Wednesday, April 27, 2011

Chrome Stable Update

The Google Chrome team is happy to announce the arrival of Chrome 11.0.696.57 to the Stable Channel for Windows, Mac, Linux, and Chrome Frame.  Chrome 11 contains some really great improvements including speech input through HTML.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

We’re pleased to associate a record $16,500 of rewards with this patch.

  • [61502] High CVE-2011-1303: Stale pointer in floating object handling. Credit to Scott Hess of the Chromium development community and Martin Barbella.
  • [70538] Low CVE-2011-1304: Pop-up block bypass via plug-ins. Credit to Chamal De Silva.
  • [Linux / Mac only] [70589] Medium CVE-2011-1305: Linked-list race in database handling. Credit to Kostya Serebryany of the Chromium development community.
  • [$500] [71586] Medium CVE-2011-1434: Lack of thread safety in MIME handling. Credit to Aki Helin.
  • [72523] Medium CVE-2011-1435: Bad extension with ‘tabs’ permission can capture local files. Credit to Cole Snodgrass.
  • [Linux only] [72910] Low CVE-2011-1436: Possible browser crash due to bad interaction with X. Credit to miaubiz.
  • [$1000] [73526] High CVE-2011-1437: Integer overflows in float rendering. Credit to miaubiz.
  • [$1000] [74653] High CVE-2011-1438: Same origin policy violation with blobs. Credit to kuzzcc.
  • [Linux only] [74763] High CVE-2011-1439: Prevent interference between renderer processes. Credit to Julien Tinnes of the Google Security Team.
  • [$1000] [75186] High CVE-2011-1440: Use-after-free with <ruby> tag and CSS. Credit to Jose A. Vazquez.
  • [$500] [75347] High CVE-2011-1441: Bad cast with floating select lists. Credit to Michael Griffiths.
  • [$1000] [75801] High CVE-2011-1442: Corrupt node trees with mutation events. Credit to Sergey Glazunov and wushi of team 509.
  • [$1000] [76001] High CVE-2011-1443: Stale pointers in layering code. Credit to Martin Barbella.
  • [$500] [Linux only] [76542] High CVE-2011-1444: Race condition in sandbox launcher. Credit to Dan Rosenberg.
  • [76646] Medium CVE-2011-1445: Out-of-bounds read in SVG. Credit to wushi of team509.
  • [$3000] [76666] [77507] [78031] High CVE-2011-1446: Possible URL bar spoofs with navigation errors and interrupted loads. Credit to kuzzcc.
  • [$1000] [76966] High CVE-2011-1447: Stale pointer in drop-down list handling. Credit to miaubiz.
  • [$1000] [77130] High CVE-2011-1448: Stale pointer in height calculations. Credit to wushi of team509.
  • [$1000] [77346] High CVE-2011-1449: Use-after-free in WebSockets. Credit to Marek Majkowski.
  • [77349] Low CVE-2011-1450: Dangling pointers in file dialogs. Credit to kuzzcc.
  • [$2000] [77463] High CVE-2011-1451: Dangling pointers in DOM id map. Credit to Sergey Glazunov.
  • [$500] [77786] Medium CVE-2011-1452: URL bar spoof with redirect and manual reload. Credit to Jordi Chancel.
  • [$1500] [79199] High CVE-2011-1454: Use-after-free in DOM id handling. Credit to Sergey Glazunov.
  • [79361] Medium CVE-2011-1455: Out-of-bounds read with multipart-encoded PDF. Credit to Eric Roman of the Chromium development community.
  • [79364] High CVE-2011-1456: Stale pointers with PDF forms. Credit to Eric Roman of the Chromium development community.
We would also like to thank miaubiz, kuzzcc, Sławomir Błażek, Drew Yao and Braden Thomas of Apple Product Security and Christian Holler for working with us during the development cycle and helping prevent bugs from ever reaching the stable channel.

More on what's new at the Official Chrome Blog.  You can find full details about the changes that are in Chrome 11 in the SVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Karen Grunberg
Google Chrome


solcroft said...

Okay, WHY is issue 78787 not fixed?

Evilcat said...


Schitso said...
This comment has been removed by the author.
solcroft said...

There's a trivial reason it was marked as Mstone-12, which I won't bother explaining here. The patch to fix the regression already exists, I just want to know why it didn't get merged into the stable branch. If you're not in the position to answer (i.e. not a member of the Chrome team), I appreciate your attempt to contribute, but please do refrain from posting useless replies.

mlb said...

Does this release sandbox flash on the Mac? I was under the impression that sandboxing of flash in Chrome was previously Windows only.

Michael said...

The new Chrome icon design doesn't show up in Chrome's icon on Windows. Why is this? I've filed the bug, because it occasionally switches to the new design if you right-click the icon in the task bar. Just wondering if anyone knows why this is?

jasonvaritekfan said...

@Michael: Have you tried logging out of Windows?

I'm on the beta channel, but when it updated to Chrome 11 I had to logout of Windows so that the new Chrome icon changed.

Rafael said...

Hello Michael to change the icon of the new version of Google Chrome had to remove Google Chrome from the computer altogether to add or remove programs. Then reinstall it by downloading Google Chrome from another browser. Hope that helps.

Jonathan said...

Just updated to chrome 11 and site is not working - there should be a menu on top of the page but its not showing....

Petko said...

Yep, the Google Chrome's icon gets updated once you restart or log off.

Why does it say 'unknown' right after the version number in the 'About Google Chrome' window?

kpoz said...

I still receive "Chrome update server not available (Error 11)" on my Mac, and nobody at Google has addressed the error in any forum online.

RG said...

At my Chrome it is also saying 'unknown' right after the version number in the 'About Google Chrome' window

Eli James said...

I'm just chipping in here to say: bravo, I really appreciate the good work you guys are doing!

Gabi said...

no hardware acceleration ? sad...

Jonathan said...

I have fixed the site display issue - restarting pc and chrome had no effect but closing chrome and clearing cache fixed the issue...

Mesca Vlad said...

my new chrome 11 is slower then 10 :(

Manish said...

@Karen: Nice to see Chrome 11 update. Could someone please elaborate on the features/improvements?

Cody said...

(1) "unknown" in about dialog box
(2) Uninstall/ Reinstall to update icon
(3) White ring in new icon should be smoother.

Incorporate Extensions, History, and About into tabbed Settings.

Demian said...

I would like to put a mute button on the tab that is emitting sound, that is, when playing a flash or html sound, it then appears a speaker, and there can mute, since I have many tabs open that are not which sounds most of the time.

Gabi said...


Victor said...

Very nice release, kudos!

David said...

I hope this fixed the flickering of EVERY single flash object.

JPG Printing said...

Looks stable

Vincenzo said...

[message written with google translate]
I tried to update Chrome on Windows 7 (32), but I've got a blue screen (BSoD). I tried to disable my Antivirus: Avira AntiVir Premium, but I could not update (always the BSoD). In the end I uninstalled completely Avira AntiVir Premium and I've been able to install google chrome 11.

In short: To install Chrome 11 I uninstalled Avira Antivir Premium

More information about the Windows 7 provided by [Italian language]:
Firma problema:
Nome evento problema: BlueScreen
Versione SO: 6.1.7601.
ID impostazioni locali: 1040

Ulteriori informazioni sul problema:
BCCode: 1000008e
BCP1: C0000005
BCP2: 8293C985
BCP3: 9493F830
BCP4: 00000000
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1

File che contribuiscono alla descrizione del problema:

Leggere l'informativa sulla privacy online:

Se l'informativa sulla privacy online non è disponibile, leggere quella offline:

Per Bylund said...

I still hope to see a 64-bit Windows version. Soon. What's the point of 64-bit OS if the browser (which is quickly becoming the one-and-only application in most tasks, online or not) is only 32-bit?

The MAZZTer said...

@solcroft Fix was only committed two weeks ago; not sure when the code freeze for 11 was but the fix might have missed it, and it's only a minor visual glitch and so not critical to get into 11 right away.

You are welcome to download the source code, merge in the fix yourself, and compile your own binaries for your own use.

Kurtextrem said...

Sergey is getting rich cause of google xD

mamozzi said...

The new icon is really...UGLY!!! And, also, match the style of all'other Mac icons less than the previous.

Schmaltz Herring said...

Please tell whoever decided to change the old icon he's a douche.

Victor said...

I find after this update I am unable to tab to other boxes in a form.

Himbleton said...

I'm having major problems viewing my site (via google sites) in this version of Chrome ~ embedded gadgets either custom or from the library created using the google API just don't work.

No issues view the site or embedded gadgets from Explorer or Firefox.

I would have expected Chrome / google sites etc. to be been glued and tested.

Hoping for a fix soon

S said...
This comment has been removed by the author.