Tuesday, December 11, 2012

[Gd] Stable Channel Update

| More

Chrome Releases: Stable Channel Update

The Stable channel has been updated to 23.0.1271.97 for Windows, Mac, Linux, and ChromeFrame platforms. This build contains the following fixes:

  • Some texts in a Website Settings popup are trimmed (Issue: 159156)
  • Linux: <input> selection renders white text on white bg in apps (Issue: 158422)
  • some plugins stopped working (Issue: 159896)
  • Fixed a known crash (Issue:161854)
  • Windows8: Unable to launch system level chrome after self destructing user-level chrome (Issue: 158632)
Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

  • [$1500] [158204] High CVE-2012-5139: Use-after-free with visibility events. Credit to Chamal de Silva.
  • [$1000] [159429] High CVE-2012-5140: Use-after-free in URL loader. Credit to Chamal de Silva.
  • [160456] Medium CVE-2012-5141: Limit Chromoting client plug-in instantiation. Credit to Google Chrome Security Team (Jüri Aedla).
  • [160803] Critical CVE-2012-5142: Crash in history navigation. Credit to Michal Zalewski of Google Security Team.
  • [160926] Medium CVE-2012-5143: Integer overflow in PPAPI image buffers. Credit to Google Chrome Security Team (Cris Neckar).
  • [$2000] [161639] High CVE-2012-5144: Stack corruption in AAC decoding. Credit to pawlkt.


This build also has a new version of Adobe Flash. You can find the details here.

Full details about what changes are in this release are available in the SVN revision log.  Interested in hopping on the stable channel?  Find out how.  If you find a new issue, please let us know by filing a bug.

Karen Grunberg
Google Chrome
URL: http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html

No comments: