Chrome Stable 14.x.xxx.xxx released

6,916 · September 16, 2011

Weird 14 got released so early. Aren't they suppose to take 3 months for a major version number change???

The Chrome Stable channel has been updated to 14.0.835.163 for all platforms. This release contains the following security fixes. More details about high level features can be found on the Google Chrome blog.
Security fixes and rewards:

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

[49377] High CVE-2011-2835: Race condition in the certificate cache. Credit to Ryan Sleevi of the Chromium development community.

[51464] Low CVE-2011-2836: Infobar the Windows Media Player plug-in to avoid click-free access to the system Flash. Credit to electronixtar.

[Linux only] [57908] Low CVE-2011-2837: Use PIC / pie compiler flags. Credit to wbrana.

[75070] Low CVE-2011-2838: Treat MIME type more authoritatively when loading plug-ins. Credit to Michal Zalewski of the Google Security Team.

[76771] High CVE-2011-2839: Crash in v8 script object wrappers. Credit to Kostya Serebryany of the Chromium development community.

[78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with unusual user interaction. Credit to kuzzcc.

[$500] [78639] High CVE-2011-2841: Garbage collection error in PDF. Credit to Mario Gomes.

[Mac only] [80680] Low CVE-2011-2842: Insecure lock file handling in the Mac installer. Credit to Aaron Sigel of vtty.com.

[82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers. Credit to Kostya Serebryany of the Chromium development community.

[85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files. Credit to Mario Gomes.

[$1000] [89219] High CVE-2011-2846: Use-after-free in unload event handling. Credit to Arthur Gerkis.

[$1000] [89330] High CVE-2011-2847: Use-after-free in document loader. Credit to miaubiz.

[$500] [89564] Medium CVE-2011-2848: URL bar spoof with forward button. Credit to Jordi Chancel.

[89795] Low CVE-2011-2849: Browser NULL pointer crash with WebSockets. Credit to Arthur Gerkis.

[$500] [89991] Medium CVE-2011-3234: Out-of-bounds read in box handling. Credit to miaubiz.

[90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer characters. Credit to miaubiz.

[90173] Medium CVE-2011-2851: Out-of-bounds read in video handling. Credit to Google Chrome Security Team (Inferno).

[$500] [91120] High CVE-2011-2852: Off-by-one in v8. Credit to Christian Holler.

[91197] High CVE-2011-2853: Use-after-free in plug-in handling. Credit to Google Chrome Security Team (SkyLined).

[$1000] [92651] [94800] High CVE-2011-2854: Use-after-free in ruby / table style handing. Credit to S?awomir B?a?ek, and independent later discoveries by miaubiz and Google Chrome Security Team (Inferno).

[$1000] [92959] High CVE-2011-2855: Stale node in stylesheet handling. Credit to Arthur Gerkis.

[$2000] [93416] High CVE-2011-2856: Cross-origin bypass in v8. Credit to Daniel Divricean.

[$1000] [93420] High CVE-2011-2857: Use-after-free in focus controller. Credit to miaubiz.

[$1000] [93472] High CVE-2011-2834: Double free in libxml XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.

[93497] Medium CVE-2011-2859: Incorrect permissions assigned to non-gallery pages. Credit to Bernhard ?Bruhns? Brehm of Recurity Labs.

[$1000] [93587] High CVE-2011-2860: Use-after-free in table style handling. Credit to miaubiz.

[93596] Medium CVE-2011-2861: Bad string read in PDF. Credit to Aki Helin of OUSPG.

[$2337] [93906] High CVE-2011-2862: Unintended access to v8 built-in objects. Credit to Sergey Glazunov.

[95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan characters. Credit to Google Chrome Security Team (Inferno).

[95625] Medium CVE-2011-2858: Out-of-bounds read with triangle arrays. Credit to Google Chrome Security Team (Inferno).

[95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a session. Credit to Nishant Yadant of VMware and Craig Chamberlain (@randomuserid).

[$1000] [95920] High CVE-2011-2852: Type confusion in v8 object sealing. Credit to Christian Holler.

More...

3,305 · September 16, 2011

Speed comparison w. HWA 13 vs 14?

4,147 · September 16, 2011

http://dl.google.com/chrome/install/835.163/chrome_installer.exe

September 16, 2011

Interesting as I'm on the Beta channel is this is most recent build that Google has posted on their blog...

14.0.835.163

http://googlechromereleases.blogspot.com/

The Beta channel has been very stable for me, as I only have one extension installed, and do 'not' have any Chrome://about flags features enabled.

September 17, 2011

Weird 14 got released so early. Aren't they suppose to take 3 months for a major version number change???

Nope it is a 6-week cycle, so a month and a half

2,901 · September 17, 2011

Thanks for the update!

Google Chrome Portable (lastest stable) is now available too! http://portableapps.com/apps/internet/google_chrome_portable

Be warned though, I believe the portable version uses more RAM because it has cache disabled (so it doesn't write or not much on the disk)

**EDIT**

Remember, nothing is modified, PortableApps executable downloads the files from Google's server and stores it all into one package to allow portability

Online Installer: Google Chrome Portable is an online installer that will download additional files during setup.

6,916 · September 17, 2011

Weird 14 got released so early. Aren't they suppose to take 3 months for a major version number change???

Nope it is a 6-week cycle, so a month and a half

yeah I think you are right. For some reason 3 months was in my mind

6,916 · September 20, 2011

Stable Channel Update

Tuesday, September 20, 2011 | 12:14

The Stable channel has been updated to 14.0.785.186 for Windows, Mac, Linux, and Chrome Frame.

This release includes an update to Flash Player that addresses a zero-day vulnerability.

Source

2,367 · September 21, 2011

Sweet...

49,345 · September 21, 2011

Cheers, posted.

6,916 · October 5, 2011

This release contains Adobe Flash Player 11 and bug fixes

The Stable channel has been updated to 14.0.835.202 for Windows, Mac, Linux, and Chrome Frame. This release contains Adobe Flash Player 11, along with the stability and security fixes listed below.
Security fixes and rewards:

Please seethe Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

[$1000] [93788] High CVE-2011-2876: Use-after-free in text line box handling. Credit to miaubiz.

[$1000] [95072] High CVE-2011-2877: Stale font in SVG text handling. Credit to miaubiz.

[$2000] [95671] High CVE-2011-2878: Inappropriate cross-origin access to the window prototype. Credit to Sergey Glazunov.

[96150] High CVE-2011-2879: Lifetime and threading issues in audio node handling. Credit to Google Chrome Security Team (Inferno).

[$4500] [97451] [97520] [97615] High CVE-2011-2880: Use-after-free in the v8 bindings. Credit to Sergey Glazunov.

[$1500] [97784] High CVE-2011-2881: Memory corruption with v8 hidden objects. Credit to Sergey Glazunov.

[98089] Critical CVE-2011-3873: Memory corruption in shader translator. Credit to Zhenyao Mo of the Chromium development community.

Source

5,372 · October 5, 2011

Is anyone having problems with Tweetdeck of the weird language problem?

Sign In

Chrome Stable 14.x.xxx.xxx released

Recommended Posts

still1

Link to comment

Share on other sites

Udedenkz

Link to comment

Share on other sites

torrentthief

Link to comment

Share on other sites

gahbmwM5

Link to comment

Share on other sites

Gee.B

Link to comment

Share on other sites

AimLXJ

Link to comment

Share on other sites

still1

Link to comment

Share on other sites

still1

Link to comment

Share on other sites

Ficman

Link to comment

Share on other sites

Steven P. Administrators

Link to comment

Share on other sites

still1

Link to comment

Share on other sites

BryanChung

Link to comment

Share on other sites

Recently Browsing 0 members