Tuesday, August 2, 2011

Stable Channel Update


The Google Chrome team is pleased to announce the arrival of Chrome 13.0.782.107 to the Stable Channel for Windows, Mac, Linux, and Chrome Frame.  Spanning 5200+ revisions, Chrome 13 contains some exciting new features like Instant Pages prerendering technology. To find out about other new features, check out the Official Chrome Blog.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

  • [75821] Medium CVE-2011-2358: Always confirm an extension install via a browser dialog. Credit to Sergey Glazunov.
  • [$1000 each] [78841] High CVE-2011-2359: Stale pointer due to bad line box tracking in rendering. Credit to miaubiz and Martin Barbella.
  • [79266] Low CVE-2011-2360: Potential bypass of dangerous file prompt. Credit to kuzzcc.
  • [79426] Low CVE-2011-2361: Improve designation of strings in the basic auth dialog. Credit to kuzzcc.
  • [Linux only] [81307] Medium CVE-2011-2782: File permissions error with drag and drop. Credit to Evan Martin of the Chromium development community.
  • [83273] Medium CVE-2011-2783: Always confirm a developer mode NPAPI extension install via a browser dialog. Credit to Sergey Glazunov.
  • [83841] Low CVE-2011-2784: Local file path disclosure via GL program log. Credit to kuzzcc.
  • [84402] Low CVE-2011-2785: Sanitize the homepage URL in extensions. Credit to kuzzcc.
  • [84600] Low CVE-2011-2786: Make sure the speech input bubble is always on-screen. Credit to Olli Pettay of Mozilla.
  • [84805] Medium CVE-2011-2787: Browser crash due to GPU lock re-entrancy issue. Credit to kuzzcc.
  • [85559] Low CVE-2011-2788: Buffer overflow in inspector serialization. Credit to Mikołaj Małecki.
  • [$500 each] [85808] Medium CVE-2011-2789: Use after free in Pepper plug-in instantiation. Credit to Mario Gomes and kuzzcc.
  • [$1000] [86502] High CVE-2011-2790: Use-after-free with floating styles. Credit to miaubiz.
  • [$1000] [86900] High CVE-2011-2791: Out-of-bounds write in ICU. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
  • [$1000] [87148] High CVE-2011-2792: Use-after-free with float removal. Credit to miaubiz.
  • [$1000] [87227] High CVE-2011-2793: Use-after-free in media selectors. Credit to miaubiz.
  • [$500] [87298] Medium CVE-2011-2794: Out-of-bounds read in text iteration. Credit to miaubiz.
  • [$500] [87339] Medium CVE-2011-2795: Cross-frame function leak. Credit to Shih Wei-Long.
  • [87548] High CVE-2011-2796: Use-after-free in Skia. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community.
  • [$1000] [87729] High CVE-2011-2797: Use-after-free in resource caching. Credit to miaubiz.
  • [87815] Low CVE-2011-2798: Prevent a couple of internal schemes from being web accessible. Credit to sirdarckcat of the Google Security Team.
  • [$1000] [87925] High CVE-2011-2799: Use-after-free in HTML range handling. Credit to miaubiz.
  • [$500] [88337] Medium CVE-2011-2800: Leak of client-side redirect target. Credit to Juho Nurminen.
  • [$1000] [88591] High CVE-2011-2802: v8 crash with const lookups. Credit to Christian Holler.
  • [88827] Medium CVE-2011-2803: Out-of-bounds read in Skia paths. Credit to Google Chrome Security Team (Inferno).
  • [$1000] [88846] High CVE-2011-2801: Use-after-free in frame loader. Credit to miaubiz.
  • [$1000] [88889] High CVE-2011-2818: Use-after-free in display box rendering. Credit to Martin Barbella.
  • [$500] [89142] High CVE-2011-2804: PDF crash with nested functions. Credit to Aki Helin of OUSPG.
  • [$1500] [89520] High CVE-2011-2805: Cross-origin script injection. Credit to Sergey Glazunov.
  • [$1500] [90222] High CVE-2011-2819: Cross-origin violation in base URI handling. Credit to Sergey Glazunov.

In addition, we would like to thank David Levin, Kostya Serebryany, John Abd-El-Malek and Darin Fisher of the Chromium development community, “daduck10” and Collin Payne for working with us in the development cycle and preventing bugs from ever reaching the stable channel. Various rewards were issued.

Thanks again to all the security researchers we work with. There are $17,000 of rewards in this patch, which is possibly the best haul yet.


You can find full details about the changes that are in Chrome 13 in the SVN revision log. If you find new issues, please let us know by filing a bug. Want to change to another Chrome release channel? Find out how.

Anthony Laforge
Google Chrome

46 comments:

Rafael said...

Finally after much delay waiting for Google officially launches the stable version of Chrome aeeee 13.

Liverpool21 said...

Glad to have it arrive :)

Also glad they took the extra time to fix what was alot of Bugs :)

Thanks

P-A said...

w00t !!!!111211!!!

msi2 said...

When a tab is loading a page and you quickly open another tab, there is an error massage that is been displayed.

Cody said...

Why is there an "m" in the version number?

13.0.782.107 m
Windows

Pascal said...

@cody: multiple

JK said...

Now we can look forward to the same idiots complaining about Stable 13 taking too long to come on the Canary channel and demand immediate release of Stable 14.

joesixgig said...

Does anyone know of a good way to downgrade from Dev 14 to Stable 13 while keeping custom searches and other settings? Does 13 stable have profile sync already?

EnmanuelTavarez said...

what about compact navigation? is implement in this version?

Rafael said...

Something about the compact navigation? I wonder if it will be implemented in this version or future versions and will work with the instant and the instant search page.

joesixgig said...

Compact navigation can be enabled in the flags (see about:flags), somewhere near the end of the list. The implementation has been canceled though, so be prepared for the flag to disappear one or two versions down the line.

Rafael said...

So to say that Google has abandoned the model of the compact version of Google Chrome? I clicked on about: flags'm getting more use it has some bugs. I wonder if they will fix this and implement in future versions of Google chrome default because this feature is excellent.

Adrian Fbris said...

Someone/Anyone would tell me how to enable "Instant pages" ???

Because I use "about:flags" and there's an entry about Instant pages but I'm not sure if that's the correct way..

Thank you!!!

Manish said...

Thanks for the stable release! Wow too many security fixes...

krtulmay said...

@joesixgig, why are you bothering to post info about that flags option especially when you know the feature in cancelled?

Removing that flag was the only step the Devs didn't bother to do.

You're just getting people's hopes up for nothing and telling to try a discontinued feature that could have bugs.

Mainman678 said...

FINALLY THANK GOD!! I have been waiting too LONG thanks GOOGLE CHROME!!!!

Liverpool21 said...

anyone know how to turn instant off for certain web sites?

It causes problems when playing pogo games. Not sure if then it will cause issues for other games?

Josep Bel said...

I'm at dev channel and I want to switch to stable channel.
But profiles are not compatible.
Any solution?
Thank you guys and sorry for my poor english.

EnmRomero said...

@josep bel

Follow this steps

http://dev.chromium.org/getting-involved/dev-channel#TOC-Back-up-your-data-

Will W said...

No Lion support for back/forward still?

Chrome hasn't been my default browser since Lion because of this. I'd love to change that!

Jan said...

FINALLY the most visited thumbnails don't disappear for no reason anymore.

Adrian Fbris said...

How can I enable INSTANT PAGES???

Mainman678 said...

@Adrian Fbris type about:flags in address bar and go all the way at the bottom that says preload instant search click enable and there you go.

Adrian Fbris said...

Mainman678, I'm asking because I internet I've just read that I have to go to "chrome://settings/search#instant" (type this in url bar) and this is a different way, which I'm not sure is correct what this guy said..

ndo said...

finally.. :)

gondergec said...

I enabled instant search feature. It loads any page instantly but It doesn't work if i try to search something through omnibar. (default search engine is google)

cichy said...

Please add option to delete history "older than xxx". Now i can only clear history "newer than" which is not enough for me.
Now i have to clear full history to remove history from 2-3 months back.

Thank you.

Crooky said...

can not save password when logging into gmail any one else having that problem

ChromeMegaUser said...

Had to downgrade do to new version doesn't block cookies.. plz fix this soon.

jos_mh said...

Why is the compact navigation being dropped? I immediately turned the flag on and would love for this to stay. Can anyone point me to a discussion or more information about this?

Shiki said...

@Jos - 2 things.
1) Google decided "this is not the way Chrome should look like in the future", so that's why.
2) They said it would eat up too much time to polish it and fix bugs.

I love the feature too, and maybe drop Chrome when they remove the flag.

Saturno21 said...

Excellent... but, still no 64 Bit for Mac?

huygens-25 said...

It would have been nice if the release notification would have specify that this new Chrome release requires newer libstdc++ for Linux.
On SLES 11 SP1 64bit, Chrome is not working any longer. We have the following error:
/usr/lib64/libstdc++.so.6: version `GLIBCXX_3.4.11' not found

bongobongo said...

When will Chrome support Tab Groups ala Firefox Panorama?

See how Firefox Panorama works here:
http://www.youtube.com/watch?v=5r0TQJ-gGi0

How looooong will it take before this 'last' missing feature will emerge?

Josep Bel said...

@EnmRomero
I know, but the profile is not 100% compatible. We need a great tool to switch channels.
:-P

066b1312-be0f-11e0-973d-000bcdcb2996 said...

This release is really a disaster. Needs a badly needed update. Search bar lag. People also reporting no printing when printing pdf's.

FREEWILLY said...

now we just need chrome 14 on beta and 15 on dev....no mas milestone update in a while lol.

13 runs amazing on my new machine but like a turd on my old one...can't keep 10 tabs open w/o lag =(

Epaminondas said...

Will Chrome automatically update itself? b/c as of right now, Chrome is still version 12 on my computer?

Revisited said...

Why do i see additional m in the version number?

13.0.782.107 m

Bryan Chung said...

@Revisited: "m" multiple profile supported.

Louis said...

Could somebody be kind enough to explain what is this "Override software rendering list" flag,please?
Thank you.

The World's Worst Writer said...

Playing youtube videos in fullscreen mode doesn't work for me, I just get sound on a black screen. Am I the only one with this issue?

Ertavarez said...

@The World's Worst Writer is a issue of Flash Player not of chrome!

jos_mh said...

I just want to voice that I do not think the compact navigation or the experimental tab page should be canned. I thought it's weird that these flags weren't turned on by default.. I turned them on immediately and have been using them since updating and I don't think I want to go back assuming the Chrome team removes the flag...

Paulo Gomes said...

I've just updated Chrome in my Windows machine and now shows "Chrome 13.0.782.107 m". Uninstalled it and installed it again and now it doesn't show the "m". Can someone explain this?

Unknown said...

Some change in Chrome 13 now results in our test suite generating different results based on whether we start up a "clean" copy of Chrome, or whether we rerun the test by reloading the page. The Processing.js performance tests that we run will take, for instance, 14 seconds on initial clean page load, and 18 seconds when the page is reloaded from URL in the same chrome instance. Somehow, this new version is terrible at dealing with javascript on reloaded pages.

Actual performance test results:

14718ms initial page run
18045ms on the same run after page reload
31149ms on the same run, repeated a second time without reloading the page from URL

Feel free to drop by #processingjs on irc.mozilla.org to figure this one out.