The Google Chrome team is happy to announce the release of Chrome 12 to the Stable Channel for all platforms. Chrome 12.0.742.91 includes a number of new features and updates, including:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
We’d also like to call particular attention to Sergey Glazunov’s $3133.7 reward. Although the linked bug is not of critical severity, it was accompanied by a beautiful chain of lesser severity bugs which demonstrated critical impact. It deserves a more detailed write-up at a later date.
You can find out more about Chrome 12 at the official Chrome Blog. The full list of changes is available in the SVN revision logs (Trunk, Branch). Interested in switching to the Stable channel? Find out how. If you find a new issue, please let us know by filing a bug.
Jason Kersey
- Hardware accelerated 3D CSS
- New Safe Browsing protection against downloading malicious files
- Ability to delete Flash cookies from inside Chrome
- Launch Apps by name from the Omnibox
- Integrated Sync into new settings pages
- Improved screen reader support
- New warning when hitting Command-Q on Mac
- Removal of Google Gears
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
- [$2000] [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues in float handling. Credit to miaubiz.
- [75496] Medium CVE-2011-1809: Use-after-free in accessibility support. Credit to Google Chrome Security Team (SkyLined).
- [75643] Low CVE-2011-1810: Visit history information leak in CSS. Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability Research (MSVR).
- [76034] Low CVE-2011-1811: Browser crash with lots of form submissions. Credit to “DimitrisV22”.
- [$1337] [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to kuzzcc.
- [78516] High CVE-2011-1813: Stale pointer in extension framework. Credit to Google Chrome Security Team (Inferno).
- [79362] Medium CVE-2011-1814: Read from uninitialized pointer. Credit to Eric Roman of the Chromium development community.
- [79862] Low CVE-2011-1815: Extension script injection into new tab page. Credit to kuzzcc.
- [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit to kuzzcc.
- [$500] [81916] Medium CVE-2011-1817: Browser memory corruption in history deletion. Credit to Collin Payne.
- [$1000] [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to miaubiz.
- [$1000] [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages. Credit to Vladislavas Jarmalis, plus subsequent independent discovery by Sergey Glazunov.
- [$3133.7] [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey Glazunov.
- [$1000] [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey Glazunov.
We’d also like to call particular attention to Sergey Glazunov’s $3133.7 reward. Although the linked bug is not of critical severity, it was accompanied by a beautiful chain of lesser severity bugs which demonstrated critical impact. It deserves a more detailed write-up at a later date.
You can find out more about Chrome 12 at the official Chrome Blog. The full list of changes is available in the SVN revision logs (Trunk, Branch). Interested in switching to the Stable channel? Find out how. If you find a new issue, please let us know by filing a bug.
Jason Kersey
Google Chrome
39 comments:
guys you are amazing, chrome versions are updated very fast ,always new features or vulnerabilities fixes..Amazingggggggggggg :D.I LOVE CHROME
great update glad to see it =]
I am glad to see Google chrome 12 in the stable version
You're kidding me!
I trusted and used to work with my Gmail offline until today, before this AUTOMATIC update release broke everything. How can I solve my problem, if I don't have another browser installed?
Saved Passwords protection please!!!!
You forgot to add the tab suspension points when the text is too long... they don't show anymore... you always let stupid bugs like these get by...
i don't know it a bug or not...
But, when i open facebook and scroll it down, the status in down will same with in up..
sory for my english so bad.. i hope you understand..
hardware acceleration is not working for me. nvidia gts 250, latest version driver and still not working. ideas how can i fix this ?
Great. Is there some manual explaining how we can run the apps from the omnibox? Does it already work for normal apps or is it just an option for developers? Tx, LM
"->beautiful<- chain of lesser severity bugs"? You guys are hilarious! Also, that was one quick last beta o-o .
The standalone installer fails during installation
Oh, I am silly. Of course that it is the Google Apps that may be run from the omnibox. It works...
Chrome 12.0.742.91 bug - Extension/Developer Tools
I upgraded to Chrome 12.0.742.91 this morning. Found the following bug in Developer Tools:
- Right-click on my extension's icon (the extensions is in development, not GA yet),
- choose "Inspect Popup"
- Resources
- Local Storage does not show the entry for my extension ID. However, when I hit F5, the Developer Tools window refreshes, and the entry shows.
thanks
very nice updates! But could you please make password protection like in IE? I don't feel safe that my login, cookie, history etc can easily be seen at ease.
i don't know whether this is a bug or was intentionally change but the tab title doesn't fade at the beginning of it, only at the end...
Sergey Glazunov is the man!
Protection for saved passwords please!
noooooooo did you take away the improved omnibar search option that was available in about:flags? i miss that so much :(
Sergey Glazunov is getting rich from Google... every big stable channel update, he is rewarded with > 1000$
Chrome? sure thing! What else? The most easy browser ever and forever!
Content script injection by extensions into into New Tab didn't seem all that bad of a bug to have and should have been converted to a feature.
Being able to add small dashboard, or an additional divider (apps, most visited, recently closed) to update users on their extensions would have been a nice balance then forcing them to decide on committing to a completely new override page.
Since the 12.0.742.91 we have problem on our Intranet website.
For a reason we dont know, some page long to long are not showing all the information but, all the HTML code is in the code source.
Some have this problem ?
Hopefully this version will be able to find google.com LOL My last version often couldn't.
Please don't use the term "flash cookies". Flash's local storage is equivalent to HTML5's local storage, not equivalent to cookies.
Still when I open chrome at times, it says it can't find google.com When I reload it it comes right up.
why gmail offline is broken ?
so many bugs in this version... rushing on releasing a new version is no use if it comes with many bugs. f*ck it !!! on youtube pages the loading icon keeps showing the page is loading forever, ui bugs... sometimes it tells me that website is not existing, after i reload the site, boom, the site is back. i want to use chrome, but chrome doesen't wan't me.
"sometimes it tells me that website is not existing, after i reload the site, boom, the site is back."
This has happened to me lately too.
I thought it was my connection. Is Chrome the problem here?
I need the web address of the standalone installer of Google Chrome
I'm getting an error when I click on the security fix links. Are they supposed to work?
And another questions: looks like the debugging messages format changed; where could I find documentation about those changes?
For those who asked for the link to download the standalone installer
http://www.google.com/chrome/eula.html?standalone=1
@Francisco R.
Yep, Chrome is the problem.
Good stuff, keep it up guys!
Thanks
Antonio
When will Chrome support Tab Stacking?
Right now, Tab Stacking is the most wanted feature, at least for me :)
Keep up the good work. Chrome rules!
Tab Stacking info here:
http://www.google.com/support/forum/p/Chrome/thread?tid=4cb099dc3eadecb4&hl=en
Google Gears removed? I am so sad! Myself and my friends are big fans and users of Google Wave and all its features. The Google Gears support in it was great, very convenient and fast.
Keep receiving - 'Oops! Google Chrome could not connect to' on sites that always loaded without problems before the update.
videos suckz in chrome for 2-3 weeks.so i decided to use opera after 1 year. if it ll go on like that i think most of people will change their browsers like me.
why does google chrome update automaticly when new version is out
Wow nice job Sergey zD
Post a Comment