Wednesday, October 10, 2012

Stable Channel Update

The Stable channel has been updated to 22.0.1229.94 for Windows, Mac, and Linux.  This release contains fixes for the security issue listed below.

Security fixes and rewards:

Congratulations to Pinkie Pie, returning to the fray with another beautiful piece of work!

We’re delighted at the success of Pwnium 2, and anticipate additional hardening and future improvements to Chrome as a result of the competition.

  • [$60,000][154983][154987] Critical CVE-2012-5112: SVG use-after-free and IPC arbitrary file write. Credit to Pinkie Pie.

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

Full details about what's in this release are available in the SVN revision log. Found a bug? Report it! On a different channel, but want to join us on the Stable train? The Chromium wiki has you covered.

Jason Kersey
Google Chrome

14 comments:

Thomas Bohn said...

What about the Android version of Chrome?

James said...

This is the 3rd update to 22 on the stable channel for Win/Linux/Mac while ChromeOS has been stuck with 21 for weeks.
What is up?

macewan said...

So my Chromebook is vulnerable?

James said...

Macewan -that's a good question.

The security fixes that have been implemented in the updates are still out there for those of us who haven't gotten them. At least before they were obscure security holes. Now they are out there for any malicious code-writer to read and try to exploit for all that haven't yet been given the update.

So, maybe...

Hussain Rahim said...

The extensions icons need to stay in place btwn updates. Biggest chrome annoyance

Tuan Rahmat said...

i think the update system is broken..
when i choose About at the setting and downloading for update,it crushed..then I open it back, PUFFF! updated to newest version..and it happen only in 5 Second??
only the number of the version is updated,not the whole chrome.

Kody said...

60,000USD... what a motivation .)

_ said...

It had to be a brony...
Kudos on the exploit. Good money and you did something legitimate with your knowledge rather than make the world a worse place.

tius said...

there is a bag in this version: can't change css styles of any element on loaded page or add new in existing css style block. you can only add new in block "element.style".

Test said...

This version includes new flash version 11.4.31.110 which crashes all sites trying to access webcams. Including Googles own sites like Youtube.

Denis Morelli said...

I got bored of chrome, the zoom is broken, some update fix it, few updates later breaks it again..

Unknown said...

Seriously Google? The standalone version is downloading the install files? Release the stand "alone" version for all of your geek fans who like to offline install every new version

Peter said...

Yesterday I visited a friend to check his computer's software. I was shocked by the poor performance of the latest Chrome. What happened last quarter to this browser ?
Google Chrome team: what are you going to do to improve your browser significantly (speed, flash, fonts, etc.)?

Kazzy said...

This version is even slower and more unstable than the last, with the Google homepage taking over 5 minutes to load. There is a definite memory leak if you leave it running without opening a page. In 24 hours, the memory usage skyrockets to over 4gb.