeOS Flex
191
Desktop Update
1083
dev update
266
Dev updates
1491
Early Stable Updates
45
Extended Stable updates
121
Flash Player update
5
Flex
1
Hangouts Meet hardware
5
LTS
84
stable
9
Stable updates
1212
Archive
2024
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2023
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2022
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2021
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2020
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2019
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2018
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2017
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2016
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2015
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2014
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2012
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2010
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2009
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2008
Dec
Nov
Oct
Sep
Give us feedback in our
Product Forums
.