Google Chrome 4.1.249.1059 has been released to the Stable channel on Windows.
This release fixes the following security issues:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
- [$500] [39443] High Type confusion error with forms. Credit: kuzzcc.
- [39698] High HTTP request error leading to possible XSRF. Credit: Meder Kydyraliev, Google Security Team.
- [40136] Medium Local file reference through developer tools. Credit: Robert Swiecki, Google Security Team; Tavis Ormandy, Google Security Team.
- [40137] Medium Cross-site scripting in chrome://net-internals. Credit: Robert Swiecki, Google Security Team; Tavis Ormandy, Google Security Team.
- [40138] High Cross-site scripting in chrome://downloads. Credit: Robert Swiecki, Google Security Team; Tavis Ormandy, Google Security Team.
- [40575] Medium Pages might load with privileges of the New Tab page.
- [$500] [40635] High Memory corruption in V8 bindings. Credit: kuzzcc; Google Chrome Security Team (SkyLined); Michal Zalewski, Google Security Team.
If you find issues, please let us know: http://code.google.com/p/chromium/issues/entry
--Mark Larson, Google Chrome Team
31 comments:
Lately lot of security fixes in Chrome :(
is there a beta release today?
Hmmm...
Robert Swiecki for president. Keep up the good work! (and the other developers, please drink more coffee)
@joesixgig: +1, I'm voting for Robert :) @Manish: well we could always leave them unfixed if you prefer :P More seriously, the good news is that many of them are being found by internal audits, and it remains very rare for Chromium to take a "Critical" bug. Also note that the Chromium Security Reward program is going very well and resulting in a slight increase in vulnerability load.
Where we can find the download link
Are these fixes included in dev release?
@Chris: I did not mean that :(. I really like the security model of Chrome, just that I was wishing for a release which has more new features (like bug 19, 266)..
Google Wave does not work with this release, no one else has the same problem?
Same old "Error 3: Update server unavailable" when checking the version. Thx.
Where we can find the download link???
Sorry for the slightly off-track question: When is a stable build for Linux expected? Why is it taking so long?
Google Wave doesn't seem to be working...
Rajesh: The first stable version for Linux and Mac is supposed to be Google Chrome 5, but there's a number of features planned for that release, so Linux users will still have to wait a while longer.
According to the Chromium Development Calendar (at http://www.chromium.org/developers/calendar ), the stable release date is yet to be decided upon.
But that Chromium is apparently going code complete on April 30, is a good sign. :) As a non-Googler guess from me, I'd say it may go stable sometime this summer? Maybe June? *shrug* But the Betas have pretty good quality these days too.
@Jug: Thank you very much for the very patient explanation! :)
@Mike and Mary Jones: Google Wave is not working for me too.
history management is really bad. not easy to del management
This release experience with javascript performance degradation (Sunspider benchmark 40%)
Chrome does not want to update to version 4.1.249.1059. Currently in version 4.1.249.1045, he said he is up to date?!
From omahaproxy.appspot.com:
> win,stable,4.1.249.1045,4.1.249.1059
The order should be reversed.
Currently I can't update to 4.1.249.1059 from 249.1045.
crashing on me like a mofokuku! It's like open a Google Chrome instance, surf opening a few tabs, then what: has CRASHED! do u want to restart? Start again, only to crash again--LIKE PRACTICALLY RIGHT AWAY AS I *JUST* REstarted IT--LIKE, WHAT, 15 seconds ago (YES, SECONDS, PEOPLE--NOT EXAGGERATING TOO MUCH, AT ALL)!!! WTF? YES, *THAT* FREQUENT!!!!!!! I think I'm giving up Google Chrome! THIS IS NONSENSE B.S.!! GOOGLE, I think u r rushing (to dominance) so dropping ball on QC!!
using 4.1.249.1059 released 042010 T! And STABLE version too! THIS HAPPENING FOR U GUYS TOO??????????????????
WTF, GOOGLE, U SUX!
Google Wave is working for me today in this release. I guess it was an error in Wave, that has been fixed now.
@thinkNsidedabunNOToutsidedabox: I have not had any crashes. And I usually have 8-15 tabs open simultaneously.
i have crash
i got crash in google chrpme
More than any other browser
WHY ???
oh gosh! thanks about the bookmarks bar shortcut..
now it's on track! ;)
keep up the good work..
Downloaded latest version to try to correct issue but Kapersky still finds the vulnerability in Chrome and also something in Java which I have also updated. What else can I do?
My Windows 7 updated, but my XP laptop stays at 1045 and reports to by uptodate. What might be my problem?
Its very interesting and very informative and i really like your approach.
I found this bug after upgrading to this version. On some sites, clicking the middle mouse button leads to the discovery of links, rather than a new tab on this link.
I can't get this version.
Chrome says : 4.1.249.1045 is uptodate.
I concur, my Google Chrome will still not update to the latest Stable version despite it being one week old. I'm running Vista.
@Chris- Its already more than 10 days that 4.1.249.1059 was released, but the bugs are still marked private. Any idea, by when they will be made public? I would assume that by now the latest update must be pushed to majority of users... Is that not the case?
my Chrome on XP jumped up directly to 1064 without 1059
Post a Comment