The Stable Channel has been updated to 35.0.1916.153 for Windows, Mac and Linux.

This release contains a Flash Player update.

Security Fixes and Rewards
This update includes 4 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.

[$1000][369525] High CVE-2014-3154: Use-after-free in filesystem api. Credit to Collin Payne.
[$1000][369539] High CVE-2014-3155: Out-of-bounds read in SPDY. Credit to James March, Daniel Sommermann and Alan Frindell of Facebook.
[$500][369621] Medium CVE-2014-3156: Buffer overflow in clipboard. Credit to Atte Kettunen of OUSPG.

As usual, our ongoing internal security work was responsible for the following fix:
  • [368980] CVE-2014-3157: Heap overflow in media.

Many of the above bugs were detected using AddressSanitizer.

This release fixes a number of crashes and other bugs. A full list of changes is available in the SVN log. If you find a new issue, please let us know by filing a bug.

Karen Grünberg
Google Chrome