Wednesday, June 24, 2009

Dev update: Bug fixes


Google Chrome 3.0.190 has been released to the Dev channel (Mac: 190.0, Windows: 190.1, Linux: 190.2).

Highlights in this release:
  • Mostly bug and crash fixes.
  • Linux: Fixed the browser crashing because of missing fonts. (Issue 13007)
  • Lots of progress filling in missing features on Mac and Linux. Random samples:
    • Linux: HTTP authentication now works. 
    • Linux: Render the contents of tabs while dragging.
    • Linux: You can import and export bookmarks. 
    • Mac: You can download more than one item in a tab.
    • Mac: A (preliminary) download shelf at the bottom of the window shows your downloads.
    • Mac: Added the Restore Closed Tabs item to the File menu.
  • The --enable-monitor-profile flag converts web pages from sRGB to your current default monitor profile. It does not handle embedded color profiles in images. (Issue 4938)
  • The 'Print selection' option on the Print dialog works on Windows. (Issue 1682)
Known issues:
  • You cannot drag bookmarklets (javascript: URLs) to the bookmarks bar. (Issue 12290)
  • When you install an extension, two separate toolstrips appear.  The problem will go away when you restart the browser. (Issue 14941)

More details are available in the release notes and the log of all revisions.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry.

Mark Larson
Google Chrome Program Manager

Monday, June 22, 2009

Stable, Beta update: Security fix


Google Chrome 2.0.172.33 has been released to the Stable and Beta channels. This release fixes a critical security issue and two other networking bugs.

CVE-2009-2121: Buffer overflow processing HTTP responses
Google Chrome is vulnerable to a buffer overflow in handling certain responses from HTTP servers. A specially crafted response from a server could crash the browser and possibly allow an attacker to run arbitrary code. 

More info:  http://code.google.com/p/chromium/issues/detail?id=14508 (This issue will be made public once a majority of users are up to date with the fix.)

Severity: Critical. An attacker might be able to run code with the privileges of the logged on user.

Credit: This issue was found by the Google Chrome security team.

Other issues
This release also fixes two other network issues:
  - NTLM authentication to Squid proxies fails when trying to connect to HTTPS sites (Issue 8771)
  - Browser crash when loading some HTTPS sites (Issue 13226)
  
Mark Larson
Google Chrome Program Manager

Wednesday, June 17, 2009

Dev Channel Update

Google Chrome 3.0.189.0 has been released to the Dev channel for Windows, Mac OS X, and Linux.

Highlights for this release:

  • Lots of crash fixes and code stabilization.
  • All extensions now require signing, all unsigned extensions have been disallowed.
  • Extensions are, at least for the moment, disabled in incognito mode.
  • Fixed a session history bug which prevented proper backward and forward operation for certain sites.


Version Changes:
  • V8 - 1.2.8

The release notes are available as well as a detailed list of all revisions.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry.

Thursday, June 11, 2009

Dev Channel Update: 3.0.187.1

Yesterday's Dev Channel update (3.0.187.0) for Windows had a critical bug which crashes the browser when you use the wrench or page menus.  This release fixes that issue.


If you already have 3.0.187.0 you cannot get to About Google Chrome to force an update.  You have a couple of choices to get the update.

  1. Wait.  If you wait about 5 hours Google Chrome will check for an update and install it for you.
  2. Uninstall Google Chrome and reinstall from http://www.google.com/chrome/eula.html?extra=devchannel
The Mac and Linux builds were not affected by this bug so they are not being updated.

We apologize for the problem and we are making changes to our process to try and avoid issues like this in the future.  The dev channel is always going to be a little risky but we agree that major features like this should not go out broken.

Jonathan Conradt
Engineering Program Manager

Wednesday, June 10, 2009

Dev Channel Update: 3.0.187.0


Note: This release has been stopped. The browser crashes whenever you click on a menu item. We'll be releasing a fix later today. [mal, 11 June 2009]


Google Chrome 3.0.187.0 has been released to the Dev channel for Windows, Mac OS X, and Linux.

Highlights for this release:

  • Linux: Import passwords from Firefox. (Issue: 11191)
  • On Mac use Keychain for passwords. (Issue: 11745)
  • Fix regression where Omnibox would drop characters during rapid typing. (Issue: 13428)
  • The web inspector is now working again. (Issue 13411)
  • Fix browser hang due to plugin deadlock. (Issue: 12624)
  • --enable-user-scripts is working again. (Issue 13290)
  • Clicking an extension toolstrip no longer selects the first tab. (Issue 13547)
  • Extension buttons now show after install (Issue 13609)
  • Increase the maximum number of cookies to 3000. This matches Firefox. (Issue: 8850)
  • When the contents don't have title, use URL for the name of bookmark entry. (Issue: 5965)
  • Move download shelf from per-tab to per-window. (Issue: 9025)
  • Improved support for Squid proxies. (Issue: 8771)
  • Fixes a flash plugin hang on Google Finance ticker symbols in a background tab. (Issue: 12993)


Version Changes:
  • V8 - 1.2.7

The release notes are available as well as a detailed list of all revisions.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.

If you find new issues, please let us know by filing a bug athttp://code.google.com/p/chromium/issues/entry.

Jonathan Conradt
Engineering Program Manager

Tuesday, June 9, 2009

Stable update: 2 WebKit security fixes


Google Chrome's Stable channel has been updated to version 2.0.172.31 to fix two security issues in WebKit.

CVE-2009-1690 Memory corruption
A memory corruption issue exists in WebKit's handling of recursion in certain DOM event handlers. Visiting a maliciously crafted website may lead to a tab crash or arbitrary code execution in the Google Chrome sandbox. This update addresses the issue through improved memory management.

Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.

Mitigations:
  • A victim would need to visit a page under an attacker's control.
  • Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.


CVE-2009-1718 Drag and drop information leak
An issue exists in WebKit's handling of drag events. This may lead to the disclosure of sensitive information when content is dragged over a maliciously crafted web page. This update addresses the issue through improved handling of drag events.

Severity: Medium. An attacker might be able to read data belonging to another web site, if a user can be convinced to select and drag data on an attacker-controlled site.

Mark Larson
Google Chrome Program Manager

Thursday, June 4, 2009

Dev Channel Release

Google Chrome 3.0.183.1 has been released to the Dev channel.

Highlights for this release:
  • Fixed issue where non-media types such as text would display a media player. (Issue: 12777)
  • New Downloads page shows the remaining time left for downloads. (Issue: 9607)
  • Various fixes for right-to-left langugages
  • Multiple crash and usability fixes.

Known Issue:
  • Google Chrome crashes on Windows XP when you click the "Reset to default theme" button (Issue 13075).

Version Changes:
  • V8 - 1.2.6.1

The release notes are available as well as a detailed list of all revisions.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry.

Anthony Laforge
Technical Program Manager