The Beta channel has been updated to 20.0.1132.22 (Platform version: 2248.42.0) for Chromebooks (Acer AC700, Samsung Series 5, Samsung Chromebook Series 5 550, and Samsung Chromebox Series 3, and Cr-48).  This release contains functional, security and stability improvements. Machines will be receiving updates to this version over the next several days.


Highlights of these changes are:

The Google Chrome team is happy to announce the arrival of Chrome 19 to the Stable Channel for ChromeOS.  More detailed updates are available on the Google Blog.  

The Stable channel has been updated to 19.0.1084.52 (Platform version: 2046.107.0) for Chromebooks (Acer AC700, Samsung Series 5, Samsung Chromebook Series 5 550, and Samsung Chromebox Series 3).  Machines will be receiving updates to this version over the next several days.

This release contains security, stability improvements and bug fixes.

The Chrome Stable channel has been updated to 19.0.1084.52 on Windows, Mac, Linux and Chrome Frame.  

Security fixes and rewards:

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

• [117409] High CVE-2011-3103: Crashes in v8 garbage collection. Credit to the Chromium development community (Brett Wilson).
• [118018] Medium CVE-2011-3104: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno).
• [$1000] [120912] High CVE-2011-3105: Use-after-free in first-letter handling. Credit to miaubiz.
• [122654] Critical CVE-2011-3106: Browser memory corruption with websockets over SSL. Credit to the Chromium development community (Dharani Govindan).
• [124625] High CVE-2011-3107: Crashes in the plug-in JavaScript bindings. Credit to the Chromium development community (Dharani Govindan).
• [$1337] [125159] Critical CVE-2011-3108: Use-after-free in browser cache. Credit to “efbiaiinzinz”.
• [Linux only] [$1000] [126296] High CVE-2011-3109: Bad cast in GTK UI. Credit to Micha Bartholomé.
• [126337] [126343] [126378] [127349] [127819] [127868] High CVE-2011-3110: Out of bounds writes in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
• [$500] [126414] Medium CVE-2011-3111: Invalid read in v8. Credit to Christian Holler.
• [127331] High CVE-2011-3112: Use-after-free with invalid encrypted PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
• [127883] High CVE-2011-3113: Invalid cast with colorspace handling in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
• [128014] High CVE-2011-3114: Buffer overflows with PDF functions. Credit to Google Chrome Security Team (scarybeasts).
• [$1000] [128018] High CVE-2011-3115: Type corruption in v8. Credit to Christian Holler.

Many of these bugs were detected using AddressSanitizer.

Full details about what changes are in this release are available in the SVN revision log. If you find a new issue, please let us know by filing a bug.

The Dev channel has been updated to 21.0.1145.0 for Windows, Mac and Linux platforms

All

• Updated V8 - 3.11.3.0
• Allow certain unused renderer processes to exit before the tab is closed. (Issue: 126333)  

• Fix password autofill to work again for Incognito windows (Issue: 117720)

• Prevent an infinite loop inside SSLClientSocketNSS::OnSendComplete. This has been observed in Chrome OS, but could also happen on other platforms. (Issue: 127822)

Known Issues

• In bookmark bubble unable to edit the name and select the sub folder from drop down (Issue: 128612)

More details about additional changes are available in the svn log of all revisions.

This release contains stability improvements and bug fixes.

The Dev channel has been updated to 20.0.1132.7 (Platform versions: 2268.9.0) for Chromebooks (Acer AC700 , Samsung Series 5, and Cr-48).

This build contains a number of new features, as well as security & stability improvements. Some highlights of these changes are:

• [112983] Low CVE-2011-3083: Browser crash with video + FTP. Credit to Aki Helin of OUSPG.
• [113496] Low CVE-2011-3084: Load links from internal pages in their own process. Credit to Brett Wilson of the Chromium development community.
• [118374] Medium CVE-2011-3085: UI corruption with long autofilled values. Credit to “psaldorn”.
• [$1000] [118642] High CVE-2011-3086: Use-after-free with style element. Credit to Arthur Gerkis.
• [118664] Low CVE-2011-3087: Incorrect window navigation. Credit to Charlie Reis of the Chromium development community.
• [$500] [120648] Medium CVE-2011-3088: Out-of-bounds read in hairline drawing. Credit to Aki Helin of OUSPG.
• [$1000] [120711] High CVE-2011-3089: Use-after-free in table handling. Credit to miaubiz.
• [$500] [121223] Medium CVE-2011-3090: Race condition with workers. Credit to Arthur Gerkis.
• [121734] High CVE-2011-3091: Use-after-free with indexed DB. Credit to Google Chrome Security Team (Inferno).
• [$1000] [122337] High CVE-2011-3092: Invalid write in v8 regex. Credit to Christian Holler.
• [$500] [122585] Medium CVE-2011-3093: Out-of-bounds read in glyph handling. Credit to miaubiz.
• [122586] Medium CVE-2011-3094: Out-of-bounds read in Tibetan handling. Credit to miaubiz.
• [$1000] [123481] High CVE-2011-3095: Out-of-bounds write in OGG container. Credit to Hannu Heikkinen.
• [Linux only] [123530] Low CVE-2011-3096: Use-after-free in GTK omnibox handling. Credit to Arthur Gerkis.
• [123733] [124182] High CVE-2011-3097: Out-of-bounds write in sampled functions with PDF. Credit to Kostya Serebryany of Google and Evgeniy Stepanov of Google.
• [Windows only] [124216] Low CVE-2011-3098: Bad search path for Windows Media Player plug-in. Credit to Haifei Li of Microsoft and MSVR (MSVR:159).
• [124479] High CVE-2011-3099: Use-after-free in PDF with corrupt font encoding name. Credit to Mateusz Jurczyk of Google Security Team and Gynvael Coldwind of Google Security Team.
• [124652] Medium CVE-2011-3100: Out-of-bounds read drawing dash paths. Credit to Google Chrome Security Team (Inferno).

And some additional rewards for issues with a wider scope than Chrome:

• [Linux only] [$500] [118970] Medium CVE-2011-3101: Work around Linux Nvidia driver bug. Credit to Aki Helin of OUSPG.
• [$1500] [125462] High CVE-2011-3102: Off-by-one out-of-bounds write in libxml. Credit to Jüri Aedla.

Many of the above bugs were detected using AddressSanitizer.

We’d also like to thank Aki Helin of OUSPG, Sławomir Błażek, Chamal de Silva, miaubiz, Arthur Gerkis and Christian Holler for working with us during the development cycle and preventing security regressions from ever reaching the stable channel. $9000 of additional rewards were issued for this awesomeness.

The Beta channel has been updated to 19.0.1084.47 (Platform version: 2046.88.0) for Chromebooks (Acer AC700 and Samsung Series 5).

The Dev channel has been updated to 20.0.1132.1 (Platform versions: 2268.0.0) for Chromebooks (Acer AC700 , Samsung Series 5, and Cr-48).

This build contains a number of new features, as well as security & stability improvements. Some highlights of these changes are: