The stable channel of Chrome for Android has been updated to 18.0.1025308. It is now available for download on Google Play and in the Google Play Store on your mobile devices, on Android 4.0, Ice Cream Sandwich, or later.  The new update includes important security and stability fixes.


Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

The Stable channel has been updated to 21.0.1180.89 for Linux, Mac, Windows and Chrome Frame

This build fixes the following issues:

• Several Pepper Flash fixes (Issue 140577, 144107, 140498, 142479).
• Microphone issues with tinychat.com (Issue: 143192)
• devtools regression with "save as" of edited source (issue: 141180)
• mini ninjas shaders fails (Issue: 142705)
• page randomly turns red/green gradient boxes (Issue: 110343)

The Chrome team is happy to announce the first update to Chrome for iPhone and iPad.  This version (Chrome 21 / 21.0.1180.77) brings in a number of fixes to user-reported issues including:

• Ability to share directly from Chrome to your favorite social network or via email
• More actionable sync sign in error messages
• Improved language detection for welcome tour
• Fixes for pages loading blank in Incognito* mode

The Stable channel has been updated to 21.0.1180.81 for Linux, 21.0.1180.83 for Windows and Chrome Frame and both Beta and Stable channels have been updated to 21.0.1180.82 for Mac and 

This build fixes the following issues:

• Duplex Printing defaults to Yes, which prints extra pages even for a 1 page print out (Issue 138312).
• Print preview takes forever on Win XP (issue: 140044)
• Anti-DDoS inversion of logic (Issues: 141643, 141081)
• Pepper Flash: in file uploads, treats HTTP status != 200 as failure, breaking (e.g.) uploads to Amazon S3 (Issue: 140468)
• Projectmanager.com application causes Flash to hang (Issue: 141018)
• Turn off TLS 1.1 in Chrome 21 Stable (Issue: 142172)
• Setting and unsetting display:none obliterates current scroll position (issue: 140101)

The Google Chrome team is happy to announce the arrival of Chrome 21 to the Stable Channel for Chrome OS.  More detailed updates are available on the Google Chrome Blog.  

The Stable channel has been updated to 21.0.1183.0 (Platform version: 2465.127.0) for Chromebooks (Acer AC700, Samsung Series 5 550, Samsung Series 5, and Cr-48) and Samsung Chromebox Series 3. Machines will be receiving updates to this version over the next several days.

The Stable channel has been updated to 21.0.1180.79 for Mac, Linux, Windows and Chrome Frame

This build fixes a security issue with Adobe Flash. You can read more about this in Adobe's Security Bulletin.  

The Stable channel has been updated to 21.0.1180.77 for Mac, Linux, Windows and Chrome Frame

This build fixes a problem with an item in Node::attributes disappearing (Issue 140473).

The Stable channel has been updated to 21.0.1180.75 for Mac, Linux, Windows and Chrome Frame

This build fixes:

• Flash videos not longer remaining in fullscreen when clicking a secondary monitor while the video is playing  (Issue: 140366). 
• Flash video full screen displays on wrong monitor (Issue: 137523)
• REGRESSION: Rendering difference in Chrome 21 and 22 that affected on Persian Wikipedia (Issue: 139502)
• Some known crashes (Issues: 137498, 138552, 128652, 140140)
• Audio objects are not "switched" immediately (Issue: 140247)
• Print and Print Preview ignore paper size default in printer config (Issue: 135374)
• Candidate windows is shown in wrong place in Retina display (Issue: 139108)
• more of the choppy and distorted audio issues  (Issue: 136624)
• Japanese characters showing in Chinese font (Issue: 140432)
• Video playback issues with flash-based sites (Issue: 139953)
• Sync invalidation notification broken after restart (Issue: 139424)

The Chrome team is excited to announce the release of Chrome 21 to the Stable Channel. 21.0.1180.57 for Mac and Linux. 21.0.1180.60 for Windows and Chrome Frame. Chrome 21 contains a number of new features including a new API for high-quality video and audio communication. More detailed updates are available on the Chrome Blog.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

• [Linux only] [125225] Medium CVE-2012-2846: Cross-process interference in renderers. Credit to Google Chrome Security Team (Julien Tinnes).
• [127522] Low CVE-2012-2847: Missing re-prompt to user upon excessive downloads. Credit to Matt Austin of Aspect Security.
• [127525] Medium CVE-2012-2848: Overly broad file access granted after drag+drop. Credit to Matt Austin of Aspect Security.
• [128163] Low CVE-2012-2849: Off-by-one read in GIF decoder. Credit to Atte Kettunen of OUSPG.
• [130251] [130592] [130611] [131068] [131237] [131252] [131621] [131690] [132860] Medium CVE-2012-2850: Various lower severity issues in the PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.
• [132585] [132694] [132861] High CVE-2012-2851: Integer overflows in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.
• [134028] High CVE-2012-2852: Use-after-free with bad object linkage in PDF. Credit to Alexey Samsonov of Google.
• [134101] Medium CVE-2012-2853: webRequest can interfere with the Chrome Web Store. Credit to Trev of Adblock.
• [134519] Low CVE-2012-2854: Leak of pointer values to WebUI renderers. Credit to Nasko Oskov of the Chromium development community.
• [134888] High CVE-2012-2855: Use-after-free in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.
• [134954] [135264] High CVE-2012-2856: Out-of-bounds writes in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.
• [$1000] [136235] High CVE-2012-2857: Use-after-free in CSS DOM. Credit to Arthur Gerkis.
• [$1000] [136894] High CVE-2012-2858: Buffer overflow in WebP decoder. Credit to Jüri Aedla.
• [Linux only] [137541] Critical CVE-2012-2859: Crash in tab handling. Credit to Jeff Roberts of Google Security Team.
• [137671] Medium CVE-2012-2860: Out-of-bounds access when clicking in date picker. Credit to Chamal de Silva.

Many of the above bugs were detected using AddressSanitizer.

We’d also like to thank Drew Yao / Braden Thomas / Jim Smith (all Apple Product Security), Kostya Serebryany of the Chromium development community, Atte Kettunen of OUSPG and Bernhard Bauer of the Chromium development community for working with us during the development cycle and preventing security regressions from ever reaching the stable channel.

The Google Chrome team is happy to announce the arrival of Chrome 20 to the Stable Channel for ChromeOS.  More detailed updates are available on the Google Blog.  


The Stable channel has been updated to 20.0.1322.54 (Platform version: 2268.105.0) for Chromebooks (Acer AC700, Samsung Series 5, Samsung Chromebook Series 5 550, and Samsung Chromebox Series 3, and Cr-48). Machines will be receiving updates to this version over the next several days.

The Chrome Team is excited to announce the release of Chrome for iPhone and iPad. Based on Chrome 19.0.1084.52, Chrome for iOS (19.0.1084.60) brings an all new browsing experience to your iPhone, iPad or iPod touch (requires iOS 4.3 or later) and is now available for download.

The Chrome team is happy to announce the first Stable Channel release of Chrome for Android.  18.0.1025123 is now available for download on Google Play and in the Google Play Store on your mobile devices, on Android 4.0, Ice Cream Sandwich, or later.

The Chrome Stable channel has been updated to 19.0.1084.52 on Windows, Mac, Linux and Chrome Frame.  

Security fixes and rewards:

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

• [117409] High CVE-2011-3103: Crashes in v8 garbage collection. Credit to the Chromium development community (Brett Wilson).
• [118018] Medium CVE-2011-3104: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno).
• [$1000] [120912] High CVE-2011-3105: Use-after-free in first-letter handling. Credit to miaubiz.
• [122654] Critical CVE-2011-3106: Browser memory corruption with websockets over SSL. Credit to the Chromium development community (Dharani Govindan).
• [124625] High CVE-2011-3107: Crashes in the plug-in JavaScript bindings. Credit to the Chromium development community (Dharani Govindan).
• [$1337] [125159] Critical CVE-2011-3108: Use-after-free in browser cache. Credit to “efbiaiinzinz”.
• [Linux only] [$1000] [126296] High CVE-2011-3109: Bad cast in GTK UI. Credit to Micha Bartholomé.
• [126337] [126343] [126378] [127349] [127819] [127868] High CVE-2011-3110: Out of bounds writes in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
• [$500] [126414] Medium CVE-2011-3111: Invalid read in v8. Credit to Christian Holler.
• [127331] High CVE-2011-3112: Use-after-free with invalid encrypted PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
• [127883] High CVE-2011-3113: Invalid cast with colorspace handling in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
• [128014] High CVE-2011-3114: Buffer overflows with PDF functions. Credit to Google Chrome Security Team (scarybeasts).
• [$1000] [128018] High CVE-2011-3115: Type corruption in v8. Credit to Christian Holler.

Many of these bugs were detected using AddressSanitizer.

Full details about what changes are in this release are available in the SVN revision log. If you find a new issue, please let us know by filing a bug.