Thursday, May 7, 2009

Stable Update: Bug fix

Edit 13 May 2009: Disclosing that this release contains the fix for CVE-2009-0945, an issue in WebKit code that also affects Apple's Safari web browser. We did not want to disclose this until Apple's fix for Safari users was released.

Google Chrome's Stable channel has been updated to version to fix a crash during startup for a small percentage of users.

CVE-2009-0945 Denial of service in SVG
A memory corruption issue exists in WebKit's handling of SVGList objects. Visiting a maliciously crafted website may lead to arbitrary code execution. The arbitrary code would be limited by the Google Chrome sandbox.

Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.

  • A victim would need to visit a page under an attacker's control.
  • Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.

Mark Larson
Google Chrome Program Manager


Lumo said...

These multiple fixes of the "stable" channel show one thing: the stable channel is as (un)stable and (un)reliable as the dev channel.

After or the current (which will include a fix of minipreviews on blogger that I've been waiting for, for months), the dev channel should be promoted to the stable channel 2.0.

I think there's no doubt that the dev 2.0 versions right now are better - and comparably stable - to the 1.0 versions. Google is losing the potential by offering most users an outdated version without such essential things like form autofill.

Jennifer said...


The recent stable versions largely patched security holes, a fact of life in the browser game. Other than the apparent small crash-out bug, it has nothing to do with stability.

2.0 is usually stable enough for general use, but that seems to change with every dev release. Not to mention that it's still feature-incomplete, especially with things like the extensions management system.