Monday, August 31, 2009

Dev Channel Update: Updates for Snow Leopard


The dev channel has been updated with a new release for Mac OS X.  This release includes bug fixes and some improved compatibility with Snow Leopard.  This release is only slightly different than the 4.0.203.2 release so please refer to that release for more information. 

Version: 4.0.203.4

Changes specific to Mac OS X:

More details about additional changes are available in the svn log of all revisions.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry.

Jonathan Conradt
Engineering Program Manager

Friday, August 28, 2009

Dev Channel Update: Linux true 64 bit, Crash and Bug Fixes

The dev channels for Windows and Linux have been updated to 4.0.203.2.

  • All Platforms
    • [r23666r23790r23988] Fix some hangs/crashes. (Issue: 165121687118217185211971019860)
    • [r23668] Fix hang with video and audio tags. (Issue: 19276)
    • [r23670] When SafeBrowsing alerts for a page, don't allow that page to redirect until after the user has dealt with the alert. (Issue: 6442)
    • [r23754r23937] Prevent time/slider from jumping around during and after seeking in video and audio tag content. (Issue: 19396)
    • [r23859] Reduce Omnibox flicker. (Issue: 18369)
    • [r23965] Unicode text could sometimes produce garbled Omnibox dropdown entries. (Issue: 5490)
    • [r23967] Fix problems with plugin z-order. (Issue: 15840)
    • [r24033] Fix a crash on Windows and Linux. (Issue: 17569)
    • [r24151] Fix regression (since Chrome 2.0.172.1) where some gzipped files (e.g. script) were not unzipped before evaluation, making them unusable. (Issue: 16430)
    • [r24170] Faster startup with custom themes. (Issue: 18768)
    • [r24179] Graphical errors with some themes. (Issue: 20139)
    • [r24189] Problems with video/audio tag playback and looping at rates other than 1.0. (Issues: 1985619105)
    • [r24192] Properly align cursors used for middle-mouse-autoscroll with the original click location. (Issue: 6173)
  • Windows
    • [r23915] During uninstall, if Chrome was the default browser, prompt user to choose a new default. (Issue: 14023)
    • [r23849] Fix clicking/noise when playing video/audio tag content with 48 or 96 kHz audio. (Issue: 17940)
    • [r24198] Remove "Clear browsing data" and "Import bookmarks & settings" from Tools menu since they are now available in the Options. (Issue: 20137)
  • Linux
  • Extensions
    • [r23675] Fix some issues around re-enabling disabled extensions. (Issue: 12140)
    • [r23676] Async extension callbacks now always fire and set chrome.extension.lastError on error. (Issue: 17381)
    • [r23739] Beginnings of localization support. (Issue: 12131)
    • [r24223] Unconditionally enable HTML5 Database and Local Storage support for chrome-extension:// pages. (Issue: 19511)
    • [r24231] Crash fix. (Issue: 15888)
  • Known Issues
    • WebInspector's Elements Panel is blank for some sites. (Issue: 19850)
    • Control key misbehaves in omnibox on Linux (Issue: 20166)
    • Chrome for Linux not fully themed with GTK+ theming.
    • Moving a tab in Chrome 64 bit for Linux always detaches the tab.  (Issue 20513


More details about additional changes are available in the svn log of all revisions.


You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry.

Jonathan Conradt
Engineering Program Manager

Thursday, August 27, 2009

Beta Channel Update


The Windows Beta channel has been updated to 3.0.195.10.

In addition to stability fixes, this release contains updates for the New Tab page, the omnibox, and themes support.

You can install the current Beta channel release from
http://www.google.com/intl/en/landing/chrome/beta/.

Known Issues:
  • There is a known issue, 20452, that the themes gallery does not recognize the new version of Google Chrome. This issue is purely aesthetic and does not affect a user's ability to install themes from the gallery.

Anthony Laforge
Google Chrome Program Manager

Tuesday, August 25, 2009

Stable Update: Security fixes


Google Chrome 2.0.172.43 has been released to the Stable channel to fix the security issues listed below.

CVE-2009-2935 Unauthorized memory read from Javascript

A flaw in the V8 Javascript engine might allow specially-crafted Javascript on a web page to read unauthorized memory, bypassing security checks. It is possible that this could lead to disclosing unauthorized data to an attacker or allow an attacker to run arbitrary code.

More infohttp://code.google.com/p/chromium/issues/detail?id=18639 (This issue will be made public once a majority of users are up to date with the fix.)

SeverityHigh.  An attacker might be able to run arbitrary code within the Google Chrome sandbox.

Credit: This issue was found by Mozilla Security.

Mitigations:
  • A victim would need to visit a page under an attacker's control.
  • Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.

Security Fix: Treat weak signatures as invalid


Google Chrome no longer connects to HTTPS (SSL) sites whose certificates are signed using MD2 or MD4 hashing algorithms. These algorithms are considered weak and might allow an attacker to spoof an invalid site as a valid HTTPS site. 

More infohttp://code.google.com/p/chromium/issues/detail?id=18725 (This issue will be made public once a majority of users are up to date with the fix.)

Severity: Medium Further advances in attacks against weak hashing algorithms may eventually permit attacks to forge certificates.

Credit:  Dan Kaminsky, Director of Penetration Testing, IOActive Inc., Meredith Patterson and Len Sassaman. See their paper at http://www.ioactive.com/pdfs/PKILayerCake.pdf


CVE-2009-2414  Stack consumption vulnerability in libxml2


Pages using XML can cause a Google Chrome tab process to crash. A malicious XML payload may be able to trigger a use-after-free condition. Other tabs are unaffected.

More info: See the CVE entries noted in this report.

SeverityHigh An attacker might be able to run arbitrary code within the Google Chrome sandbox.

Credit: Original discovery by Rauli Kaksonen and Jukka Taimisto from the CROSS project at Codenomicon Ltd. The Google Chrome security team determined that Chrome was affected.

Mitigations:
  • A victim would need to visit a page under an attacker's control.
  • Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.
Jonathan Conradt
Engineering Program Manager

Wednesday, August 19, 2009

Dev Channel Update

Update: Linux has been updated to 4.0.202.2


The Windows and Mac Dev channels have been updated to 4.0.202.0.


More details about additional changes are available in the svn log of all revisions.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry.

Anthony Laforge
Google Chrome Program Manager


Monday, August 17, 2009

Dev Channel Update

The Windows Dev channel has been updated to 4.0.201.1.

This release contains all the fixes and changes from 3.0.197.11, plus one additional change: we've added bookmark synchronization!

To start using the feature, start Chrome with the "--enable-sync" flag, and go to "Wrench"->"Sync my bookmarks..."

For more details about bookmark synchronization go to:
http://blog.chromium.org/

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry.

Anthony Laforge
Google Chrome Program Manager

Wednesday, August 12, 2009

Dev Channel Update: Bug Fixes and Locales


This release is for Mac and Linux and it includes a number of bug fixes:

Both:
  • (Bug 18427Make New Tab Page load faster with custom themes [r22462].
  • (Bug 18160) Ensure downloads really stop when a user cancels [r22557].
  • (Bug 13649, Bug 18456) Don't show themes in chrome://extensions/, since that page doesn't work well with them [r22578].
  • (Bug 18480) Theme the New Tab Page in incognito mode too [r22613].
  • (Bug 15247) Add a way to restore blacklisted thumbnails on the New Tab Page [r22704].
  • (Bug 18093) App mode and popup windows should not be themed [r22783].

Mac:
  • Flash gets mouse and key events so you can pause/play video.
  • (Bug 13203) Forward/backward buttons now have history dropdown menus.
  • (Bug 18353) Arrow keys work again.

Linux:
  • (Bug 14790Now supporting 50 locales.
  • Support downloading large files (greater than 2GB) [r22670].

Known Issues:
  • (Mac Bug 12030) Quicktime and other plugins no longer load since they are not yet supported.
More details about additional changes are available in the svn log of all revisions.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry.

Jonathan Conradt
Engineering Program Manager


Friday, August 7, 2009

Dev Channel Update: Fixes and Plugins


3.0.197.x has been released to the dev channel with the following changes:

Windows / All Builds  (3.0.197.11)
  • Crash fixes
  • Bug 2993: Fix tabs getting "stuck" to your mouse and dragged out when under system load [r22024].
  • Bug 60: Make downloads removable from download shelf and download list [r22138].
  • Bug 17697: Properly unescape past searches in the Omnibox dropdown [r22167].
  • Bug 3641: Setting Chrome as default browser on multiple accounts in Vista should work [r22282].
  • Tweaks for new New Tab Page [r22316], [r22320], [r22337], [r22388], [r22428].
  • Bug 8037: Use jumplists on Windows 7 [r22375].
  • Bug 998518271: Fixes for proxy users [r22430].
  • Rich text editors can now remove <s>, <u> and <strike> tags [Webkit r46286].

Linux  (3.0.197.11)
  • Default to showing the custom Chrome frame for most users [r22193].
  • Bug 15952: Use Linux native-looking title bar buttons. 
  • Many plugin fixes; fewer crashes [r21992], [r22037], [r22083] and Gmail no longer hangs [r22165].
  • GTK theme mode no longer fails to display the back button on recent Linux distros [r22242].
  • GTK themed location bar now matches theme text color (fix for dark themes) [r22018].
  • Match GTK's font hinting settings [r22411].

Mac  (3.0.197.12)
  • Bug 17555: Fix for a particularly common crash on Mac.
  • Bug 11952: Support input method editors (IMEs).
  • Enabled plugin support by default [r22209].

Extensions

  • Bugs 18140 and 18472: Fix for crashes. 
  • Added a mole expand/collapse API, callable from a toolstrip [r22382].
  • Fix a bug where content scripts that are supposed to match all pages don't match hosts that are IP addresses [r22260].
  • Delay loading of toolstrips until the background page is ready [r22302].
  • First cut at the final extension installation prompt on Windows [r22368].
  • Experimental support for Databases and DOM Storage when extensions are enabled [r22452 and r22407].
  • Beginnings of extension shelf for linux [r22439].
Known issues:
  • (Mac) Flash can use a lot of CPU.
  • (Mac) Bug 18203:  Mouse clicks on Flash content often doesn't work. (Try middle-click as a workaround.)
  • (Mac) Bug 18666: Page Up/Down and Cursor Up/Down no longer scroll page content.
More details about additional changes are available in the svn log of all revisions.



You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry.


Jonathan Conradt
Engineering Program Manager