Tuesday, November 12, 2013

Stable Channel Update

Chrome has been updated to 31.0.1650.48 for Windows, Mac, Linux and Chrome Frame.

Flash Player has been updated to 11.9.900.152, which is included w/ this release.

Security Fixes and Rewards


Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.


This update includes 25 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.


[$500][268565] Medium CVE-2013-6621: Use after free related to speech input elements. Credit to Khalil Zhani.
[$2000][272786] High CVE-2013-6622: Use after free related to media elements. Credit to cloudfuzzer.
[$500][282925] High CVE-2013-6623: Out of bounds read in SVG. Credit to miaubiz.
[$1000][290566] High CVE-2013-6624: Use after free related to “id” attribute strings. Credit to Jon Butler.
[$2000][295010] High CVE-2013-6625: Use after free in DOM ranges. Credit to cloudfuzzer.
[295695] Low CVE-2013-6626: Address bar spoofing related to interstitial warnings. Credit to Chamal de Silva.
[$4000][299892] High CVE-2013-6627: Out of bounds read in HTTP parsing. Credit to skylined.
[$1000][306959] Medium CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco of INRIA Paris.


We would also like to thank miaubiz and Atte Kettunen of OUSPG for working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $2000 in additional rewards were issued.


As usual, our ongoing internal security work responsible for a wide range of fixes:
  • [315823] Medium-Critical CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives.
  • [258723] Medium CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo. Credit to Michal Zalewski of Google.
  • [299835] Medium CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo. Credit to Michal Zalewski of Google.
  • [296804] High CVE-2013-6631: Use after free in libjingle. Credit to Patrik Höglund of the Chromium project.

Many of the above bugs were detected using AddressSanitizer.


A full list of changes is available in the SVN log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Anthony Laforge
Google Chrome

21 comments:

Sérgio Meneses said...

30 or 31 ?

phant said...

31.0.1650.48 m

Sérgio Meneses said...

Because in the description is "Stable Channel Update
Chrome has been updated to 30.0.1599.101 for Windows, Mac, Linux and Chrome Frame." can induce in error

Sérgio Meneses said...

Will every one make mistakes , i'am portuguese, I'am sorry if make many mistakes , it'all correct have a nice day

Sam Scott said...
This comment has been removed by the author.
Will said...

I know we all make mistakes, you're right Sérgio, I've just seen it a few times on this blog with little things (although this one was corrected), it kind of makes me think about the code when such basic mistakes make it on to an official Google blog! But you're right.

I was going to delete my comment but think it was removed haha, hopefully because I swore and not because Anthony didn't like it..

Onlyme said...

2 of my favorite extensions have stopped working on all three computers after update.
What's happened?

rdubenezic said...

How long does it take chrome to update? It's 2:53PM EST and chrome hasn't updated. Thanks.

Rafael Hilário said...

Where has the function to search any image on any web site using the right mouse button? I did not find this functionality in this version can help me? Thank you!

LT said...

When will V31 get released for ChromeOS on the AcerC7? We have been trying to update our devices to no avail (both managed and unmanaged) as V31 is the only one that works so far with the Scholastic Read180 intervention program. We are looking at rolling a bunch of devices back to DevMode to accommodate.

iron2000 said...

Not good.
These bugs got passed down from Dev to Beta and now this Stable.

https://code.google.com/p/chromium/issues/detail?can=2&start=0&num=100&q=&colspec=ID%20Pri%20M%20Iteration%20ReleaseBlock%20Cr%20Status%20Owner%20Summary%20OS%20Modified&groupby=&sort=&id=304578
https://code.google.com/p/chromium/issues/detail?can=2&start=0&num=100&q=&colspec=ID%20Pri%20M%20Iteration%20ReleaseBlock%20Cr%20Status%20Owner%20Summary%20OS%20Modified&groupby=&sort=&id=300685

Kamal Hassan said...
This comment has been removed by the author.
Kamal Hassan said...

You could have mentioned that you changed the install path. Chrome now installs in programme files.

Andrács said...

This update seems to break the --disable-breakpad switch.

Chrome.exe can not be started with this switch after this update.

Best regards :)

Darren Watkinson said...
This comment has been removed by the author.
Darren Watkinson said...

Since this update, my PC freezes. Event log blames Chrome (Win 8.1 x64).

CRISTIAN.A said...

quiero reportar error en cargas de páginas web, sobre todo flash, o CSS. por las cuales hay que recargar las paginas. por otro lado bajo un poco casi inotable el rendimiento.

config: win 8.1 pro (actualizado) si quieren más informacion la puedo enviar si me la piden.

gracias.

Eric Ahnell said...

CRISTIAN.A, no eres la única persona que experimenta las páginas en blanco al cargar flash o CSS sitios Web. Hay varios bugs abiertos sobre las páginas en blanco: https://code.google.com/p/chromium/issues/list?q=blank+pages

necessary3vil said...

It appears that this bug, https://code.google.com/p/chromium/issues/detail?id=290399 was re-introduced in this update.

Ken Danieli said...

I've had AutoHotKeys running for years. I primarily use Chrome.

I simply have a few keywords (strings of text) attached to keyboard combos. For example when I want to paste my XeeMe URL in, I just use an AHK-defined keyboard combo and it pastes the whole URL in.

Today, for the first time, I cannot paste these words into any Chrome field by using the normal keyboard combos.

They work in IE. They work in Notepad. I've tried rebooting. But here, because I'm using Chrome, I can't paste in anything.

I've never had a tech issue with AHK.

What could be blocking this in Chrome?

(Note New version Chrome 31 was just updated yesterday...could that be the problem? Also Windows just did security updates to Win 7 today. )

Thanks,

conradoelingeniero said...

With this release many Feng Office users are reporting inability to upload files.

Does anybody know if the issue is already reported?

We are currently analyzing the issue, but if there is a bug report already we can add to that instead of duplicating.

Thanks!