Chrome Releases
Release updates from the Chrome team
Stable Channel Release and Beta Channel Update
Tuesday, November 6, 2012
The Chrome team is excited to announce the release of Chrome 23 to the Stable Channel.
23.0.1271.64
for Windows, Mac, Linux, and Chrome Frame.
Chrome 23 contains a number of new features including GPU accelerated video decoding on Windows and easier website permissions
.
More detailed updates are available on the
Chrome Blog
.
Security fixes and rewards:
Please see
the Chromium security page
for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
Occasionally, we issue special rewards for bugs outside of Chrome, particularly where the bug is very severe and/or we are able to partially work around the issue:
[Mac OS only] [$
1000
] [
149904
]
High
CVE-2012-5115: Defend against wild writes in buggy graphics drivers.
Credit to miaubiz.
And back to your regular scheduled rewards, including some at the new higher levels:
[$
3500
] [
157079
]
Medium
CVE-2012-5127: Integer overflow leading to out-of-bounds read in WebP handling.
Credit to Phil Turnbull.
[Linux 64-bit only] [$
1500
] [
150729
]
Medium
CVE-2012-5120: Out-of-bounds array access in v8.
Credit to Atte Kettunen of OUSPG.
[$
1000
] [
143761
]
High
CVE-2012-5116: Use-after-free in SVG filter handling.
Credit to miaubiz.
[Mac OS only] [$
1000
] [
149717
]
High
CVE-2012-5118: Integer bounds check issue in GPU command buffers.
Credit to miaubiz.
[$
1000
] [
154055
]
High
CVE-2012-5121: Use-after-free in video layout.
Credit to Atte Kettunen of OUSPG.
[
145915
]
Low
CVE-2012-5117: Inappropriate load of SVG subresource in img context.
Credit to Felix Gröbert of the Google Security Team.
[
149759
]
Medium
CVE-2012-5119: Race condition in Pepper buffer handling.
Credit to Fermin Serna of the Google Security Team.
[
154465
]
Medium
CVE-2012-5122: Bad cast in input handling.
Credit to Google Chrome Security Team (Inferno).
[
154590
] [
156826
]
Medium
CVE-2012-5123: Out-of-bounds reads in Skia.
Credit to Google Chrome Security Team (Inferno).
[
155323
]
High
CVE-2012-5124: Memory corruption in texture handling.
Credit to Al Patrick of the Chromium development community.
[
156051
]
Medium
CVE-2012-5125: Use-after-free in extension tab handling.
Credit to Alexander Potapenko of the Chromium development community.
[
156366
]
Medium
CVE-2012-5126: Use-after-free in plug-in placeholder handling.
Credit to Google Chrome Security Team (Inferno).
[
157124
]
High
CVE-2012-5128: Bad write in v8.
Credit to Google Chrome Security Team (Cris Neckar).
Many of the above bugs were detected using
AddressSanitizer
.
The security issues in V8 have been fixed in v8-3.13.7.5.
We’d also like to thank miaubiz for working with us during the development cycle and preventing security regressions from ever reaching the stable channel. Rewards were issued.
This version also has a new Adobe Flash. More details can be found
here
.
Full details about what changes are in this release are available in the
SVN revision log
. Interested in hopping on the stable channel?
Find out how
. If you find a new issue, please let us know by
filing a bug
.
Karen Grunberg
Google Chrome
Labels
Admin Console
43
Android WebView
19
Beta
21
Beta update
4
Beta updates
2024
chrome
15
Chrome Dev for Android
130
Chrome for Android
951
Chrome for iOS
381
Chrome for Meetings
5
Chrome OS
1149
Chrome OS Flex
22
Chrome OS Management
12
Chromecast Update
6
ChromeOS
211
ChromeOS Flex
208
Desktop Update
1117
dev update
266
Dev updates
1508
Early Stable Updates
49
Extended Stable updates
130
Flash Player update
5
Flex
1
Hangouts Meet hardware
5
LTS
88
stable
11
Stable updates
1247
Archive
2024
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2023
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2022
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2021
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2020
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2019
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2018
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2017
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2016
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2015
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2014
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2012
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2010
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2009
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2008
Dec
Nov
Oct
Sep
Give us feedback in our
Product Forums
.