The Chrome team is delighted to announce the promotion of Chrome 40 to the stable channel for Windows, Mac and Linux. Chrome 40.0.2214.91 contains a number of fixes and improvements, including:
- Updated info dialog for Chrome app on Windows and Linux.
- A new clock behind/ahead error message.
A partial list of changes is available in the
log.
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes
62 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the
Chromium security page for more information.
[$5000][
430353]
High CVE-2014-7923: Memory corruption in ICU.
Credit to yangdingning.
[$4500][
435880]
High CVE-2014-7924: Use-after-free in IndexedDB.
Credit to Collin Payne.
[$4000][
434136]
High CVE-2014-7925: Use-after-free in WebAudio.
Credit to mark.buer@booktrack.com.
[$4000][
422824]
High CVE-2014-7926: Memory corruption in ICU.
Credit to yangdingning.
[$3500][
444695]
High CVE-2014-7927: Memory corruption in V8.
Credit to Christian Holler.
[$3500][
435073]
High CVE-2014-7928: Memory corruption in V8.
Credit to Christian Holler.
[$3000][
442806]
High CVE-2014-7930: Use-after-free in DOM.
Credit to cloudfuzzer.
[$3000][
442710]
High CVE-2014-7931: Memory corruption in V8.
Credit to cloudfuzzer.
[$2000][
443115]
High CVE-2014-7929: Use-after-free in DOM.
Credit to cloudfuzzer.
[$2000][
429666]
High CVE-2014-7932: Use-after-free in DOM.
Credit to Atte Kettunen of OUSPG.
[$2000][
427266]
High CVE-2014-7933: Use-after-free in FFmpeg.
Credit to Aki Helin of OUSPG.
[$2000][
427249]
High CVE-2014-7934: Use-after-free in DOM.
Credit to cloudfuzzer.
[$2000][
402957]
High CVE-2014-7935: Use-after-free in Speech.
Credit to Khalil Zhani.
[$1500][
428561]
High CVE-2014-7936: Use-after-free in Views.
Credit to Christoph Diehl.
[$1500][
419060]
High CVE-2014-7937: Use-after-free in FFmpeg.
Credit to Atte Kettunen of OUSPG.
[$1000][
416323]
High CVE-2014-7938: Memory corruption in Fonts.
Credit to Atte Kettunen of OUSPG.
[$1000][
399951]
High CVE-2014-7939: Same-origin-bypass in V8.
Credit to Takeshi Terada.
[$1000][
433866]
Medium CVE-2014-7940: Uninitialized-value in ICU.
Credit to miaubiz.
[$1000][
428557]
Medium CVE-2014-7941: Out-of-bounds read in UI.
Credit to Atte Kettunen of OUSPG and Christoph Diehl.
[$1000][
426762]
Medium CVE-2014-7942: Uninitialized-value in Fonts.
Credit to miaubiz.
[$1000][
422492]
Medium CVE-2014-7943: Out-of-bounds read in Skia.
Credit to Atte Kettunen of OUSPG.
[$1000][
418881]
Medium CVE-2014-7944: Out-of-bounds read in PDFium.
Credit to cloudfuzzer.
[$1000][
414310]
Medium CVE-2014-7945: Out-of-bounds read in PDFium.
Credit to cloudfuzzer.
[$1000][
414109]
Medium CVE-2014-7946: Out-of-bounds read in Fonts.
Credit to miaubiz.
[$500][
430566]
Medium CVE-2014-7947: Out-of-bounds read in PDFium.
Credit to fuzztercluck.
[$500][
414026]
Medium CVE-2014-7948: Caching error in AppCache.
Credit to Yaoqi Jia.
We would also like to thank
Atte Kettunen of OUSPG, Christian Holler, cloudfuzzer and Khalil Zhani for working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $35000 in additional rewards were issued.
As usual, our ongoing internal security work was responsible for a wide range of fixes
- [449894] CVE-2015-1205: Various fixes from internal audits, fuzzing and other initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 3.30 branch (currently 3.30.33.15).
Many of the above bugs were detected using
AddressSanitizer or
MemorySanitizer.
Interested in switching release channels?
Find out how. If you find a new issue, please let us know by
filing a bug.
Matthew Yuan
Google Chrome
Follow
16 comments :
What happened to "Switch to google.com", it's not working in this release
Also why is adobe's flash player version now 16.287?
Adobe Flash versions can be different across the various platforms. This is a different build than the Active-X or Plugin version.
After two months of waiting for the a stable update for version 40.
I STILL have problems with the bug that I've had since Thanksgiving. Where whenever you click on a link, then hover any other link. The white loading bar on the bottom left will not go away unless I hover outside of the browser, such as going to Chrome settings.
I expected this annoying little bugs to have been taken care of aeons ago.
Any way to know BUG 428706 is officially resolved in this stable release so I can pass this to my customer base?
So, stable 40.0.2214.91 is more advanced that beta 40.0.2214.85 ?
Yeah, if you could stop changing fontrendering every other version that would be great...
@Megan Ryan,
Here is the reason for Flash Player update to 16.0.0.287:
Security updates available for Adobe Flash Player
Release date: January 22, 2015
http://helpx.adobe.com/security/products/flash-player/apsb15-02.html
My Chrome is fully up to date but every time I launch Google Chrome all my desktop icons refresh themselves. It has been happening for a short while before this new latest update. I have found that lots of people seem to have the same issue.
When is this going to be permanently fixed ????
I am using Windows7 sp1 (64 bit)
Desktop icons DON't not refresh themselves when I launch IE 11.
@Michaela: now that you mention it... Can confirm; same here. I didn't notice it that much but subconsciously it must've registered. I checked it explicitly and, indeed, when I close Chrome and launch a new instance: BOOM. Refresh!
Launching an instances when Chrome is already running: no problem (not even with Inprivate windows).
Hello Google team and people, I don´t know if it is mistake on your side, but do you have lags on YouTube now? I have terrible lags when I´m watching YouTube videos, I donť have that lags before version 40. I don´t know what is it, but can Google please fix it. It is terrible. Thank you for your understand, and I wish lot of successes in developing Google Chrome. Bye.
With this update, the click to play (plug-ins) has now changed to right click and select run this plug-in. Is this a mistake or intentional. This breaks several video players for me.
Very unstable! Version 40.0.2214.91 (64-bit) often crashes on OS X 10.7.5.
Hello Google, in this version I have problems when I leaf through picture galleries. The images are displayed delayed! When I click the mouse, it sure takes 4 seconds and the correct image is then displayed. Here's an example: http://www.20min.ch/schweiz/zuerich/story/Warum-durfte-Ruefer-nicht-weitermoderieren--13994764
Thanks for the correction.
The 40.0.2214.91 (64-bit) version is having issues rendering google fonts chars like: &rsaquo, &ndash, &mdash, adding strange symbols, the meta charset is set as : charset="UTF-8".
This was working perfect on the previous version, it looks fine in other browsers though.
any workaround this issue?
pd: I'm using : http://fonts.googleapis.com/css?family=Ubuntu:100,200,300,400 stylesheet.
whether in Indonesia at no algorithm update google as well ?? I happened to enter your site and I'm from the country Indonesia. thank you for your knowledge. obat herbal stroke
Post a Comment