Tuesday, November 12, 2013

Stable Channel Update

Chrome has been updated to 31.0.1650.48 for Windows, Mac, Linux and Chrome Frame.

Flash Player has been updated to 11.9.900.152, which is included w/ this release.

Security Fixes and Rewards


Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.


This update includes 25 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.


[$500][268565] Medium CVE-2013-6621: Use after free related to speech input elements. Credit to Khalil Zhani.
[$2000][272786] High CVE-2013-6622: Use after free related to media elements. Credit to cloudfuzzer.
[$500][282925] High CVE-2013-6623: Out of bounds read in SVG. Credit to miaubiz.
[$1000][290566] High CVE-2013-6624: Use after free related to “id” attribute strings. Credit to Jon Butler.
[$2000][295010] High CVE-2013-6625: Use after free in DOM ranges. Credit to cloudfuzzer.
[295695] Low CVE-2013-6626: Address bar spoofing related to interstitial warnings. Credit to Chamal de Silva.
[$4000][299892] High CVE-2013-6627: Out of bounds read in HTTP parsing. Credit to skylined.
[$1000][306959] Medium CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco of INRIA Paris.


We would also like to thank miaubiz and Atte Kettunen of OUSPG for working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $2000 in additional rewards were issued.


As usual, our ongoing internal security work responsible for a wide range of fixes:
  • [315823] Medium-Critical CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives.
  • [258723] Medium CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo. Credit to Michal Zalewski of Google.
  • [299835] Medium CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo. Credit to Michal Zalewski of Google.
  • [296804] High CVE-2013-6631: Use after free in libjingle. Credit to Patrik Höglund of the Chromium project.

Many of the above bugs were detected using AddressSanitizer.


A full list of changes is available in the SVN log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Anthony Laforge
Google Chrome

Labels:

21 Comments:

Blogger Sérgio Meneses said...

30 or 31 ?

8:19 AM, November 12, 2013  
Blogger phant said...

31.0.1650.48 m

8:26 AM, November 12, 2013  
Blogger Sérgio Meneses said...

Because in the description is "Stable Channel Update
Chrome has been updated to 30.0.1599.101 for Windows, Mac, Linux and Chrome Frame." can induce in error

8:41 AM, November 12, 2013  
Blogger Sérgio Meneses said...

Will every one make mistakes , i'am portuguese, I'am sorry if make many mistakes , it'all correct have a nice day

8:49 AM, November 12, 2013  
Blogger Sam Scott said...

This comment has been removed by the author.

8:50 AM, November 12, 2013  
Blogger Will said...

I know we all make mistakes, you're right Sérgio, I've just seen it a few times on this blog with little things (although this one was corrected), it kind of makes me think about the code when such basic mistakes make it on to an official Google blog! But you're right.

I was going to delete my comment but think it was removed haha, hopefully because I swore and not because Anthony didn't like it..

11:02 AM, November 12, 2013  
Blogger Onlyme said...

2 of my favorite extensions have stopped working on all three computers after update.
What's happened?

11:07 AM, November 12, 2013  
Blogger rdubenezic said...

How long does it take chrome to update? It's 2:53PM EST and chrome hasn't updated. Thanks.

11:54 AM, November 12, 2013  
Blogger Rafael Hilário said...

Where has the function to search any image on any web site using the right mouse button? I did not find this functionality in this version can help me? Thank you!

12:09 PM, November 12, 2013  
Blogger LT said...

When will V31 get released for ChromeOS on the AcerC7? We have been trying to update our devices to no avail (both managed and unmanaged) as V31 is the only one that works so far with the Scholastic Read180 intervention program. We are looking at rolling a bunch of devices back to DevMode to accommodate.

12:32 PM, November 12, 2013  
Blogger iron2000 said...

Not good.
These bugs got passed down from Dev to Beta and now this Stable.

https://code.google.com/p/chromium/issues/detail?can=2&start=0&num=100&q=&colspec=ID%20Pri%20M%20Iteration%20ReleaseBlock%20Cr%20Status%20Owner%20Summary%20OS%20Modified&groupby=&sort=&id=304578
https://code.google.com/p/chromium/issues/detail?can=2&start=0&num=100&q=&colspec=ID%20Pri%20M%20Iteration%20ReleaseBlock%20Cr%20Status%20Owner%20Summary%20OS%20Modified&groupby=&sort=&id=300685

5:27 PM, November 12, 2013  
Blogger Kamal Hassan said...

This comment has been removed by the author.

5:35 PM, November 12, 2013  
Blogger Kamal Hassan said...

You could have mentioned that you changed the install path. Chrome now installs in programme files.

5:37 PM, November 12, 2013  
Blogger Andrács said...

This update seems to break the --disable-breakpad switch.

Chrome.exe can not be started with this switch after this update.

Best regards :)

2:42 AM, November 14, 2013  
Blogger Darren Watkinson said...

This comment has been removed by the author.

4:45 AM, November 14, 2013  
Blogger Darren Watkinson said...

Since this update, my PC freezes. Event log blames Chrome (Win 8.1 x64).

4:47 AM, November 14, 2013  
Blogger CRISTIAN.A said...

quiero reportar error en cargas de páginas web, sobre todo flash, o CSS. por las cuales hay que recargar las paginas. por otro lado bajo un poco casi inotable el rendimiento.

config: win 8.1 pro (actualizado) si quieren más informacion la puedo enviar si me la piden.

gracias.

6:57 AM, November 14, 2013  
Blogger Eric Ahnell said...

CRISTIAN.A, no eres la única persona que experimenta las páginas en blanco al cargar flash o CSS sitios Web. Hay varios bugs abiertos sobre las páginas en blanco: https://code.google.com/p/chromium/issues/list?q=blank+pages

10:42 AM, November 14, 2013  
Blogger necessary3vil said...

It appears that this bug, https://code.google.com/p/chromium/issues/detail?id=290399 was re-introduced in this update.

12:55 PM, November 14, 2013  
Blogger Ken Danieli said...

I've had AutoHotKeys running for years. I primarily use Chrome.

I simply have a few keywords (strings of text) attached to keyboard combos. For example when I want to paste my XeeMe URL in, I just use an AHK-defined keyboard combo and it pastes the whole URL in.

Today, for the first time, I cannot paste these words into any Chrome field by using the normal keyboard combos.

They work in IE. They work in Notepad. I've tried rebooting. But here, because I'm using Chrome, I can't paste in anything.

I've never had a tech issue with AHK.

What could be blocking this in Chrome?

(Note New version Chrome 31 was just updated yesterday...could that be the problem? Also Windows just did security updates to Win 7 today. )

Thanks,

2:54 PM, November 14, 2013  
Blogger conradoelingeniero said...

With this release many Feng Office users are reporting inability to upload files.

Does anybody know if the issue is already reported?

We are currently analyzing the issue, but if there is a bug report already we can add to that instead of duplicating.

Thanks!

7:31 AM, November 19, 2013  

Post a Comment

Subscribe to Post Comments [Atom]

<< Home