Wednesday, March 28, 2012

Stable Channel Release and Beta Channel Update


The Chrome team is excited to announce the release of Chrome 18 to the Stable Channel for Windows, Mac, Linux and Chrome Frame. 18.0.1025.142 contains a number of new features including faster and fancier graphics. More detailed updates are available on the Chrome Blog and the Chromium Blog.  


Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

Some of the items listed below represent the start of hardening measures based on study of the exploits submitted to the Pwnium competition.

  • [$500] [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in EUC-JP. Credit to Masato Kinugawa.
  • [$500] [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling. Credit to Arthur Gerkis.
  • [$500] [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment handling. Credit to miaubiz.
  • [116398] Medium CVE-2011-3061: SPDY proxy certificate checking error. Credit to Leonidas Kontothanassis of Google.
  • [116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to Mateusz Jurczyk of the Google Security Team.
  • [117417] Low CVE-2011-3063: Validate navigation requests from the renderer more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie and scarybeasts (Google Chrome Security Team).
  • [$1000] [117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to Atte Kettunen of OUSPG.
  • [$1000] [117588] High CVE-2011-3065: Memory corruption in Skia. Credit to Omair.
  • [$500] [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian Holler.

The bugs [112317], [114056] and [117471] were detected using AddressSanitizer.


We’d also like to thank miaubiz, Chamal de Silva, Atte Kettunen of OUSPG, Aki Helin of OUSPG and Arthur Gerkis for working with us during the development cycle and preventing security regressions from ever reaching the stable channel. $8000 of additional rewards were issued for this awesomeness.



This version also contains the new Adobe Flash release, see release notes. Full details about what changes are in this release are available in the SVN revision log.  Interested in hopping on the stable channel?  Find out how.  If you find a new issue, please let us know by filing a bug.

Karen Grunberg
Google Chrome

40 comments:

Luboš Motl said...

Greeting from Chrome 18 Stable. It works for me, you will probably not crash. I am trying to find out why the page with morphing cubes shows nothing now - some graphical switches at about:flags may fix it.

-chet- said...

that morphing cubes link works fine for me. beta channel - mac/lion

Cody said...

Happy to see R18 finally out. I am looking forward to the Uber Page.

I hope M18 fixes the flash video CPU overload issues I have been having for the last few weeks on R17. Anyone else have those problems?

AdminRespAWN said...

I have a problem with the videos on youtube everything is blue, i disabled the chrome flash and used my systems. i operate on linux ubuntu 11.10 x32

wrestler05 said...

I installed this and now when a site I have to work with daily opens a new window the size is drawn very small and I have to resize the window manually. This is on a Mac running 10.6.8. Very disappointing because Chrome runs the site so much faster then other browsers, but with this flaw I will not be able to continue to use Chrome.

Scott said...

Anyone else getting a sign-in/Sync error with this version?

Louis said...

XP32,Catalyst 11.8

There's really one thing not working for me (The rest is perfect) and that's the "GPU compositing on all pages" ! IF AND ONLY IF this FLAG is enabled ,I always have the two same problems:

1)http://tinypic.com/view.php?pic=35bzecw&s=5
And this corruption is erratic.Sometimes the transparency works and sometimes not.I tried with "Override software rendering list" but no changes.

2)This is more difficult to describe:
when several tabs are open,and when I click on a tab,I have a blue rectangle of the size of the "Offer to translate pages that aren't in a language I read" checkbox.It's displayed at the top of the page, very quickly and disappears.No screen caps yet because it never freezes.
Enabling or disabling the option doesn't change anything.It's exactly the same colour than the blue page phenomenon that I described earlier (This has completely disappeared)

I wonder if you would mind looking into this one once for all.Thank you.

PS: found this in the Flags:gpu (FULL LOG HERE: http://pastebin.com/FFKGjTgC)

Starts lke this:
Log Messages
[2400:5356:434977968:INFO:gpu_child_thread.cc(110)] : gpu_info_collector::CollectGraphicsInfo complete. success = 1
[2400:5356:434978234:ERROR:gl_surface.cc(87)] : NOT IMPLEMENTED
[2400:5356:435016640:ERROR:gl_surface.cc(87)] : NOT IMPLEMENTED
[2400:5356:435016703:ERROR:gl_surface.cc(87)] : NOT IMPLEMENTED
[2400:5356:435019390:ERROR:gl_surface.cc(87)] : NOT IMPLEMENTED
[2400:5356:435029890:ERROR:gl_surface.cc(87)] : NOT IMPLEMENTED
[...]

Is it all right ?

Steve said...

@ Louis - I agree and can confirm - same here regarding "GPU compositing on all pages"

Otherwise, an excellent release.
Good job, Chrome Team!

Louis said...

@ Steve: Very glad (So to speak) that somebody could reproduce my problems.Thank you ever so much for your feedback.Could you just tell us which OS and which GPU driver you are using and maybe paste also what is shown at chrome://gpu/ ?

I finally nailed the blue bar!
This wasn't captured on a web-page but while watching a.mp4:

http://tinypic.com/view.php?pic=ei8rra&s=5

I was able to see it by pressing F11 (Full screen,back and forth).Disappeared if I moved the mouse.
I closed the browser and tried again but I couldn't get the blue bar to freeze this time.Still,I could see it flashing when pressing F11.The latter is exactly what I can observe on a web-page (Erratic too,I'm afraid)
So happy ! :)

Javi said...

using http://c5bench.com/ for benchmarking, i got 2180 score with chrome 17 and 1800 score with chrome 18, what's going on??

Luboš Motl said...

I think that the grey color I see on the "morphing cubes" linked at the top is the same one that Louis or others see when they enable compositing on all pages.

The GPU acceleration just doesn't allow things to be seen in their proper color. Moreover, I think that the bug has to be something rather trivial, choosing transparency or color of something, because the morphing cubes are still running although one can't see them. But one can copy-and-paste the numbers 1,2...12 on the cubes into the clipboard. :-)

I have Radeon HD 7670M 1gb on my PackardBell Easynote LS44HR laptop.

Unknown said...

Some fonts now are horribly bolded to the point that they show blurry. Did not happen in 17.

John Rodriguez said...

I'm getting a major font problem that was not here yesterday. all the fonts look like a version of dingbats.

bom shiva said...

Monaco Font is not rendering at all.

OS X 10.6.8

blus sky said...

thank you so much, I enjoy your blog, 2012 nba all star jerseys
material may be very exhilarating. Will know significantly within the indoors, bikini swimsuit and see many want to see, thank you very much to share .Louis Vuitton Replica .best wish for you !

Rafael said...

What's going on with Google Chrome? I just do not understand since the launch of the first stable version of Google Chrome the browser crashes while loading the pages in the roll fails, and among many other things. It was not like that and not my computer, but Google Chrome as it did several tests with other browsers eg Safari, Opera, Firefox, and these problems just do not happen only happen while I'm using Google Chrome. What is happening?

Mainman678 said...

I hope this fixed the flash crashing issues.

Unknown said...

@ Luboš Motl

It seems to be a bug with laptops with AMD Radeon and Catalyst Switchable graphics. Many web sites are displaying black screens even when Chrome is configured to use the build-in Intel HD GPU and GPU compositing on all pages is disabled. Bug 119685

Luboš Motl said...

Thanks, Unknown, I have already seen similar options and fixed the problem.

Open Catalyst Center, go to power, and switch Chrome to "power-saving" (internal Intel HD card, I guess) regime...

There are other bug reports with the same content. I will cross-link them with yours...

I also get crashing every 5 minutes or so while editing at physics.stackexchange.com - site with constantly updated MathJax.

darnbits said...

did you guys fix the font-rendering in windows chrome?

fonts don't have any aliasing applied to them...

Unknown said...

There seems to be a bug with the resizeTo function on a new window.

If the new window calls resizeTo onload or if the opener tries to resize the new window after opening it, then the new window gets shrunk down to nothing.

To see the window, you would have to right-click it in the taskbar and choose maximize.

TEAM SECURITY & HR SOLUTIONS said...

we are proving Security Guard Companies in Delhi , security guard, Security Services, Security Guard Delhi, Security Guard, Security Guards Delhi, Security Delhi NCR.Our service is better than another
security company.visit at http://www.teamsecurity.in

Ko nhà said...

Can't access the pages that have SSL Error....

Mitch said...

I am getting a lot of insecure content warnings.

WTF ? WTF, google!

WORMSS said...

The new tab button seems to be practically invisible. First you take away the plus, now you take away the outline? Whats next? Get rid of it completely?
What is your guys problems?

Ciantic said...

Keeps crashing like donkey, all I did was to enable encryption for all outgoing synchronization traffic.

What is worse, it cannot be disabled. The option is now grayed out.

Ciantic said...

I managed to "fix" the constant crashing, by disabling the synchronization all together.

abandonedbrain said...

Just wanting to add a "me, too" on the font issues in OS X. Using UTC 3.0.1 from Extensis, through v17 Chrome was fine for a certain user, now it's not. Fonts are in good condition, caches were cleared and a reboot was forced, still problems in Chrome. Looks like "webdings" in a square for each character on the screen, MOST websites (though apple.com looks fine, and Chrome's preference page is OK).

Other users are fine, but they had the 'quote marks' font issues on certain sites like lifehacker.com prior to v18; now, those are fixed!

abandonedbrain said...

Oh, OS X 10.6.8...

◄♪♫ संदिप पाटील ♫♪► said...

One of the best release till date ... No issue whatsoever.

cody said...

The newest version 18.025.142 is significantly slower in some areas. I ran http://v8.googlecode.com/svn/data/benchmarks/v7/run.html
On my macbook 2,1.The results for the old version of chrome 17.0.963.79 are
Richards: 9620
DeltaBlue: 12238
Crypto: 11309
RayTrace: 8584
EarleyBoyer: 15607
RegExp: 1515
Splay: 2143
NavierStokes: 662

and on the update 18.025.142 they are
Richards: 9348
DeltaBlue: 13600
Crypto: 11020
RayTrace: 11277
EarleyBoyer: 15200
RegExp: 1603
Splay: 2730
NavierStokes: 10694

Notice the Navier Stokes test is about 16 time slower. why? A lot of the js1k.com entries don't even run anymore.

JC said...

Has any body else had a problem with the Group Policy template for 18? We get an error in the GPEditor: An error has occurred while collecting data for Administrative Templates.
The following errors were encountered:
Found duplicate definition of element category with name 'google'. File \\[ServerName].corp.[Domain].com\sysvol\corp.[Domain].com\Policies\PolicyDefinitions\chrome.admx, line 18, column 60
This is similar to the error encountered with a corrupt GP template last fall.
Thanks.

desertdawn said...

STABLE!

Kevin said...

Yep, group policy templates are munged again. Great QA they're doing.

Tom Gehrke said...

Getting SSL certificate errors with Websense proxy after the update. This results in a "The site's security certificate is signed using a weak signature algorithm!" message.

Suspect it has to do with work done on [116398] Medium CVE-2011-3061: SPDY proxy certificate checking error.

Class Blogs said...

I'm having trouble with pages loading. It seems to be on pages where a video needs to load or some type of java or basically anything that isn't html. I keep getting the "Page(s) Unresponsive" dialogue box. Regardless of how many times I hit "Wait", the box keeps popping up. Killing the page and reloading it brings me back into the same unresponsive cycle. This wasn't happening before the new version was updated.

Martin Petkov said...

Google Chrome freezes when I visit Facebook.

the don said...

Unstable and slower!!!

Tom Gehrke said...

If a Websense is involved then this article would seem to be applicable.

http://www.websense.com/support/article/kbarticle/Apple-IOS5-devices-and-Chrome-Browsers-may-not-browse-through-Websense-Content-Gateway

chenguang said...

After witnessing these difficulties, Dr. Dre who is a hip hop singer and composer had stepped ahead to give an appropriate resolution for this predicament Monster Beats pro. In that course of a remedy for that dilemma, he had introduced monster Dr Dre head phones to raise the clarity with the music. Monster beats head phones are usually created with stretchable head band and out there in diverse variants which include studio, solo, solo HD, more than ear, beats pro and power beats sports headphones. These are extremely much comfy to wear more than the ears and economical too. There are many outlets across the globe supplying these head phones Monster Cables, one particular can also purchase them by way of on the net by logging in to the web page from the business.