The Chrome Stable channel has been updated to 18.0.1025.168 on Windows, Mac, Linux and Chrome Frame.  


Security fixes and rewards:

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

  • [106413] High CVE-2011-3078: Use after free in floats handling. Credit to Google Chrome Security Team (Marty Barbella) and independent later discovery by miaubiz.
  • [117110] High CVE-2012-1521: Use after free in xml parser. Credit to Google Chrome Security Team (SkyLined) and independent later discovery by  wushi of team509 reported through iDefense VCP (V-874rcfpq7z).
  • [117627] Medium CVE-2011-3079: IPC validation failure. Credit to PinkiePie.
  • [121726] Medium CVE-2011-3080: Race condition in sandbox IPC. Credit to Willem Pinckaers of Matasano.
  • [$1000] [121899] High CVE-2011-3081: Use after free in floats handling. Credit to miaubiz.

The bugs [106413], [117110] and [121899] were detected using AddressSanitizer.



Full details about what changes are in this release are available in the SVN revision logInterested in hopping on the stable channel?  Find out how.  If you find a new issue, please let us know by filing a bug.

Karen Grunberg
Google Chrome