The Stable channel has been updated to 16.0.912.77 for Windows, Mac, Linux and Chrome Frame

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

  • [$1000] [106484] High CVE-2011-3924: Use-after-free in DOM selections. Credit to Arthur Gerkis.
  • [$3133.7] [107182] Critical CVE-2011-3925: Use-after-free in Safe Browsing navigation. Credit to Chamal de Silva. *
  • [108461] High CVE-2011-3928: Use-after-free in DOM handling. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1415).
  • [$1000] [108605] High CVE-2011-3927: Uninitialized value in Skia. Credit to miaubiz.
  • [$1000] [109556] High CVE-2011-3926: Heap-buffer-overflow in tree builder. Credit to Arthur Gerkis.
The bugs 106484, 107182, 108461, and 109556 were detected using AddressSanitizer.
* Bug 107182 was fixed in 16.0.912.75 but accidentally excluded from the release notes.

Full details about what changes have been made in this release are available in the SVN revisions log. Interested in switching to another channel?  Find out how.  If you find a new issue, please let us know by filing a bug.

Anthony Laforge
Google Chrome