Thursday, January 10, 2013

Stable Channel Update

The Chrome team is excited to announce the promotion of Chrome 24 to the stable channel. Chrome 24.0.1312.52 has been updated for Windows, Mac, Linux, and Chrome Frame.

This is the first Stable release with support for MathML, thanks to WebKit volunteer Dave Barton. This release also contains an update to Flash (11.5.31.137) as well as improvements in speed and stability. You can find out more about Chrome 24 on the Official Chrome Blog and the Official Chromium Blog.

Security fixes and rewards:

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
  • [$1000] [162494] High CVE-2012-5145: Use-after-free in SVG layout. Credit to Atte Kettunen of OUSPG. 
  • [$4000] [165622] High CVE-2012-5146: Same origin policy bypass with malformed URL. Credit to Erling A Ellingsen and Subodh Iyengar, both of Facebook. 
  • [$1000] [165864] High CVE-2012-5147: Use-after-free in DOM handling. Credit to José A. Vázquez. 
  • [167122] Medium CVE-2012-5148: Missing filename sanitization in hyphenation support. Credit to Google Chrome Security Team (Justin Schuh). 
  • [166795] High CVE-2012-5149: Integer overflow in audio IPC handling. Credit to Google Chrome Security Team (Chris Evans). 
  • [165601] High CVE-2012-5150: Use-after-free when seeking video. Credit to Google Chrome Security Team (Inferno). 
  • [165538] High CVE-2012-5151: Integer overflow in PDF JavaScript. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team. 
  • [165430] Medium CVE-2012-5152: Out-of-bounds read when seeking video. Credit to Google Chrome Security Team (Inferno). 
  • [164565] High CVE-2012-5153: Out-of-bounds stack access in v8. Credit to Andreas Rossberg of the Chromium development community. 
  • [Windows only] [164490] Low CVE-2012-5154: Integer overflow in shared memory allocation. Credit to Google Chrome Security Team (Chris Evans). 
  • [Mac only] [163208] Medium CVE-2012-5155: Missing Mac sandbox for worker processes. Credit to Google Chrome Security Team (Julien Tinnes). 
  • [162778] High CVE-2012-5156: Use-after-free in PDF fields. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team. 
  • [162776] [162156] Medium CVE-2012-5157: Out-of-bounds reads in PDF image handling. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team. 
  • [162153] High CVE-2013-0828: Bad cast in PDF root handling. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team. 
  • [162114] High CVE-2013-0829: Corruption of database metadata leading to incorrect file access. Credit to Google Chrome Security Team (Jüri Aedla). 
  • [Windows only] [162066] Low CVE-2013-0830: Missing NUL termination in IPC. Credit to Google Chrome Security Team (Justin Schuh). 
  • [161836] Low CVE-2013-0831: Possible path traversal from extension process. Credit to Google Chrome Security Team (Tom Sepez). 
  • [160380] Medium CVE-2013-0832: Use-after-free with printing. Credit to Google Chrome Security Team (Cris Neckar). 
  • [154485] Medium CVE-2013-0833: Out-of-bounds read with printing. Credit to Google Chrome Security Team (Cris Neckar). 
  • [154283] Medium CVE-2013-0834: Out-of-bounds read with glyph handling. Credit to Google Chrome Security Team (Cris Neckar). 
  • [152921] Low CVE-2013-0835: Browser crash with geolocation. Credit to Arthur Gerkis. 
  • [150545] High CVE-2013-0836: Crash in v8 garbage collection. Credit to Google Chrome Security Team (Cris Neckar). 
  • [145363] Medium CVE-2013-0837: Crash in extension tab handling. Credit to Tom Nielsen. 
  • [Linux only] [143859] Low CVE-2013-0838: Tighten permissions on shared memory segments. Credit to Google Chrome Security Team (Chris Palmer). 
Many of the above bugs were detected using AddressSanitizer.

The security issues in V8 have been fixed in v8-3.14.5.3.

We’d also like to thank Atte Kettunen and Sławomir Błażek for working with us during the development cycle and preventing security regressions from ever reaching the stable channel. Rewards were issued.

Full details about what changes are in this build are available in the SVN revision log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Dharani Govindan
Google Chrome

33 comments:

John SC said...

Thanks goodness! I needed the webkit fix for zooming, and I finally have it.

Subodh Iyengar said...

My name has been spelt incorrectly in the report, it's Subodh Iyengar and not Subodh Iyenger. Would appreciate if you could correct that in this and the CVE as well. Thanks.

Louis said...
This comment has been removed by the author.
Louis said...

Sigh...

Hello,
everything was working so well but of course something had to break:

XP/sp3
Catalyst 12.4

"Log Messages
[2396:2844:0110/211121:ERROR:gpu_video_decode_accelerator.cc(169)] : NOT IMPLEMENTEDHW video decode acceleration not available.
[784:3520:0110/211152:ERROR:gpu_info_collector_win.cc(91)] : Can't retrieve a valid WinSAT assessment.
[784:3520:0110/211152:WARNING:amd_videocard_info_win.cc(29)] : Unable to load aticfx dll."

Tested with a 1080p .mp4 from YT.
Would you mind looking into this?please?
Thank you.

Louis said...

My full chrome://gpu-internals report can be find below:

http://pastebin.com/cNqJRRx4

ali nets said...

it has crash with windiw 7 x64

ali nets said...

i can not use version 24. iuse old chrome .exe v23.
v24 crash while visiting websites.
please help me.

JaK said...

I experienced with latest version many crashes...i cannot visit many websites...returning to version 23, everythink fine. What happen in the latest 24 version ???

Вук Мировић said...

In Chrome 24 i notice there is considerable lag when i first time switch to some tab, after that switching to tab is instantly, fine in Chrome 23

Yvan said...

Oh my god! Update failed.

So I uninstalled Chrome. Then download again the latest installer... and installation failed!

Here I'm am, back to Internet Explorer :'(

Вук Мировић said...

I fix the lagging by disabling Use GPU composition on all pages in about:flags

SaraSanchez said...

The problem of GDI leaks survives... yet :'(

http://code.google.com/p/chromium/issues/detail?id=134837

eegee said...

This is the first time I have truly had an issue with Chrome.

The lastest version 24 update will not work on Win7x64. The browser will crash all the time.

I have tried disabaling extenstions and plugins, using a clean profile, and reinstalling from scratch. The only thing that worked was reverting to version 23.

Torsten Meyer said...

I have the same crashes here (Win7 64bit). Where can I download the latest Chrome 23?

Torsten Meyer said...

Ahh, Filehippo is really great! :)

Jeremy Groves said...

Was hoping an update would be 64-bit. When do you guys think it will it be 64-bit so I don't have to go to a different browser to watch Netflix?

musafir said...
This comment has been removed by the author.
Romain said...


With 24 version ::-webkit-scrollbar in CSS doesn't seem to work properly anymore.

In 23 I had a proper grey scrollbar displayed.

But in 24 I have a black rectangle displayed where the scrollbar should have been.

Code sample visible here : http://pastebin.com/vU3uSUJu

Luis Jose Lopz Lora said...

I can also confirm, Chrome crashes on Win7x64 spanish. Two computers were updated today, both are not able to use Chrome as it crashes immediately after opening any site, even www.google.com

Вук Мировић said...

I have Win 7 64 bit and it works fine now, but i have to disable GPU composition on all pages in chrome://flags, try it, it may help

Richard Kral said...

What`s wrong with chrome://history in this version? It seems like just the last XY visited pages is recorded, not all of them. "Show older" button on the bottom of the site is simply missing. Can anyone reproduce this?

Windows 7 SP1 fully updated

Kdata Traveler said...

My computer is running on older hardware and beginning with the last two updates (post 23) I started experiencing a lot of stuttering and lag. Zooming windows (maximizing and minimizing) stuttered terribly, and chrome even affected my video player.

Thanks to 24 making everything even more intolerable, I luckily found a thread and learned to use these command line switches:

--disable-gpu --disable-software-rasterizer

at

https://groups.google.com/a/chromium.org/forum/?fromgroups=#!topic/chromium-discuss/IIQeveVRLVE

Now everything is buttery smooth again!

Torsten Meyer said...

Hm, the crashing issue is obviously fixed in the actual dev version of Chrome 25 (25.0.1364.29)...

deepblu said...

I started seeing problems when Chrome jumped to 24.xx from latest stable 23.xx . I saw the comment about disabling GPU compositing and tried it. It fixed the issue I was seeing. When I clicked on a tab it showed the correct URL but the content was showing the tab I was on. WIN 7 64bit, GTS450 driver 306.97

Renan said...

I`m having the same deepblu said:

When I clicked on a tab it showed the correct URL but the content was showing the tab I was on.

I disabled gpu but now I can see the page composing everytime I change pages... its no more instantaneous..
and its not because my pc config...

fabio said...

Release 24 of Chrome broke the use of XMLHttpRequest for the download of binary files. Many used overrideMimeType to specify "text/plain; charset=x-user-defined" as the content type, thus avoiding the automatic interpretation of the character stream, and relied on the response content type header to determine the actual mimetype.

Chrome up to 23 saved the original mimetype in the response's Content Type, regardless of what was overridden through overrideMimeType. This is consistent with past and current versions of Firefox and Safari (Explorer never supported overrideMimeType).

With release 24, the content type of the response is whatever was specified as overridden, making it impossible to download binary files as charset=x-user-defined, and then discovering through the content type what was the original mimetype.

This is broken, broken, broken, broken. I have created a page that shows the issue:

http://www.fabiovitali.it/issues/overridemimetype.html

Please use it with many different browsers.

Consider for instance the situation in which server-side documents are accessed that are in either XML, JSON or ZIP format (including MS Excel and OpenOffice files): if I do not specify overrideMimeType, the XML and JSON files work fine, but ZIP files (including Excel and OpenOffice) are corrupted. If I do specify overrideMimeType, I am unable to distinguish XML from Json from Zip files unless looking into the content of the file (hardly elegant).

This worked up to 23, and still works on Safari and Firefox, and has stopped working in 24. Please help.

Thank you

Fabio Vitali

Veer Muchandi said...

I started having problems with CORS pre-flight HTTP OPTION request from Ajax. It was working fine before. I think this issue is related this Chrome update.
I am stuck. I don't know how to roll back to the previous version of Chrome to confirm this issue with the current update, but as far as I know nothing else has changed.

Please help

Thanks
Veer Muchandi

Veer Muchandi said...

CORS preflight request - HTTP OPTIONS command fails with 'Load cancelled' in Chrome. It was working before. It works on Iron.
So it is an issue due t the last update.

Please fix it.

Thanks
Veer

Freeesi® said...

Something has been done to touch since it works erratically now, like it has focus issues, sometimes switching tabs randomly at tap and other times doing nothing at all. Win7 64, with HP tm2 (pen+touch). And yet still have to use plug-in flash..

Grégory Lafforgue said...

Sound problem with HTML5 Video !!
Glitches, cracks, sound distortion.
Since 24.0.1312.45. With .52 also the problem.
So not stable at all with new technology !

Александр Чухлебов said...

flash permanently crashes on YT

Luis Jose Lopz Lora said...

FYI

Today BEFORE updating to 24.0.1312.56 m, all my Chrome browsers on computers with Win7 x64 began working again. Obviously the problem was not related to .52

Logos said...

recurrent hard disk activity (every 3 secs) with Google news page. Only happens with this version of Chrome (not in any other browser either).