Wednesday, January 21, 2015

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 40 to the stable channel for Windows, Mac and Linux. Chrome 40.0.2214.91 contains a number of fixes and improvements, including:
  • Updated info dialog for Chrome app on Windows and Linux.
  • A new clock behind/ahead error message.
A partial list of changes is available in the log.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 62 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

[$5000][430353] High CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning.
[$4500][435880] High CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne.
[$4000][434136] High CVE-2014-7925: Use-after-free in WebAudio. Credit to
[$4000][422824] High CVE-2014-7926: Memory corruption in ICU. Credit to yangdingning.
[$3500][444695] High CVE-2014-7927: Memory corruption in V8. Credit to Christian Holler.
[$3500][435073] High CVE-2014-7928: Memory corruption in V8. Credit to Christian Holler.
[$3000][442806] High CVE-2014-7930: Use-after-free in DOM. Credit to cloudfuzzer.
[$3000][442710] High CVE-2014-7931: Memory corruption in V8. Credit to cloudfuzzer.
[$2000][443115] High CVE-2014-7929: Use-after-free in DOM. Credit to cloudfuzzer.
[$2000][429666] High CVE-2014-7932: Use-after-free in DOM. Credit to Atte Kettunen of OUSPG.
[$2000][427266] High CVE-2014-7933: Use-after-free in FFmpeg. Credit to Aki Helin of OUSPG.
[$2000][427249] High CVE-2014-7934: Use-after-free in DOM. Credit to cloudfuzzer.
[$2000][402957] High CVE-2014-7935: Use-after-free in Speech. Credit to Khalil Zhani.
[$1500][428561] High CVE-2014-7936: Use-after-free in Views. Credit to Christoph Diehl.
[$1500][419060] High CVE-2014-7937: Use-after-free in FFmpeg. Credit to Atte Kettunen of OUSPG.
[$1000][416323] High CVE-2014-7938: Memory corruption in Fonts. Credit to Atte Kettunen of OUSPG.
[$1000][399951] High CVE-2014-7939: Same-origin-bypass in V8. Credit to Takeshi Terada.
[$1000][433866] Medium CVE-2014-7940: Uninitialized-value in ICU. Credit to miaubiz.
[$1000][428557] Medium CVE-2014-7941: Out-of-bounds read in UI. Credit to Atte Kettunen of OUSPG and Christoph Diehl.
[$1000][426762] Medium CVE-2014-7942: Uninitialized-value in Fonts. Credit to miaubiz.
[$1000][422492] Medium CVE-2014-7943: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.
[$1000][418881] Medium CVE-2014-7944: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
[$1000][414310] Medium CVE-2014-7945: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
[$1000][414109] Medium CVE-2014-7946: Out-of-bounds read in Fonts. Credit to miaubiz.
[$500][430566] Medium CVE-2014-7947: Out-of-bounds read in PDFium. Credit to fuzztercluck.
[$500][414026] Medium CVE-2014-7948: Caching error in AppCache. Credit to Yaoqi Jia.

We would also like to thank Atte Kettunen of OUSPG, Christian Holler, cloudfuzzer and Khalil Zhani for working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $35000 in additional rewards were issued.

As usual, our ongoing internal security work was responsible for a wide range of fixes
  • [449894] CVE-2015-1205: Various fixes from internal audits, fuzzing and other initiatives.
  • Multiple vulnerabilities in V8 fixed at the tip of the 3.30 branch (currently
Many of the above bugs were detected using AddressSanitizer or MemorySanitizer.

Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Matthew Yuan
Google Chrome



Anonymous Anonymous said...

What happened to "Switch to", it's not working in this release

3:32 PM, January 21, 2015  
Blogger Megan Ryan said...

Also why is adobe's flash player version now 16.287?

3:46 PM, January 21, 2015  
Blogger Kyle Lilley said...

Adobe Flash versions can be different across the various platforms. This is a different build than the Active-X or Plugin version.

4:46 PM, January 21, 2015  
Blogger J Moch said...

After two months of waiting for the a stable update for version 40.

I STILL have problems with the bug that I've had since Thanksgiving. Where whenever you click on a link, then hover any other link. The white loading bar on the bottom left will not go away unless I hover outside of the browser, such as going to Chrome settings.

I expected this annoying little bugs to have been taken care of aeons ago.

7:26 PM, January 21, 2015  
Blogger Joshua said...

Any way to know BUG 428706 is officially resolved in this stable release so I can pass this to my customer base?

9:23 PM, January 21, 2015  
Blogger Unknown said...

So, stable 40.0.2214.91 is more advanced that beta 40.0.2214.85 ?

10:17 PM, January 21, 2015  
Blogger Rob Janssen said...

Yeah, if you could stop changing fontrendering every other version that would be great...

2:50 AM, January 22, 2015  
Blogger said...

@Megan Ryan,
Here is the reason for Flash Player update to
Security updates available for Adobe Flash Player
Release date: January 22, 2015

9:18 AM, January 22, 2015  
Blogger Michaela said...

My Chrome is fully up to date but every time I launch Google Chrome all my desktop icons refresh themselves. It has been happening for a short while before this new latest update. I have found that lots of people seem to have the same issue.
When is this going to be permanently fixed ????
I am using Windows7 sp1 (64 bit)
Desktop icons DON't not refresh themselves when I launch IE 11.

9:21 AM, January 22, 2015  
Blogger Rob Janssen said...

@Michaela: now that you mention it... Can confirm; same here. I didn't notice it that much but subconsciously it must've registered. I checked it explicitly and, indeed, when I close Chrome and launch a new instance: BOOM. Refresh!

Launching an instances when Chrome is already running: no problem (not even with Inprivate windows).

11:09 AM, January 22, 2015  
Blogger unknownman72 said...

Hello Google team and people, I don´t know if it is mistake on your side, but do you have lags on YouTube now? I have terrible lags when I´m watching YouTube videos, I donť have that lags before version 40. I don´t know what is it, but can Google please fix it. It is terrible. Thank you for your understand, and I wish lot of successes in developing Google Chrome. Bye.

5:35 AM, January 23, 2015  
Blogger bowlby4 said...

With this update, the click to play (plug-ins) has now changed to right click and select run this plug-in. Is this a mistake or intentional. This breaks several video players for me.

11:00 PM, January 23, 2015  
Blogger newwave said...

Very unstable! Version 40.0.2214.91 (64-bit) often crashes on OS X 10.7.5.

2:06 AM, January 25, 2015  
Blogger Peter Schilter said...

Hello Google, in this version I have problems when I leaf through picture galleries. The images are displayed delayed! When I click the mouse, it sure takes 4 seconds and the correct image is then displayed. Here's an example:
Thanks for the correction.

11:31 PM, January 25, 2015  
Blogger The Crocodile said...

The 40.0.2214.91 (64-bit) version is having issues rendering google fonts chars like: &rsaquo, &ndash, &mdash, adding strange symbols, the meta charset is set as : charset="UTF-8".

This was working perfect on the previous version, it looks fine in other browsers though.

any workaround this issue?
pd: I'm using :,200,300,400 stylesheet.

8:19 AM, January 26, 2015  
Blogger Cara Mengobati said...

whether in Indonesia at no algorithm update google as well ?? I happened to enter your site and I'm from the country Indonesia. thank you for your knowledge. obat herbal stroke

5:10 PM, January 26, 2015  

Post a Comment

Subscribe to Post Comments [Atom]

<< Home