Thursday, November 29, 2012

Stable Channel Update

The Stable channel has been updated to 23.0.1271.95 for Windows, Mac, Linux, and ChromeFrame platforms.

Security fixes and rewards:

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

  • [161564] High CVE-2012-5138: Incorrect file path handling. Credit to Google Chrome Security Team (Jüri Aedla).
  • [$7331] [162835] High CVE-2012-5137: Use-after-free in media source handling. Credit to Pinkie Pie.

Congratulations to Pinkie Pie for completing challenge: 64-bit exploit.

Full details about what changes are in this release are available in the SVN revision log.  Interested in hopping on the stable channel?  Find out how.  If you find a new issue, please let us know by filing a bug.

Karen Grunberg
Google Chrome


Zibri said...

Is it me or you just payed "LEET" money? :) 7331? Come on :)

johndoeworcester said...

7.5K USD for a full exploit? Last time I heard the reward was 60K.

msi2 said...

Can anyone tell us when this particular issue will be fixed? Font rendering is broken since Chrome v22 at least on my config:


There's a lengthy thread there where people are complaining about it, but no answer of what's wrong & when it could be fixed...

Anggi Luxor said...

obat stroke

Longasc said...

My font rendering is also still broken, since Chrome 22. I am using the browser "Iron" at the moment, based on the previous Chrome 21.

Jack Starize said...
This comment has been removed by the author.