Monday, March 28, 2011

Beta Channel Update

Note: We've just updated the Beta Channel to 11.0.696.28 for Macintosh, Windows, Linux and Chrome Frame platforms. The only addition is localized translations.

The Beta channel has been updated to 11.0.696.25 for Macintosh, Windows, Linux and Chrome Frame platforms

The following bugs were fixed
  • cloud print: Error running service on the headless machine (Issue 76991).
  • sync: Not registering for NIGORI data types (Issue 76268).
  • A known crash (Issue 76998 ).
  • REGRESSION: img of extensions not displayed in chrome://extensions within an incognito window (Issue 74905).
  • Cloud policy fetch loop upon POLICY_NOT_FOUND answer from the server (Issue 77232).
  • Token fetcher doesn't correctly enter unmanaged state (Issue 77185).
  • Memory Leak in ChromeFrame in the AutomationResourceMessageFilter::SetCookiesForUrl function (Issue 77421).
  • REGRESSION: Arrows not showing up on tabstrip while dropping links (Issue 74764).
  • Java: Direct users to the right download page (Issue 76634).
  • add es-419, fr-Foo and en-Foo and zh_HK/zh_Hant_HK to Accept-Language list(Issue 62715).
You can find full details about the changes that are in this version of Chrome 11 in the SVN revision log.

If you find new issues, please let us know by filing a bug.

Want to change to another Chrome release channel? Find out how.

Karen Grunberg
Google Chrome

Thursday, March 24, 2011

Dev Channel Update

The Dev channel has been updated to 12.0.712.0 for Windows, Mac, Linux, Chrome Frame.

This release contains lots of behind the scenes work (code cleanup and refactorings) in addition to numerous crash and regresson fixes.

All
  • Updated V8 - 3.2.3.1
Win
  • Tab Multi-Select - The ability to select multiple tabs, using the ctrl key, and applying actions (e.g. reload) to them all.
Mac
  • New and improved bookmark bar animations
  • Mac Confirm to Quit feature has been moved to the Chrome menu --> Warn Before Quitting
More details about additional changes are available in the svn log of all revision.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry


Anthony Laforge
Google Chrome


Stable Channel Update

The Chrome Stable and Beta channels have been updated to 10.0.648.204 for Windows, Mac, Linux and Chrome Frame.  Included in this release is support for the password manager on Linux, performance and stability fixes, as well as the security fixes listed below.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
  • [$500] [72517] High CVE-2011-1291: Buffer error in base string handling. Credit to Alex Turpin.
  • [$1000] [73216] High CVE-2011-1292: Use-after-free in the frame loader. Credit to Sławomir Błażek.
  • [$2000] [73595] High CVE-2011-1293: Use-after-free in HTMLCollection. Credit to Sergey Glazunov.
  • [$1500] [74562] High CVE-2011-1294: Stale pointer in CSS handling. Credit to Sergey Glazunov.
  • [$2000] [74991] High CVE-2011-1295: DOM tree corruption with broken node parentage. Credit to Sergey Glazunov.
  • [$1500] [75170] High CVE-2011-1296: Stale pointer in SVG text handling. Credit to Sergey Glazunov.
The full list of changes is available from the SVN revision log.  If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.
 
Jason Kersey
Google Chrome

Tuesday, March 22, 2011

Chrome OS Beta Channel Update

The Chrome OS Beta channel has been updated to the latest R10 release 0.10.156.54 including Chrome update (10.0.648.151) and trackpad dead zone width adjustment.

Full details of the Chrome 10 beta update is available in the blogpost. If you find new issues, please let us know by visiting our help site or filing a bug.


Josafat Garcia
Google Chrome

Chrome Beta Release

The Chrome team is happy to announce the arrival of Chrome 11.0.696.16 to the Beta channel for Windows, Mac, and Linux.

Chrome 11 contains some really great improvements including:
  • HTML5 speech input API
  • GPU-accelerated 3D CSS
  • The brand new shiny Chrome icon

More on what's new at the Official Chrome Blog.

You can find full details about the changes that are in Chrome 11 in the SVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Karen Grunberg
Google Chrome

Monday, March 21, 2011

Dev Channel Update

The Dev channel has been updated to 11.0.696.16 for Macintosh, Windows, Linux and Chrome Frame platforms

The following bugs were fixed
  • clicking on the labels of checkboxes / radio buttons closes content settings dialog box (Issue 76115).
  • Unlock Keyring makes chrome unusable (Issue 72499 ).
  • Sample extension for chrome.experimental.proxy API (Issue 62700 ).
  • Several known crashes (Issue 76401 and Issue 75264 ).

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.



If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Karen Grunberg
Google Chrome

Thursday, March 17, 2011

Dev Channel Update

The Dev channel has been updated to 11.0.696.14 for Macintosh, Windows, Linux and Chrome Frame platforms

The following bugs were fixed
  • about:gpu can still launch GPU process even though GPU is blocked by software rendering list (Issue 76115).
  • REGRESSION: After crash, Restore infobar shows up everytime you open a link from external app (Issue 75654 ).
  • App context-menu doesn't disappear even after uninstalling the extension, causes crash when selected (Issue 75662).
  • A known crash (Issue 74777).
  • Fails SPDY-related check (Issue 75657).

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.



If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Karen Grunberg
Google Chrome

Stable and Beta Channel Updates


The Chrome Stable and Beta channels have been updated to 10.0.648.151 for Windows, Mac, Linux and Chrome Frame.  This release blacklists a small number of HTTPS certificates.  If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.
 
Jason Kersey
Google Chrome

Tuesday, March 15, 2011

Dev Channel Update

The Dev channel has been updated to 11.0.696.12 for Macintosh, Windows, Linux and Chrome Frame platforms

The following bugs were fixed
  • New York Times Chrome app crashes on the Chorme Dev Channel (Issue 75563).
  • Sync login dlg is truncated (Issue 72490 ).
  • Status bar / target URL not shown when hovering over links(Issue 75268).
  • Several known crashes (Issues 75171 and 75443 and 75828).
  • Bookmark focus is not lost when moved away from the bookmark bar (Issue 75367).
  • Tooltips from browser tabs are persisting for too long (Issue 75334 ).
  • Content settings updates don't reflect the current Incognito session(Issue 74466).
  • NewTabPage is not updating when a new theme is applied (Issue 74311).
  • fixed download requests in chrome frame which occur in response to top level POSTs (Issue 73985 ).
  • Chrome locks up on form submit, constantly duplicating autofill settings to blame(Issue 74911).

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.



If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Karen Grunberg
Google Chrome

Stable and Beta Channel Updates


The Chrome Stable and Beta channels have been updated to 10.0.648.134 for Windows, Mac, Linux and Chrome Frame. This release contains an updated version of the Adobe Flash player. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Jason Kersey
Google Chrome

Friday, March 11, 2011

Stable and Beta Channel Updates

The Chrome Stable and Beta channels have been updated to 10.0.648.133 for Windows, Mac, Linux and Chrome Frame. This release fixes the following security issue:

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
  • [$1337] CVE-2011-1290 [75712] High Memory corruption in style handling. Credit to Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers reported through ZDI (ZDI-CAN-1167).
If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Jason Kersey
Google Chrome

Thursday, March 10, 2011

Dev Channel Update

The Dev channel has been updated to 11.0.696.3 for All platforms

The following bugs were fixed
  • Can not select omnibox auto suggested entries by clicking at it (Issue 75366).
  • Linux: "Behavior " string is not externalized on the Exceptions page(Issue 74080).
  • Chromium not loading some plugins (Issue 75351).
  • POST omits body after NTLM authentication (Issue 62687).

Known Issues
  • Crash when opening tab/startup @ SkBitmap::lockPixels (Issue 75531).

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.



If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Karen Grunberg
Google Chrome

Chrome OS Beta Channel Update

The Chrome OS Beta channel has been updated to the latest R10 release 0.10.156.50 including the new Chrome 10 (10.0.648.127). Full details of the Chrome 10 release is available in the blogpost
If you find new issues, please let us know by visiting our help site or filing a bug.

Josafat Garcia
Google Chrome 

Tuesday, March 8, 2011

Dev Channel Update

Update: The dev channel has now been updated now to 11.0.696.1 for Linux

The Dev channel has been updated to 11.0.696.0 for Windows, Macintosh, and Chrome Frame platforms

All
  • Updated V8 - 3.2.0.1
  • New “cookies and other data” page in tabbed settings (Issue 64154).
Mac
  • Turned confirm to quit on by default (Issue 60591)
  • Tweak the Tab Overview UI (Issue 50307)
  • Cloud Print connector UI enabled.
Known Issues
  • Regression: Can not select omnibox auto suggested entries by clicking at it (Issue 75366)
  • REGRESSION: Bookmark focus is not lost when moved away from the bookmark bar (Issue 75367)
More details about additional changes are available in the log of all revisions. You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.

 If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry Karen Grunberg
Google Chrome

Chrome Stable Release

The Google Chrome team is excited to announce the arrival of Chrome 10.0.648.127 to the Stable Channel for Windows, Mac, Linux, and Chrome Frame.  Chrome 10 contains some really great improvements including:
  • New version of V8 - Crankshaft - which greatly improves javascript performance
  • New settings pages that open in a tab, rather than a dialog box
  • Improved security with malware reporting and disabling outdated plugins by default
  • Sandboxed Adobe Flash on Windows
  • Password sync as part of Chrome Sync now enabled by default
  • GPU Accelerated Video
  • Background WebApps
  • webNavigation extension API (experimental but ready for testing)

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

As can be seen, a few lower-severity issues were rewarded on account of being particularly interesting or clever. And some rewards were issued at the $1500 and $2000 level, reflecting bug reports where the reporter also worked with Chromium developers to provide an accepted patch.
  • [42574] [42765] Low Possible to navigate or close the top location in a sandboxed frame. Credit to sirdarckcat of the Google Security Team.
  • [Linux only] [49747] Low Work around an X server bug and crash with long messages. Credit to Louis Lang.
  • [Linux only] [66962] Low Possible browser crash with parallel print()s. Credit to Aki Helin of OUSPG.
  • [$1337] [69187] Medium Cross-origin error message leak. Credit to Daniel Divricean.
  • [$500] [69628] High Memory corruption with counter nodes. Credit to Martin Barbella.
  • [$1000] [70027] High Stale node in box layout. Credit to Martin Barbella.
  • [$500] [70336] Medium Cross-origin error message leak with workers. Credit to Daniel Divricean.
  • [$1000] [70442] High Use after free with DOM URL handling. Credit to Sergey Glazunov.
  • [Linux only] [70779] Medium Out of bounds read handling unicode ranges. Credit to miaubiz.
  • [$1337] [70877] High Same origin policy bypass in v8. Credit to Daniel Divricean.
  • [70885] [71167] Low Pop-up blocker bypasses. Credit to Chamal de Silva.
  • [$1000] [71763] High Use-after-free in document script lifetime handling. Credit to miaubiz.
  • [71788] High Out-of-bounds write in the OGG container. Credit to Google Chrome Security Team (SkyLined); plus subsequent independent discovery by David Weston of Microsoft and MSVR.
  • [$1000] [72028] High Stale pointer in table painting. Credit to Martin Barbella.
  • [73026] High Use of corrupt out-of-bounds structure in video code. Credit to Tavis Ormandy of the Google Security Team.
  • [$1000] [73066] High Crash with the DataView object. Credit to Sergey Glazunov.
  • [$1000] [73134] High Bad cast in text rendering. Credit to miaubiz.
  • [$2000] [73196] High Stale pointer in WebKit context code. Credit to Sergey Glazunov.
  • [73716] Low Leak of heap address in XSLT. Credit to Google Chrome Security Team (Chris Evans).
  • [$1500] [73746] High Stale pointer with SVG cursors. Credit to Sergey Glazunov.
  • [$1000] [74030] High DOM tree corruption with attribute handling. Credit to Sergey Glazunov.
  • [$1000] [74662] High Corruption via re-entrancy of RegExp code. Credit to Christian Holler.
  • [$1000] [74675] High Invalid memory access in v8. Credit to Christian Holler.
We would also like to thank Ben Hawkes of the Google Security Team, Sergey Glazunov, Martin Barbella and “temp01irc” for working with us during the development cycle and helping prevent bugs from ever reaching the stable channel.

Last, but not least, we’d like to offer special thanks (plus additional rewards to those listed above) to Christian Holler. This is for working with us on his grammar-based fuzzing project, resulting in a more stable and secure “Crankshaft” engine for v8.

More on what's new at the Official Chrome Blog.  You can find full details about the changes that are in Chrome 10 in the SVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Jason Kersey
Google Chrome