Wednesday, January 12, 2011

Chrome Stable Release

Chrome on stable channel has been updated to 8.0.552.237 for all platforms.  Chrome OS has also been updated, to 8.0.552.334. These releases contain the security fixes listed below.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

We’re delighted to offer our first “elite” $3133.7 Chromium Security Reward to Sergey Glazunov. Critical bugs are harder to come by in Chrome, but Sergey has done it. Sergey also collects a $1337 reward and several other rewards at the same time, so congratulations Sergey!

Also of note is a clarification on our default charity policy. Some researchers are unable to accept rewards, or even provide a suggestion for a charity. In such cases, it feels like a shame to lose a charitable contribution so we will default reward money to the Red Cross.
  • [58053] Medium Browser crash in extensions notification handling. Credit to Eric Roman of the Chromium development community.
  • [$1337] [65764] High Bad pointer handling in node iteration. Credit to Sergey Glazunov.
  • [66334] High Crashes when printing multi-page PDFs. Credit to Google Chrome Security Team (Chris Evans).
  • [$1000] [66560] High Stale pointer with CSS + canvas. Credit to Sergey Glazunov.
  • [$500] [66748] High Stale pointer with CSS + cursors. Credit to Jan Tošovský.
  • [67100] High Use after free in PDF page handling. Credit to Google Chrome Security Team (Chris Evans).
  • [$1000] [67208] High Stack corruption after PDF out-of-memory condition. Credit to Jared Allar of CERT.
  • [$1000] [67303] High Bad memory access with mismatched video frame sizes. Credit to Aki Helin of OUSPG; plus independent discovery by Google Chrome Security Team (SkyLined) and David Warren of CERT.
  • [$500] [67363] High Stale pointer with SVG use element. Credited anonymously; plus indepdent discovery by miaubiz.
  • [$1000] [67393] Medium Uninitialized pointer in the browser triggered by rogue extension. Credit to kuzzcc.
  • [$1000] [68115] High Vorbis decoder buffer overflows. Credit to David Warren of CERT.
  • [$1000] [68170] High Buffer overflow in PDF shading. Credit to Aki Helin of OUSPG.
  • [$1000] [68178] High Bad cast in anchor handling. Credit to Sergey Glazunov.
  • [$1000] [68181] High Bad cast in video handling. Credit to Sergey Glazunov.
  • [$1000] [68439] High Stale rendering node after DOM node removal. Credit to Martin Barbella; plus independent discovery by Google Chrome Security Team (SkyLined).
  • [$3133.7] [68666] Critical Stale pointer in speech handling. Credit to Sergey Glazunov.
Full details about the Chrome changes are available in the SVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Jason Kersey
Google Chrome


Matias said...

Is Sergey making a living out of bug fixing?? lol Congratulation man!

Manish said...

Congratulations Sergey!

Diego_SAG#1 said...

thanks for the fixes :D

cant´t wait for the stable release of chrome 9 xD

William said...

We were long overdue for an update! I thought for sure it was going to be version 9 though! Congrats to Sergey, ballin!!!

Patiently waiting for Chrome 10 stable and crankshaft...just sounds cool/fast!!!! =]

William said...

My CR-48 is at 8.0.552.343 for awhile now...
But your saying it's updated to .334???
This post is a mistake or I'm confused.

gsctt said...

Sergey Glazunov should be hired by Google to join the Google Chrome team.
All users of Google Chrome need him.
Thanks Sergey!

Larry said...

I'm as impressed as everyone, but what "speech handling" does Chrome do?

Brad said...

More security the better :)

nick4fake said...


Ricardo Z. Vendramini said...

Is Sergey making a living out of bug fixing?? lol Congratulation man! [2]

Fussolia said...

I have the same issue as William... What's up with that?

Don Hardaway, Ph.D. said...

It would be nice if Google could provide some communication to the CR-48 testers regarding the a list of bugs they are working on and in what order. I am still wondering when Citrix and being able to print on a network printer will be fixed.

Ben said...

Here you go Don Hardaway:

Ben said...

Chrome OS (Official Build ede4cb9c) beta x86-mario
Google Chrome 8.0.552.344

I've heard that if you are in developer mode you have to flip the switch back for it to update.
Hope that helps.

Schmaltz Herring said...

Thank you Google for making such a good browser.

John said...

Now add a file manager for cameras, usb sticks and etc.

KiKiM said...

Sergey is a russian name, congrats
russia is ruling! yeah!!!!

Aleksander said...

The only thing that stops me from switching to Chrome is password sync. Please take this into consideration when releasing the next version! Include it! ;-)

Shimon said...

Where is my Chrome 9?!

Sim said...

in this release very often disappear checkboxes and arrows on scrollbars

Martin Bartlett said...

Sergey's getting RICH!! :-)

Pallieter Koopmans said...

For the default donation maybe the Foundation should be used?

Lindblum said...

Thanks for keeping up the good work. Where can I go to ask about the state of development of vertical tabs (side tabs)? It's there, but it feels incomplete. I'm hoping to see an experience comparable to Firefox's TabKit addon, where you can resize the tab column, and switch tabs by rolling the scroll button while over the tabs (Try it once, you'll love it! It's time-saving). Maybe even style the tabs to look similar to the default (horizontal) tabs. Thank you.

Thomas said...

I think there may be an issue with form submission on 8.0.552.237.

I am using on Ubuntu Linux, and since the last update am having problems logging into some web pages, where there is a username/password form.

Chrome appears not to do anything when I click logon, or press enter, though the same form works fine in firefox.

It is difficult to show a reproduction though, since the two or three times I have produced it, it's been on company servers (on groundwork logon screen, and oracle application server control).

Has any behaviour around that changed in 8.0.552.237?