Google Chrome Changelog

What's new in Google Chrome 123.0.6312.58

Mar 25, 2024
  • SECURITY FIXES AND REWARDS:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 12 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [TBD][327740539] High CVE-2024-2625: Object lifecycle issue in V8. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on 2024-03-01
  • [$10000][40945098] Medium CVE-2024-2626: Out of bounds read in Swiftshader. Reported by Cassidy Kim(@cassidy6564) on 2023-11-22
  • [$4000][41493290] Medium CVE-2024-2627: Use after free in Canvas. Reported by Anonymous on 2024-01-21
  • [$3000][41487774] Medium CVE-2024-2628: Inappropriate implementation in Downloads. Reported by Ath3r1s on 2024-01-03
  • [$2000][41487721] Medium CVE-2024-2629: Incorrect security UI in iOS. Reported by Muneaki Nishimura (nishimunea) on 2024-01-02
  • [$1000][41481877] Medium CVE-2024-2630: Inappropriate implementation in iOS. Reported by James Lee (@Windowsrcer) on 2023-12-07
  • [$2000][41495878] Low CVE-2024-2631: Inappropriate implementation in iOS. Reported by Ramit Gangwar on 2024-01-29
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [330304003] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 122.0.6261.94 (Feb 28, 2024)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$7000][324596281] High CVE-2024-1938: Type Confusion in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be8 on 2024-02-11
  • [$7000][323694592] High CVE-2024-1939: Type Confusion in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab on 2024-02-05
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [326980493] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 122.0.6261.57 (Feb 20, 2024)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 12 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$7000][41495060] High CVE-2024-1669: Out of bounds memory access in Blink. Reported by Anonymous on 2024-01-26
  • [$5000][41481374] High CVE-2024-1670: Use after free in Mojo. Reported by Cassidy Kim(@cassidy6564) on 2023-12-06
  • [$8000][41487933] Medium CVE-2024-1671: Inappropriate implementation in Site Isolation. Reported by Harry Chen on 2024-01-03
  • [$3000][41485789] Medium CVE-2024-1672: Inappropriate implementation in Content Security Policy. Reported by Georg Felber (TU Wien) & Marco Squarcina (TU Wien) on 2023-12-19
  • [$2000][41490491] Medium CVE-2024-1673: Use after free in Accessibility. Reported by Weipeng Jiang (@Krace) of VRI on 2024-01-11
  • [$1000][40095183] Medium CVE-2024-1674: Inappropriate implementation in Navigation. Reported by David Erceg on 2019-05-27
  • [$1000][41486208] Medium CVE-2024-1675: Insufficient policy enforcement in Download. Reported by Bartłomiej Wacko on 2023-12-21
  • [$1000][40944847] Low CVE-2024-1676: Inappropriate implementation in Navigation. Reported by Khalil Zhani on 2023-11-21
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [326063910] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 121.0.6167.85 (Jan 23, 2024)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 17 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$11000][1505080] High CVE-2024-0807: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2023-11-25
  • [$9000][1484394] High CVE-2024-0812: Inappropriate implementation in Accessibility. Reported by Anonymous on 2023-09-19
  • [$6000][1504936] High CVE-2024-0808: Integer underflow in WebUI. Reported by Lyra Rebane (rebane2001) on 2023-11-24
  • [$2000][1496250] Medium CVE-2024-0810: Insufficient policy enforcement in DevTools. Reported by Shaheen Fazim on 2023-10-26
  • [$1000][1463935] Medium CVE-2024-0814: Incorrect security UI in Payments. Reported by Muneaki Nishimura (nishimunea) on 2023-07-11
  • [$1000][1477151] Medium CVE-2024-0813: Use after free in Reading Mode. Reported by @retsew0x01 on 2023-08-30
  • [$1000][1505176] Medium CVE-2024-0806: Use after free in Passwords. Reported by 18楼梦想改造家 on 2023-11-25
  • [TBD][1514925] Medium CVE-2024-0805: Inappropriate implementation in Downloads. Reported by Om Apip on 2024-01-01
  • [TBD][1515137] Medium CVE-2024-0804: Insufficient policy enforcement in iOS Security UI. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2024-01-03
  • [N/A][1494490] Low CVE-2024-0811: Inappropriate implementation in Extensions API. Reported by Jann Horn of Google Project Zero on 2023-10-21
  • [TBD][1497985] Low CVE-2024-0809: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2023-10-31
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1520680] Various fixes from internal audits, fuzzing and other initiatives
  • Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

New in Google Chrome 120.0.6099.216 (Jan 11, 2024)

  • The Extended Stable channel has been updated to 120.0.6099.216 for Mac and 120.0.6099.217 for Windows which will roll out over the coming days/weeks.
  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$TBD][1513379] High CVE-2024-0333: Insufficient data validation in Extensions. Reported by Malcolm Stagg (@malcolmst) of SODIUM-24, LLC on 2023-12-20
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

New in Google Chrome 120.0.6099.199 (Jan 5, 2024)

  • Security Fixes and RewardsNote:
  • Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 6 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • Please see the Chrome Security Page for more information.
  • [$15000][1501798] High CVE-2024-0222: Use after free in ANGLE. Reported by Toan (suto) Pham of Qrious Secure on 2023-11-13
  • [$15000][1505009] High CVE-2024-0223: Heap buffer overflow in ANGLE. Reported by Toan (suto) Pham and Tri Dang of Qrious Secure on 2023-11-24
  • [$10000][1505086] High CVE-2024-0224: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2023-11-25
  • [$TBD][1506923] High CVE-2024-0225: Use after free in WebGPU. Reported by Anonymous on 2023-12-01We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:[1515353] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 120.0.6099.129 (Jan 3, 2024)

  • SECURITY FIXES AND REWARDS:
  • Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers.
  • [$NA][1513170] High CVE-2023-7024: Heap buffer overflow in WebRTC. Reported by Clément Lecigne and Vlad Stolyarov of Google's Threat Analysis Group on 2023-12-19
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • Google is aware that an exploit for CVE-2023-7024 exists in the wild.

New in Google Chrome 120.0.6099.109 (Dec 13, 2023)

  • The Stable channel has been updated to 120.0.6099.109 for Mac,Linux and Windows is coming soon, which will roll out over the coming days/weeks. A full list of changes in this build is available in the log.
  • The Extended Stable channel has been updated to 120.0.6099.109 for Mac, which will roll out over the coming days/weeks.
  • SECURITY FIXES AND REWARDS:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 9 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • [$16000][1501326] High CVE-2023-6702: Type Confusion in V8. Reported by Zhiyi Zhang and Zhunki from Codesafe Team of Legendsec at Qi'anxin Group on 2023-11-10
  • [$7000][1502102] High CVE-2023-6703: Use after free in Blink. Reported by Cassidy Kim(@cassidy6564) on 2023-11-14
  • [$7000][1504792] High CVE-2023-6704: Use after free in libavif. Reported by Fudan University on 2023-11-23
  • [$7000][1505708] High CVE-2023-6705: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-11-28
  • [$6000][1500921] High CVE-2023-6706: Use after free in FedCM. Reported by anonymous on 2023-11-09
  • [$7000][1504036] Medium CVE-2023-6707: Use after free in CSS. Reported by @ginggilBesel on 2023-11-21
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1510677] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 120.0.6099.62 (Dec 6, 2023)

  • The Chrome team is delighted to announce the promotion of Chrome 120 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.
  • Chrome 120.0.6099.62 (Linux and Mac), 120.0.6099.62/.63( Windows) contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 120.
  • The Extended Stable channel has been updated to 120.0.6099.63 for Windows and 120.0.6099.62 for Mac, which will roll out over the coming days/weeks.
  • SECURITY FIXES AND REWARDS:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 10 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • [$10000][1497984] High CVE-2023-6508: Use after free in Media Stream. Reported by Cassidy Kim(@cassidy6564) on 2023-10-31
  • [$1000][1494565] High CVE-2023-6509: Use after free in Side Panel Search. Reported by Khalil Zhani on 2023-10-21
  • [$1000][1480152] Medium CVE-2023-6510: Use after free in Media Capture. Reported by [pwn2car] on 2023-09-08
  • [$2000][1478613] Low CVE-2023-6511: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2023-09-04
  • [$1000][1457702] Low CVE-2023-6512: Inappropriate implementation in Web Browser UI. Reported by Om Apip on 2023-06-24
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1497743] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 119.0.6045.199 (Dec 2, 2023)

  • SECURITY FIXES AND REWARDS:
  • NOTE: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 7 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [N/A][1491459] High CVE-2023-6348: Type Confusion in Spellcheck. Reported by Mark Brand of Google Project Zero on 2023-10-10
  • [$31000][1494461] High CVE-2023-6347: Use after free in Mojo. Reported by Leecraso and Guang Gong of 360 Vulnerability Research Institute on 2023-10-21
  • [$10000][1500856] High CVE-2023-6346: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2023-11-09
  • [$7000][1501766] High CVE-2023-6350: Out of bounds memory access in libavif. Reported by Fudan University on 2023-11-13
  • [$7000][1501770] High CVE-2023-6351: Use after free in libavif. Reported by Fudan University on 2023-11-13
  • [N/A][1505053] High CVE-2023-6345: Integer overflow in Skia. Reported by Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group on 2023-11-24
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1505618] Various fixes from internal audits, fuzzing and other initiatives
  • Google is aware that an exploit for CVE-2023-6345 exists in the wild.

New in Google Chrome 119.0.6045.159 (Nov 15, 2023)

  • This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$10000][1497997] High CVE-2023-5997: Use after free in Garbage Collection. Reported by Anonymous on 2023-10-31
  • [N/A][1499298] High CVE-2023-6112: Use after free in Navigation. Reported by Sergei Glazunov of Google Project Zero on 2023-11-04
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1501958] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 119.0.6045.123 (Nov 8, 2023)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers.
  • [N/A][1497859] High CVE-2023-5996: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab via Tianfu Cup 2023 on 2023-10-30

New in Google Chrome 119.0.6045.105 (Nov 2, 2023)

  • This update includes 15 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$16000][1492698] High CVE-2023-5480: Inappropriate implementation in Payments. Reported by Vsevolod Kokorin (Slonser) of Solidlab on 2023-10-14
  • [$11000][1492381] High CVE-2023-5482: Insufficient data validation in USB. Reported by DarkNavy on 2023-10-13
  • [$TBD][1492384] High CVE-2023-5849: Integer overflow in USB. Reported by DarkNavy on 2023-10-13
  • [$3000][1281972] Medium CVE-2023-5850: Incorrect security UI in Downloads. Reported by Mohit Raj (shadow2639) on 2021-12-22
  • [$3000][1473957] Medium CVE-2023-5851: Inappropriate implementation in Downloads. Reported by Shaheen Fazim on 2023-08-18
  • [$2000][1480852] Medium CVE-2023-5852: Use after free in Printing. Reported by [pwn2car] on 2023-09-10
  • [$1000][1456876] Medium CVE-2023-5853: Incorrect security UI in Downloads. Reported by Hafiizh on 2023-06-22
  • [$1000][1488267] Medium CVE-2023-5854: Use after free in Profiles. Reported by Dohyun Lee (@l33d0hyun) of SSD-Disclosure Labs & DNSLab, Korea Univ on 2023-10-01
  • [$TBD][1492396] Medium CVE-2023-5855: Use after free in Reading Mode. Reported by ChaobinZhang on 2023-10-13
  • [$TBD][1493380] Medium CVE-2023-5856: Use after free in Side Panel. Reported by Weipeng Jiang (@Krace) of VRI on 2023-10-17
  • [N/A][1493435] Medium CVE-2023-5857: Inappropriate implementation in Downloads. Reported by Will Dormann on 2023-10-18
  • [$3000][1457704] Low CVE-2023-5858: Inappropriate implementation in WebApp Provider. Reported by Axel Chong on 2023-06-24
  • [$500][1482045] Low CVE-2023-5859: Incorrect security UI in Picture In Picture. Reported by Junsung Lee on 2023-09-13
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1497743] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 118.0.5993.117 (Oct 25, 2023)

  • SECURITY FIXES AND REWARDS:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$3000][1491296] High CVE-2023-5472: Use after free in Profiles.
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1495429] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 118.0.5993.7 (Oct 11, 2023)

  • SECURITY FIXES AND REWARDS:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 20 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • [TBD][1487110] Critical CVE-2023-5218: Use after free in Site Isolation. Reported by @18楼梦想改造家 on 2023-09-27
  • [$5000][1062251] Medium CVE-2023-5487: Inappropriate implementation in Fullscreen. Reported by Anonymous on 2020-03-17
  • [$5000][1414936] Medium CVE-2023-5484: Inappropriate implementation in Navigation. Reported by Thomas Orlita on 2023-02-11
  • [$2000][1476952] Medium CVE-2023-5475: Inappropriate implementation in DevTools. Reported by Axel Chong on 2023-08-30
  • [$1000][1425355] Medium CVE-2023-5483: Inappropriate implementation in Intents. Reported by Axel Chong on 2023-03-17
  • [$1000][1458934] Medium CVE-2023-5481: Inappropriate implementation in Downloads. Reported by Om Apip on 2023-06-28
  • [$1000][1474253] Medium CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun on 2023-08-20
  • [$1000][1483194] Medium CVE-2023-5474: Heap buffer overflow in PDF. Reported by [pwn2car] on 2023-09-15
  • [$500][1471253] Medium CVE-2023-5479: Inappropriate implementation in Extensions API. Reported by Axel Chong on 2023-08-09
  • [$6000][1395164] Low CVE-2023-5485: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2022-12-02
  • [$3000][1472404] Low CVE-2023-5478: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2023-08-12
  • [$3000][1472558] Low CVE-2023-5477: Inappropriate implementation in Installer. Reported by Bahaa Naamneh of Crosspoint Labs on 2023-08-13
  • [$1000][1357442] Low CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh on 2022-08-29
  • [$1000][1484000] Low CVE-2023-5473: Use after free in Cast. Reported by DarkNavy on 2023-09-18
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1491268] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 117.0.5938.132 (Sep 29, 2023)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 10 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$NA][1486441] High CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx. Reported by Clément Lecigne of Google's Threat Analysis Group on 2023-09-25
  • [$TBD][1478889] High CVE-2023-5186: Use after free in Passwords. Reported by [pwn2car] on 2023-09-05
  • [$2000][1475798] High CVE-2023-5187: Use after free in Extensions. Reported by Thomas Orlita on 2023-08-25
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • Google is aware that an exploit for CVE-2023-5217 exists in the wild.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
  • [1486724] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 117.0.5938.62 (Sep 13, 2023)

  • Chrome 117.0.5938.62 (Linux and Mac), 117.0.5938.62/.63( Windows) contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 117.
  • SECURITY FIXES AND REWARDS:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 16 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$NA][1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP. Reported by Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at The University of Torontoʼs Munk School on 2023-09-06
  • [$3000][1430867] Medium CVE-2023-4900: Inappropriate implementation in Custom Tabs. Reported by Levit Nudi from Kenya on 2023-04-06
  • [$3000][1459281] Medium CVE-2023-4901: Inappropriate implementation in Prompts. Reported by Kang Ali on 2023-06-29
  • [$2000][1454515] Medium CVE-2023-4902: Inappropriate implementation in Input. Reported by Axel Chong on 2023-06-14
  • [$1000][1446709] Medium CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs. Reported by Ahmed ElMasry on 2023-05-18
  • [$1000][1453501] Medium CVE-2023-4904: Insufficient policy enforcement in Downloads. Reported by Tudor Enache @tudorhacks on 2023-06-09
  • [$500][1441228] Medium CVE-2023-4905: Inappropriate implementation in Prompts. Reported by Hafiizh on 2023-04-29
  • [$6000][1449874] Low CVE-2023-4906: Insufficient policy enforcement in Autofill. Reported by Ahmed ElMasry on 2023-05-30
  • [$2000][1462104] Low CVE-2023-4907: Inappropriate implementation in Intents. Reported by Mohit Raj (shadow2639) on 2023-07-04
  • [$TBD][1451543] Low CVE-2023-4908: Inappropriate implementation in Picture in Picture. Reported by Axel Chong on 2023-06-06
  • [$TBD][1463293] Low CVE-2023-4909: Inappropriate implementation in Interstitials. Reported by Axel Chong on 2023-07-09
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • Google is aware that an exploit for CVE-2023-4863 exists in the wild.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1481336] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 116.0.5845.179 (Sep 8, 2023)

  • SECURITY FIXES AND REWARDS:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • [$TBD][1476403] High CVE-2023-4761: Out of bounds memory access in FedCM. Reported by DarkNavy on 2023-08-28
  • [$TBD][1473247] High CVE-2023-4762: Type Confusion in V8. Reported by Rong Jian of VRI on 2023-08-16
  • [$TBD][1469928] High CVE-2023-4763: Use after free in Networks. Reported by anonymous on 2023-08-03
  • [$TBD][1447237] High CVE-2023-4764: Incorrect security UI in BFCache. Reported by Irvan Kurniawan (sourc7) on 2023-05-20

New in Google Chrome 116.0.5845.110 (Aug 23, 2023)

  • This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$10000][1469542] High CVE-2023-4430: Use after free in Vulkan. Reported by Cassidy Kim(@cassidy6564) on 2023-08-02
  • [$3000][1469754] High CVE-2023-4429: Use after free in Loader. Reported by Anonymous on 2023-08-03
  • [$2000][1470477] High CVE-2023-4428: Out of bounds memory access in CSS. Reported by Francisco Alonso (@revskills) on 2023-08-06
  • [$NA][1470668] High CVE-2023-4427: Out of bounds memory access in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-08-07
  • [$NA][1469348] Medium CVE-2023-4431: Out of bounds memory access in Fonts. Reported by Microsoft Security Researcher on 2023-08-01

New in Google Chrome 116.0.5845.96 (Aug 16, 2023)

  • The Stable and Extended stable channels has been updated to 116.0.5845.96 for Mac and Linux and 116.0.5845.96/.97 for Windows, which will roll out over the coming days/weeks. A full list of changes in this build is available in the log.
  • SECURITY FIXES AND REWARDS:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 26 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$30000][1448548] High CVE-2023-2312: Use after free in Offline. Reported by avaue at S.S.L. on 2023-05-24
  • [$5000][1458303] High CVE-2023-4349: Use after free in Device Trust Connectors. Reported by Weipeng Jiang (@Krace) of VRI on 2023-06-27
  • [$3000][1454817] High CVE-2023-4350: Inappropriate implementation in Fullscreen. Reported by Khiem Tran (@duckhiem) on 2023-06-14
  • [$2000][1465833] High CVE-2023-4351: Use after free in Network. Reported by Guang and Weipeng Jiang of VRI on 2023-07-18
  • [$NA][1452076] High CVE-2023-4352: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-06-07
  • [$NA][1458046] High CVE-2023-4353: Heap buffer overflow in ANGLE. Reported by Christoph Diehl / Microsoft Vulnerability Research on 2023-06-27
  • [$NA][1464215] High CVE-2023-4354: Heap buffer overflow in Skia. Reported by Mark Brand of Google Project Zero on 2023-07-12
  • [$NA][1468943] High CVE-2023-4355: Out of bounds memory access in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-07-31
  • [$5000][1449929] Medium CVE-2023-4356: Use after free in Audio. Reported by Zhenghang Xiao (@Kipreyyy) on 2023-05-30
  • [$3000][1458911] Medium CVE-2023-4357: Insufficient validation of untrusted input in XML. Reported by Igor Sak-Sakovskii on 2023-06-28
  • [$3000][1466415] Medium CVE-2023-4358: Use after free in DNS. Reported by Weipeng Jiang (@Krace) of VRI on 2023-07-20
  • [$2000][1443722] Medium CVE-2023-4359: Inappropriate implementation in App Launcher. Reported by @retsew0x01 on 2023-05-09
  • [$2000][1462723] Medium CVE-2023-4360: Inappropriate implementation in Color. Reported by Axel Chong on 2023-07-07
  • [$2000][1465230] Medium CVE-2023-4361: Inappropriate implementation in Autofill. Reported by Thomas Orlita on 2023-07-17
  • [$1000][1316379] Medium CVE-2023-4362: Heap buffer overflow in Mojom IDL. Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab on 2022-04-14
  • [$1000][1367085] Medium CVE-2023-4363: Inappropriate implementation in WebShare. Reported by Alesandro Ortiz on 2022-09-23
  • [$1000][1406922] Medium CVE-2023-4364: Inappropriate implementation in Permission Prompts. Reported by Jasper Rebane on 2023-01-13
  • [$1000][1431043] Medium CVE-2023-4365: Inappropriate implementation in Fullscreen. Reported by Hafiizh on 2023-04-06
  • [$1000][1450784] Medium CVE-2023-4366: Use after free in Extensions. Reported by asnine on 2023-06-02
  • [$500][1467743] Medium CVE-2023-4367: Insufficient policy enforcement in Extensions API. Reported by Axel Chong on 2023-07-26
  • [$500][1467751] Medium CVE-2023-4368: Insufficient policy enforcement in Extensions API. Reported by Axel Chong on 2023-07-26

New in Google Chrome 115.0.5790.170 (Aug 7, 2023)

  • This update includes 17 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • [$23000][1466183] High CVE-2023-4068: Type Confusion in V8. Reported by Jerry on 2023-07-20
  • [$21000][1465326] High CVE-2023-4069: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2023-07-17
  • [$20000][1462951] High CVE-2023-4070: Type Confusion in V8. Reported by Jerry on 2023-07-07
  • [$17000][1458819] High CVE-2023-4071: Heap buffer overflow in Visuals. Reported by Guang and Weipeng Jiang of VRI on 2023-06-28
  • [$15000][1464038] High CVE-2023-4072: Out of bounds read and write in WebGL. Reported by Apple Security Engineering and Architecture (SEAR) on 2023-07-12
  • [$10000][1456243] High CVE-2023-4073: Out of bounds memory access in ANGLE. Reported by Jaehun Jeong(@n3sk) of Theori on 2023-06-20
  • [$8000][1464113] High CVE-2023-4074: Use after free in Blink Task Scheduling. Reported by Anonymous on 2023-07-12
  • [$5000][1457757] High CVE-2023-4075: Use after free in Cast. Reported by Cassidy Kim(@cassidy6564) on 2023-06-25
  • [$NA][1459124] High CVE-2023-4076: Use after free in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2023-06-29
  • [$3000][1451146] Medium CVE-2023-4077: Insufficient data validation in Extensions. Reported by Derin Eryilmaz on 2023-06-04
  • [$1000][1461895] Medium CVE-2023-4078: Inappropriate implementation in Extensions. Reported by Derin Eryilmaz on 2023-07-04
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1469476] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 114.0.5735.133 (Jun 14, 2023)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$TBD][1450568] Critical CVE-2023-3214: Use after free in Autofill payments. Reported by Rong Jian of VRI on 2023-06-01
  • [$3000][1446274] High CVE-2023-3215: Use after free in WebRTC. Reported by asnine on 2023-05-17
  • [$TBD][1450114] High CVE-2023-3216: Type Confusion in V8. Reported by 5n1p3r0010 from Topsec ChiXiao Lab on 2023-05-31
  • [$NA][1450601] High CVE-2023-3217: Use after free in WebXR. Reported by Sergei Glazunov of Google Project Zero on 2023-06-01
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1454307] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 114.0.5735.106 (Jun 7, 2023)

  • This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • [$NA][1450481] High CVE-2023-3079: Type Confusion in V8. Reported by Clément Lecigne of Google's Threat Analysis Group on 2023-06-01
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • Google is aware that an exploit for CVE-2023-3079 exists in the wild.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1451018] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 114.0.5735.90 (May 31, 2023)

  • Chrome 114.0.5735.90 (Linux and Mac), 114.0.5735.90/91( Windows) contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 114.
  • Extended Stable channel has been updated to 114.0.5735.90 (Mac) and 114.0.5735.91 ( Windows. This will roll over over the coming days/weeks
  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 16 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$15000][1410191] High CVE-2023-2929: Out of bounds write in Swiftshader. Reported by Jaehun Jeong(@n3sk) of Theori on 2023-01-25
  • [$10000][1443401] High CVE-2023-2930: Use after free in Extensions. Reported by asnine on 2023-05-08
  • [$9000][1444238] High CVE-2023-2931: Use after free in PDF. Reported by Huyna at Viettel Cyber Security on 2023-05-10
  • [$9000][1444581] High CVE-2023-2932: Use after free in PDF. Reported by Huyna at Viettel Cyber Security on 2023-05-11
  • [$9000][1445426] High CVE-2023-2933: Use after free in PDF. Reported by Quang Nguyễn (@quangnh89) of Viettel Cyber Security and Nguyen Phuong on 2023-05-15
  • [$NA][1429720] High CVE-2023-2934: Out of bounds memory access in Mojo. Reported by Mark Brand of Google Project Zero on 2023-04-01
  • [$NA][1440695] High CVE-2023-2935: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-04-27
  • [$NA][1443452] High CVE-2023-2936: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-05-08
  • [$4000][1413813] Medium CVE-2023-2937: Inappropriate implementation in Picture In Picture. Reported by NDevTK on 2023-02-08
  • [$4000][1416350] Medium CVE-2023-2938: Inappropriate implementation in Picture In Picture. Reported by Alesandro Ortiz on 2023-02-15
  • [$3000][1427431] Medium CVE-2023-2939: Insufficient data validation in Installer. Reported by ycdxsb from VARAS@IIE on 2023-03-24
  • [$2000][1426807] Medium CVE-2023-2940: Inappropriate implementation in Downloads. Reported by Axel Chong on 2023-03-22
  • [$500][1430269] Low CVE-2023-2941: Inappropriate implementation in Extensions API. Reported by Jasper Rebane on 2023-04-04
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1449493] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 113.0.5672.126 (May 17, 2023)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 12 security fixes:
  • [$TBD][1444360] Critical CVE-2023-2721: Use after free in Navigation. Reported by Guang Gong of Alpha Lab, Qihoo 360 on 2023-05-10
  • [$7000][1400905] High CVE-2023-2722: Use after free in Autofill UI. Reported by Rong Jian of VRI on 2022-12-14
  • [$3000][1435166] High CVE-2023-2723: Use after free in DevTools. Reported by asnine on 2023-04-21
  • [$NA][1433211] High CVE-2023-2724: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-04-14
  • [$TBD][1442516] High CVE-2023-2725: Use after free in Guest View. Reported by asnine on 2023-05-04
  • [$1500][1442018] Medium CVE-2023-2726: Inappropriate implementation in WebApp Installs. Reported by Ahmed ElMasry on 2023-05-03
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1445755] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 113.0.5672.63 (May 4, 2023)

  • The Chrome team is delighted to announce the promotion of Chrome 113 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.
  • Chrome 113.0.5672.63 (Linux and Mac), 113.0.5672.63/.64( Windows) contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 113.
  • SECURITY FIXES AND REWARDS:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 15 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$7500][1423304] Medium CVE-2023-2459: Inappropriate implementation in Prompts. Reported by Rong Jian of VRI on 2023-03-10
  • [$5000][1419732] Medium CVE-2023-2460: Insufficient validation of untrusted input in Extensions. Reported by Martin Bajanik, Fingerprint[.]com on 2023-02-27
  • [$4000][1350561] Medium CVE-2023-2461: Use after free in OS Inputs. Reported by @ginggilBesel on 2022-08-06
  • [$3000][1375133] Medium CVE-2023-2462: Inappropriate implementation in Prompts. Reported by Alesandro Ortiz on 2022-10-17
  • [$2000][1406120] Medium CVE-2023-2463: Inappropriate implementation in Full Screen Mode. Reported by Irvan Kurniawan (sourc7) on 2023-01-10
  • [$2000][1418549] Medium CVE-2023-2464: Inappropriate implementation in PictureInPicture. Reported by Thomas Orlita on 2023-02-23
  • [$1000][1399862] Medium CVE-2023-2465: Inappropriate implementation in CORS. Reported by @kunte_ctf on 2022-12-10
  • [$3000][1385714] Low CVE-2023-2466: Inappropriate implementation in Prompts. Reported by Jasper Rebane (popstonia) on 2022-11-17
  • [$2000][1413586] Low CVE-2023-2467: Inappropriate implementation in Prompts. Reported by Thomas Orlita on 2023-02-07
  • [$1000][1416380] Low CVE-2023-2468: Inappropriate implementation in PictureInPicture. Reported by Alesandro Ortiz on 2023-02-15
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1441714] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 112.0.5615.165 (Apr 20, 2023)

  • Security Fixes and RewardsNote:
  • Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 8 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • [$8000][1429197] High CVE-2023-2133: Out of bounds memory access in Service Worker API. Reported by Rong Jian of VRI on 2023-03-30
  • [$8000][1429201] High CVE-2023-2134: Out of bounds memory access in Service Worker API. Reported by Rong Jian of VRI on 2023-03-30
  • [$3000][1424337] High CVE-2023-2135: Use after free in DevTools. Reported by Cassidy Kim(@cassidy6564) on 2023-03-14
  • [$NA][1432603] High CVE-2023-2136: Integer overflow in Skia. Reported by Clément Lecigne of Google's Threat Analysis Group on 2023-04-12
  • [$1000][1430644] Medium CVE-2023-2137: Heap buffer overflow in sqlite. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2023-04-05We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.Google is aware that an exploit for CVE-2023-2136 exists in the wild.As usual, our ongoing internal security work was responsible for a wide range of fixes:[1434139] Various fixes from internal audits, fuzzing and other initiativesMany of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

New in Google Chrome 112.0.5615.121 (Apr 18, 2023)

  • Security Fixes and RewardsNote: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 2 security fixes.
  • Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$NA][1432210] High CVE-2023-2033: Type Confusion in V8. Reported by Clément Lecigne of Google's Threat Analysis Group on 2023-04-11We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • Google is aware that an exploit for CVE-2023-2033 exists in the wild. As usual, our ongoing internal security work was responsible for a wide range of fixes:[1433131] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 112.0.5615.49 (Apr 6, 2023)

  • [$5000][1414018] High CVE-2023-1810: Heap buffer overflow in Visuals. Reported by Weipeng Jiang (@Krace) of VRI on 2023-02-08
  • [$3000][1420510] High CVE-2023-1811: Use after free in Frames. Reported by Thomas Orlita on 2023-03-01
  • [$5000][1418224] Medium CVE-2023-1812: Out of bounds memory access in DOM Bindings. Reported by Shijiang Yu on 2023-02-22
  • [$5000][1423258] Medium CVE-2023-1813: Inappropriate implementation in Extensions. Reported by Axel Chong on 2023-03-10
  • [$3000][1417325] Medium CVE-2023-1814: Insufficient validation of untrusted input in Safe Browsing. Reported by Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University on 2023-02-18
  • [$2000][1278708] Medium CVE-2023-1815: Use after free in Networking APIs. Reported by DDV_UA on 2021-12-10
  • [$1000][1413919] Medium CVE-2023-1816: Incorrect security UI in Picture In Picture. Reported by NDevTK on 2023-02-08
  • [$1000][1418061] Medium CVE-2023-1817: Insufficient policy enforcement in Intents. Reported by Axel Chong on 2023-02-22
  • [$NA][1223346] Medium CVE-2023-1818: Use after free in Vulkan. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research, Eric Lawrence, Microsoft, Patrick Walker (@HomeSen), and Kirtikumar Anandrao Ramchandani on 2021-06-24
  • [$NA][1406588] Medium CVE-2023-1819: Out of bounds read in Accessibility. Reported by Microsoft Edge Team on 2023-01-12
  • [$TBD][1408120] Medium CVE-2023-1820: Heap buffer overflow in Browser History. Reported by raven at KunLun lab on 2023-01-17
  • [$1000][1413618] Low CVE-2023-1821: Inappropriate implementation in WebShare. Reported by Axel Chong on 2023-02-07
  • [$500][1066555] Low CVE-2023-1822: Incorrect security UI in Navigation. Reported by 강우진 on 2020-04-01
  • [$TBD][1406900] Low CVE-2023-1823: Inappropriate implementation in FedCM. Reported by Jasper Rebane (popstonia) on 2023-01-13
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1430254] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 111.0.5563.110 (Mar 22, 2023)

  • This update includes 8 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • [$10000][1421773] High CVE-2023-1528: Use after free in Passwords. Reported by Wan Choi of Seoul National University on 2023-03-07
  • [$8000][1419718] High CVE-2023-1529: Out of bounds memory access in WebHID. Reported by anonymous on 2023-02-27
  • [$7000][1419831] High CVE-2023-1530: Use after free in PDF. Reported by The UK's National Cyber Security Centre (NCSC) on 2023-02-27
  • [$TBD][1415330] High CVE-2023-1531: Use after free in ANGLE. Reported by Piotr Bania of Cisco Talos on 2023-02-13
  • [$NA][1421268] High CVE-2023-1532: Out of bounds read in GPU Video. Reported by Mark Brand of Google Project Zero on 2023-03-03
  • [$TBD][1422183] High CVE-2023-1533: Use after free in WebProtect. Reported by Weipeng Jiang (@Krace) of VRI on 2023-03-07
  • [$NA][1422594] High CVE-2023-1534: Out of bounds read in ANGLE. Reported by Jann Horn and Mark Brand of Google Project Zero on 2023-03-08
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1426294] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 111.0.5563.64 (Mar 9, 2023)

  • SECURITY FIXES AND REWARDS:
  • Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 40 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$15000][1411210] High CVE-2023-1213: Use after free in Swiftshader. Reported by Jaehun Jeong(@n3sk) of Theori on 2023-01-30
  • [$10000][1412487] High CVE-2023-1214: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2023-02-03
  • [$7000][1417176] High CVE-2023-1215: Type Confusion in CSS. Reported by Anonymous on 2023-02-17
  • [$4000][1417649] High CVE-2023-1216: Use after free in DevTools. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on 2023-02-21
  • [$3000][1412658] High CVE-2023-1217: Stack buffer overflow in Crash reporting. Reported by sunburst of Ant Group Tianqiong Security Lab on 2023-02-03
  • [$3000][1413628] High CVE-2023-1218: Use after free in WebRTC. Reported by Anonymous on 2023-02-07
  • [$TBD][1415328] High CVE-2023-1219: Heap buffer overflow in Metrics. Reported by Sergei Glazunov of Google Project Zero on 2023-02-13
  • [$TBD][1417185] High CVE-2023-1220: Heap buffer overflow in UMA. Reported by Sergei Glazunov of Google Project Zero on 2023-02-17
  • [$10000][1385343] Medium CVE-2023-1221: Insufficient policy enforcement in Extensions API. Reported by Ahmed ElMasry on 2022-11-16
  • [$7000][1403515] Medium CVE-2023-1222: Heap buffer overflow in Web Audio API. Reported by Cassidy Kim(@cassidy6564) on 2022-12-24
  • [$5000][1398579] Medium CVE-2023-1223: Insufficient policy enforcement in Autofill. Reported by Ahmed ElMasry on 2022-12-07
  • [$5000][1403539] Medium CVE-2023-1224: Insufficient policy enforcement in Web Payments API. Reported by Thomas Orlita on 2022-12-25
  • [$5000][1408799] Medium CVE-2023-1225: Insufficient policy enforcement in Navigation. Reported by Roberto Ffrench-Davis @Lihaft on 2023-01-20
  • [$3000][1013080] Medium CVE-2023-1226: Insufficient policy enforcement in Web Payments API. Reported by Anonymous on 2019-10-10
  • [$3000][1348791] Medium CVE-2023-1227: Use after free in Core. Reported by @ginggilBesel on 2022-07-31
  • [$3000][1365100] Medium CVE-2023-1228: Insufficient policy enforcement in Intents. Reported by Axel Chong on 2022-09-18
  • [$2000][1160485] Medium CVE-2023-1229: Inappropriate implementation in Permission prompts. Reported by Thomas Orlita on 2020-12-20
  • [$2000][1404230] Medium CVE-2023-1230: Inappropriate implementation in WebApp Installs. Reported by Axel Chong on 2022-12-30
  • [$TBD][1274887] Medium CVE-2023-1231: Inappropriate implementation in Autofill. Reported by Yan Zhu, Brave on 2021-11-30
  • [$2000][1346924] Low CVE-2023-1232: Insufficient policy enforcement in Resource Timing. Reported by Sohom Datta on 2022-07-24
  • [$1000][1045681] Low CVE-2023-1233: Insufficient policy enforcement in Resource Timing. Reported by Soroush Karami on 2020-01-25
  • [$1000][1404621] Low CVE-2023-1234: Inappropriate implementation in Intents. Reported by Axel Chong on 2023-01-03
  • [$1000][1404704] Low CVE-2023-1235: Type Confusion in DevTools. Reported by raven at KunLun lab on 2023-01-03
  • [$TBD][1374518] Low CVE-2023-1236: Inappropriate implementation in Internals. Reported by Alesandro Ortiz on 2022-10-14
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1422099] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 110.0.5481.177 (Mar 6, 2023)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix.
  • We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 10 security fixes:
  • [$TBD][1415366] Critical CVE-2023-0941: Use after free in Prompts. Reported by Anonymous on 2023-02-13
  • [$31000][1414738] High CVE-2023-0927: Use after free in Web Payments API. Reported by Rong Jian of VRI on 2023-02-10
  • [$13000][1309035] High CVE-2023-0928: Use after free in SwiftShader. Reported by Anonymous on 2022-03-22
  • [$10000][1399742] High CVE-2023-0929: Use after free in Vulkan. Reported by Cassidy Kim(@cassidy6564) on 2022-12-09
  • [$10000][1410766] High CVE-2023-0930: Heap buffer overflow in Video. Reported by Cassidy Kim(@cassidy6564) on 2023-01-27
  • [$3000][1407701] High CVE-2023-0931: Use after free in Video. Reported by Cassidy Kim(@cassidy6564) on 2023-01-17
  • [$TBD][1413005] High CVE-2023-0932: Use after free in WebRTC. Reported by Omri Bushari (Talon Cyber Security) on 2023-02-05
  • [$11000][1404864] Medium CVE-2023-0933: Integer overflow in PDF. Reported by Zhiyi Zhang from Codesafe Team of Legendsec
  • at QI-ANXIN Group on 2023-01-04
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1417906] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 109.0.5414.119 (Jan 25, 2023)

  • SECURITY FIXES AND REWARDS:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 6 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • [$16000][1376354] High CVE-2023-0471: Use after free in WebTransport. Reported by chichoo Kim(chichoo) and Cassidy Kim(@cassidy6564) on 2022-10-19
  • [$3000][1405256] High CVE-2023-0472: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-01-06
  • [$7500][1404639] Medium CVE-2023-0473: Type Confusion in ServiceWorker API. Reported by raven at KunLun lab on 2023-01-03
  • [$TBD][1400841] Medium CVE-2023-0474: Use after free in GuestView. Reported by avaue at S.S.L on 2022-12-14
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1409890] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 109.0.5414.74 (Jan 11, 2023)

  • SECURITY FIXES AND REWARDS:
  • Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 17 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • High CVE-2023-0128: Use after free in Overview Mode. Reported by Khalil Zhani on 2022-08-16
  • High CVE-2023-0129: Heap buffer overflow in Network Service. Reported by asnine on 2022-11-07
  • Medium CVE-2023-0130: Inappropriate implementation in Fullscreen API. Reported by Hafiizh on 2022-09-30
  • Medium CVE-2023-0131: Inappropriate implementation in iframe Sandbox. Reported by NDevTK on 2022-08-28
  • Medium CVE-2023-0132: Inappropriate implementation in Permission prompts. Reported by Jasper Rebane (popstonia) on 2022-10-05
  • Medium CVE-2023-0133: Inappropriate implementation in Permission prompts. Reported by Alesandro Ortiz on 2022-10-17
  • Medium CVE-2023-0134: Use after free in Cart. Reported by Chaoyuan Peng (@ret2happy) on 2022-11-17
  • Medium CVE-2023-0135: Use after free in Cart. Reported by Chaoyuan Peng (@ret2happy) on 2022-11-18
  • Medium CVE-2023-0136: Inappropriate implementation in Fullscreen API. Reported by Axel Chong on 2022-08-26
  • Medium CVE-2023-0137: Heap buffer overflow in Platform Apps. Reported by avaue and Buff3tts at S.S.L. on 2022-12-10
  • Low CVE-2023-0138: Heap buffer overflow in libphonenumber. Reported by Michael Dau on 2022-07-23
  • Low CVE-2023-0139: Insufficient validation of untrusted input in Downloads. Reported by Axel Chong on 2022-09-24
  • Low CVE-2023-0140: Inappropriate implementation in File System API. Reported by harrison.mitchell, cybercx.com.au on 2022-05-18
  • Low CVE-2023-0141: Insufficient policy enforcement in CORS. Reported by scarlet on 2022-09-12
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • Various fixes from internal audits, fuzzing and other initiatives
  • Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

New in Google Chrome 108.0.5359.94 (Dec 5, 2022)

  • SECURITY FIXES AND REWARDS:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers.
  • [$NA][1394403] High CVE-2022-4262: Type Confusion in V8. Reported by Clement Lecigne of Google's Threat Analysis Group on 2022-11-29
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • Google is aware that an exploit for CVE-2022-4262 exists in the wild.
  • Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

New in Google Chrome 107.0.5304.121 (Nov 27, 2022)

  • This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers.
  • [$NA][1392715] High CVE-2022-4135: Heap buffer overflow in GPU. Reported by Clement Lecigne of Google's Threat Analysis Group on 2022-11-22
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • Google is aware that an exploit for CVE-2022-4135 exists in the wild.

New in Google Chrome 107.0.5304.110 (Nov 9, 2022)

  • This update includes 10 security fixes. Below, we highlight fixes that were contributed by external researchers:
  • [$21000][1377816] High CVE-2022-3885: Use after free in V8. Reported by gzobqq@ on 2022-10-24
  • [$10000][1372999] High CVE-2022-3886: Use after free in Speech Recognition. Reported by anonymous on 2022-10-10
  • [$7000][1372695] High CVE-2022-3887: Use after free in Web Workers. Reported by anonymous on 2022-10-08
  • [$7000][1375059] High CVE-2022-3888: Use after free in WebCodecs. Reported by Peter Nemeth on 2022-10-16
  • [$TBD][1380063] High CVE-2022-3889: Type Confusion in V8. Reported by anonymous on 2022-11-01
  • [$TBD][1380083] High CVE-2022-3890: Heap buffer overflow in Crashpad. Reported by anonymous on 2022-11-01
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1382280] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 107.0.5304.87 (Oct 31, 2022)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$TBD][1378239] High CVE-2022-3723: Type Confusion in V8. Reported by Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast on 2022-10-25
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • Google is aware of reports that an exploit for CVE-2022-3723 exists in the wild.
  • Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

New in Google Chrome 106.0.5249.119 (Oct 12, 2022)

  • This update includes 6 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$15000][1364604] High CVE-2022-3445: Use after free in Skia. Reported by Nan Wang (@eternalsakura13) and Yong Liu of 360 Vulnerability Research Institute on 2022-09-16
  • [$13000][1368076] High CVE-2022-3446: Heap buffer overflow in WebSQL. Reported by Kaijie Xu (@kaijieguigui) on 2022-09-26
  • [$7500][1366582] High CVE-2022-3447: Inappropriate implementation in Custom Tabs. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2022-09-22
  • [$2500][1363040] High CVE-2022-3448: Use after free in Permissions API. Reported by raven at KunLun lab on 2022-09-13
  • [$TBD][1364662] High CVE-2022-3449: Use after free in Safe Browsing. Reported by asnine on 2022-09-17
  • [$TBD][1369882] High CVE-2022-3450: Use after free in Peer Connection. Reported by Anonymous on 2022-09-30

New in Google Chrome 106.0.5249.91 (Oct 4, 2022)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • High CVE-2022-3370: Use after free in Custom Elements. Reported by Aviv A. on 2022-09-22
  • High CVE-2022-3373: Out of bounds write in V8. Reported by Tibor Klajnscek on 2022-09-21

New in Google Chrome 106.0.5249.61 (Sep 28, 2022)

  • This update includes 20 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$9000][1358907] High CVE-2022-3304: Use after free in CSS. Reported by Anonymous on 2022-09-01
  • [$3000][1343104] High CVE-2022-3201: Insufficient validation of untrusted input in Developer Tools. Reported by NDevTK on 2022-07-09
  • [$TBD][1319229] High CVE-2022-3305: Use after free in Survey. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-04-24
  • [$TBD][1320139] High CVE-2022-3306: Use after free in Survey. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-04-27
  • [$TBD][1323488] High CVE-2022-3307: Use after free in Media. Reported by Anonymous Telecommunications Corp. Ltd. on 2022-05-08
  • [$7500][1342722] Medium CVE-2022-3308: Insufficient policy enforcement in Developer Tools. Reported by Andrea Cappa (zi0Black) @ Shielder on 2022-07-08
  • [$4000][1348415] Medium CVE-2022-3309: Use after free in Assistant. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab on 2022-07-29
  • [$1000][1240065] Medium CVE-2022-3310: Insufficient policy enforcement in Custom Tabs. Reported by Ashwin Agrawal from Optus, Sydney on 2021-08-16
  • [$TBD][1302813] Medium CVE-2022-3311: Use after free in Import. Reported by Samet Bekmezci @sametbekmezci on 2022-03-04
  • [$TBD][1303306] Medium CVE-2022-3312: Insufficient validation of untrusted input in VPN. Reported by Andr.Ess on 2022-03-06
  • [$TBD][1317904] Medium CVE-2022-3313: Incorrect security UI in Full Screen. Reported by Irvan Kurniawan (sourc7) on 2022-04-20
  • [$TBD][1328708] Medium CVE-2022-3314: Use after free in Logging. Reported by Anonymous on 2022-05-24
  • [$7000][1322812] Medium CVE-2022-3315: Type confusion in Blink. Reported by Anonymous on 2022-05-05
  • [$5000][1333623] Low CVE-2022-3316: Insufficient validation of untrusted input in Safe Browsing. Reported by Sven Dysthe (@svn_dy) on 2022-06-07
  • [$2000][1300539] Low CVE-2022-3317: Insufficient validation of untrusted input in Intents. Reported by Hafiizh on 2022-02-24
  • [$TBD][1318791] Low CVE-2022-3318: Use after free in ChromeOS Notifications. Reported by GraVity0 on 2022-04-22
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1368115] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 105.0.5195.125 (Sep 15, 2022)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • High CVE-2022-3195: Out of bounds write in Storage. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute on 2022-08-31
  • High CVE-2022-3196: Use after free in PDF. Reported by triplepwns on 2022-08-30
  • High CVE-2022-3197: Use after free in PDF. Reported by triplepwns on 2022-08-30
  • High CVE-2022-3198: Use after free in PDF. Reported by MerdroidSG on 2022-08-23
  • High CVE-2022-3199: Use after free in Frames. Reported by Anonymous on 2022-08-22
  • High CVE-2022-3200: Heap buffer overflow in Internals. Reported by Richard Lorenz, SAP on 2022-08-22
  • High CVE-2022-3201: Insufficient validation of untrusted input in DevTools. Reported by NDevTK on 2022-07-09
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1363148] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 105.0.5195.102 (Sep 5, 2022)

  • This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers.
  • [$TBD][1358134] High CVE-2022-3075: Insufficient data validation in Mojo. Reported by Anonymous on 2022-08-30

New in Google Chrome 105.0.5195.52 (Aug 31, 2022)

  • [$NA][1340253] Critical CVE-2022-3038: Use after free in Network Service. Reported by Sergei Glazunov of Google Project Zero on 2022-06-28
  • [$10000][1343348] High CVE-2022-3039: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-07-11
  • [$9000][1341539] High CVE-2022-3040: Use after free in Layout. Reported by Anonymous on 2022-07-03
  • [$7500][1345947] High CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute on 2022-07-20
  • [$5000][1338553] High CVE-2022-3042: Use after free in PhoneHub. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-06-22
  • [$3000][1336979] High CVE-2022-3043: Heap buffer overflow in Screen Capture. Reported by @ginggilBesel on 2022-06-16
  • [$NA][1051198] High CVE-2022-3044: Inappropriate implementation in Site Isolation. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-02-12
  • [$TBD][1339648] High CVE-2022-3045: Insufficient validation of untrusted input in V8. Reported by Ben Noordhuis on 2022-06-26
  • [$TBD][1346245] High CVE-2022-3046: Use after free in Browser Tag. Reported by Rong Jian of VRI on 2022-07-21
  • [$7000][1342586] Medium CVE-2022-3047: Insufficient policy enforcement in Extensions API. Reported by Maurice Dauer on 2022-07-07
  • [$5000][1303308] Medium CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen. Reported by Andr.Ess on 2022-03-06
  • [$3000][1316892] Medium CVE-2022-3049: Use after free in SplitScreen. Reported by @ginggilBesel on 2022-04-17
  • [$3000][1337132] Medium CVE-2022-3050: Heap buffer overflow in WebUI. Reported by Zhihua Yao of KunLun Lab on 2022-06-17
  • [$2000][1345245] Medium CVE-2022-3051: Heap buffer overflow in Exosphere. Reported by @ginggilBesel on 2022-07-18
  • [$2000][1346154] Medium CVE-2022-3052: Heap buffer overflow in Window Manager. Reported by Khalil Zhani on 2022-07-21
  • [$TBD][1267867] Medium CVE-2022-3053: Inappropriate implementation in Pointer Lock. Reported by Jesper van den Ende (Pelican Party Studios) on 2021-11-08
  • [$TBD][1290236] Medium CVE-2022-3054: Insufficient policy enforcement in DevTools. Reported by Kuilin Li on 2022-01-24
  • [$TBD][1351969] Medium CVE-2022-3055: Use after free in Passwords. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-08-11
  • [$3000][1329460] Low CVE-2022-3056: Insufficient policy enforcement in Content Security Policy. Reported by Anonymous on 2022-05-26
  • [$2000][1336904] Low CVE-2022-3057: Inappropriate implementation in iframe Sandbox. Reported by Gareth Heyes on 2022-06-16
  • [$1000][1337676] Low CVE-2022-3058: Use after free in Sign-In Flow. Reported by raven at KunLun lab on 2022-06-20
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1357881] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 104.0.5112.102 (Aug 20, 2022)

  • [m104] gpu: Evict invalid Dawn DXGI external images
  • Disable ScrollableShelfViewWithAppScalingTest test
  • Disable AccessibilityCanvasActionBrowserTest.CanvasGetImage
  • Updating XTBs based on .GRDs from branch 5112
  • [ProfileKeyedServicesBrowserTest] Fix failing official test
  • Disable EvictOnAccessibilityEventsOrNot on Windows
  • [Merge to M-104]tablet_mode: Fix crash on dragging split divider at tablet mode
  • Disable continue section by default

New in Google Chrome 104.0.5112.81 (Aug 3, 2022)

  • Security Fixes:
  • This update includes 27 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information:
  • High CVE-2022-2603: Use after free in Omnibox.
  • High CVE-2022-2604: Use after free in Safe Browsing.
  • High CVE-2022-2605: Out of bounds read in Dawn.
  • High CVE-2022-2606: Use after free in Managed devices API.
  • High CVE-2022-2607: Use after free in Tab Strip.
  • High CVE-2022-2608: Use after free in Overview Mode.
  • TBD1338560 High CVE-2022-2609: Use after free in Nearby Share.
  • Medium CVE-2022-2610: Insufficient policy enforcement in Background Fetch.
  • Medium CVE-2022-2611: Inappropriate implementation in Fullscreen API.
  • Medium CVE-2022-2612: Side-channel information leakage in Keyboard input.
  • Medium CVE-2022-2613: Use after free in Input.
  • Medium CVE-2022-2614: Use after free in Sign-In Flow.
  • Medium CVE-2022-2615: Insufficient policy enforcement in Cookies.
  • Medium CVE-2022-2616: Inappropriate implementation in Extensions API.
  • Medium CVE-2022-2617: Use after free in Extensions API.
  • Medium CVE-2022-2618: Insufficient validation of untrusted input in Internals.
  • Medium CVE-2022-2619: Insufficient validation of untrusted input in Settings.
  • Medium CVE-2022-2620: Use after free in WebUI.
  • Medium CVE-2022-2621: Use after free in Extensions.
  • Medium CVE-2022-2622: Insufficient validation of untrusted input in Safe Browsing.
  • Medium CVE-2022-2623: Use after free in Offline.

New in Google Chrome 103.0.5060.53 (Jun 22, 2022)

  • The Chrome team is delighted to announce the promotion of Chrome 103 to the stable channel for Windows,Mac and Linux.This will roll out over the coming days/weeks.
  • Chrome 103.0.5060.53 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 103.
  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 14 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • [$NA][1335458] Critical CVE-2022-2156: Use after free in Base. Reported by Mark Brand of Google Project Zero on 2022-06-11
  • [$20000][1327312] High CVE-2022-2157: Use after free in Interest groups. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-05-19
  • [$7500][1321078] High CVE-2022-2158: Type Confusion in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab on 2022-04-29
  • [$3000][1116450] Medium CVE-2022-2160: Insufficient policy enforcement in DevTools. Reported by David Erceg on 2020-08-14
  • [$3000][1330289] Medium CVE-2022-2161: Use after free in WebApp Provider. Reported by Zhihua Yao of KunLun Lab on 2022-05-30
  • [$2000][1307930] Medium CVE-2022-2162: Insufficient policy enforcement in File System API. Reported by Abdelhamid Naceri (halov) on 2022-03-19
  • [$7000][1308341] Low CVE-2022-2163: Use after free in Cast UI and Toolbar. Reported by Chaoyuan Peng (@ret2happy) on 2022-03-21
  • [$1000][1268445] Low CVE-2022-2164: Inappropriate implementation in Extensions API. Reported by José Miguel Moreno Computer Security Lab (COSEC) at UC3M on 2021-11-10
  • [$500][1250993] Low CVE-2022-2165: Insufficient data validation in URL formatting. Reported by Rayyan Bijoora on 2021-09-19

New in Google Chrome 102.0.5005.115 (Jun 9, 2022)

  • This update includes 7 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$10000][1326210] High CVE-2022-2007: Use after free in WebGPU. Reported by David Manouchehri on 2022-05-17
  • [$TBD][1317673] High CVE-2022-2008: Out of bounds memory access in WebGL. Reported by khangkito - Tran Van Khang (VinCSS) on 2022-04-19
  • [$NA][1325298] High CVE-2022-2010: Out of bounds read in compositing. Reported by Mark Brand of Google Project Zero on 2022-05-13
  • [$TBD][1330379] High CVE-2022-2011: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-05-31
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1333948] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 102.0.5005.61 (May 24, 2022)

  • This update includes 32 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • [$TBD][1324864] Critical CVE-2022-1853: Use after free in Indexed DB. Reported by Anonymous on 2022-05-12
  • [$10000][1320024] High CVE-2022-1854: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-04-27
  • [$7500][1228661] High CVE-2022-1855: Use after free in Messaging. Reported by Anonymous on 2021-07-13
  • [$3000][1323239] High CVE-2022-1856: Use after free in User Education. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-05-06
  • [$2000][1227995] High CVE-2022-1857: Insufficient policy enforcement in File System API. Reported by Daniel Rhea on 2021-07-11
  • [$1000][1314310] High CVE-2022-1858: Out of bounds read in DevTools. Reported by EllisVlad on 2022-04-07
  • [$1000][1322744] High CVE-2022-1859: Use after free in Performance Manager. Reported by Guannan Wang (@Keenan7310) of Tencent Security Xuanwu Lab on 2022-05-05
  • [$TBD][1297209] High CVE-2022-1860: Use after free in UI Foundations. Reported by @ginggilBesel on 2022-02-15
  • [$TBD][1316846] High CVE-2022-1861: Use after free in Sharing. Reported by Khalil Zhani on 2022-04-16
  • [$5000][1236325] Medium CVE-2022-1862: Inappropriate implementation in Extensions. Reported by Alesandro Ortiz on 2021-08-04
  • [$5000][1292870] Medium CVE-2022-1863: Use after free in Tab Groups. Reported by David Erceg on 2022-02-01
  • [$5000][1320624] Medium CVE-2022-1864: Use after free in WebApp Installs. Reported by Yuntao You (@GraVity0) of Bytedance Wuheng Lab on 2022-04-28
  • [$3000][1289192] Medium CVE-2022-1865: Use after free in Bookmarks. Reported by Rong Jian of VRI on 2022-01-20
  • [$3000][1292264] Medium CVE-2022-1866: Use after free in Tablet Mode. Reported by @ginggilBesel on 2022-01-29
  • [$3000][1315563] Medium CVE-2022-1867: Insufficient validation of untrusted input in Data Transfer. Reported by Michał Bentkowski of Securitum on 2022-04-12
  • [$TBD][1301203] Medium CVE-2022-1868: Inappropriate implementation in Extensions API. Reported by Alesandro Ortiz on 2022-02-28
  • [$NA][1309467] Medium CVE-2022-1869: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2022-03-23
  • [$TBD][1323236] Medium CVE-2022-1870: Use after free in App Service. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-05-06
  • [$7000][1308199] Low CVE-2022-1871: Insufficient policy enforcement in File System API. Reported by Thomas Orlita on 2022-03-21
  • [$7000][1310461] Low CVE-2022-1872: Insufficient policy enforcement in Extensions API. Reported by ChaobinZhang on 2022-03-26
  • [$2000][1305394] Low CVE-2022-1873: Insufficient policy enforcement in COOP. Reported by NDevTK on 2022-03-11
  • [$500][1251588] Low CVE-2022-1874: Insufficient policy enforcement in Safe Browsing. Reported by hjy79425575 on 2021-09-21
  • [$500][1306443] Low CVE-2022-1875: Inappropriate implementation in PDF. Reported by NDevTK on 2022-03-15
  • [$TBD][1313600] Low CVE-2022-1876: Heap buffer overflow in DevTools. Reported by @ginggilBesel on 2022-04-06
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1328866] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 101.0.4951.67 (May 15, 2022)

  • [M101][infra] Migrate configs for android-cronet-arm-dbg src-side.
  • [M101] [infra] Migrate builder config for mac-official src-side
  • [M101] Revert "Process STOPPED and STARTED events in MF Video Capture Device"
  • [M101][infra] Migrate configs for ios-simulator-cronet src-side.
  • [M101][infra] Migrate configs for ios-simulator-cronet src-side.
  • Updating XTBs based on .GRDs from branch 4951
  • 4951: infra: Add a builder_spec for mac_optional_gpu_tests_rel
  • 4951: Add testing specs for win_optional_gpu_tests_rel
  • [M101][infra] Remove os values used for xenial -> bionic migration.
  • [M101][infra] Migrate configs for "Win Builder (dbg)" src-side.
  • Updating XTBs based on .GRDs from branch 4951
  • [skylab_tests] Update skylab tests cros img version
  • [M101][infa] Migrate chromium.chromiumos:lacros-arm-generic-rel src side

New in Google Chrome 101.0.4951.64 (May 10, 2022)

  • This update includes 13 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • [$5000][1316990] High CVE-2022-1633: Use after free in Sharesheet. Reported by Khalil Zhani on 2022-04-18
  • [$3000][1314908] High CVE-2022-1634: Use after free in Browser UI. Reported by Khalil Zhani on 2022-04-09
  • [$3000][1319797] High CVE-2022-1635: Use after free in Permission Prompts. Reported by Anonymous on 2022-04-26
  • [$NA][1297283] High CVE-2022-1636: Use after free in Performance APIs. Reported by Seth Brenith, Microsoft on 2022-02-15
  • [$TBD][1311820] High CVE-2022-1637: Inappropriate implementation in Web Contents. Reported by Alesandro Ortiz on 2022-03-31
  • [$TBD][1316946] High CVE-2022-1638: Heap buffer overflow in V8 Internationalization. Reported by DoHyun Lee (@l33d0hyun) of DNSLab, Korea University on 2022-04-17
  • [$TBD][1317650] High CVE-2022-1639: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-04-19
  • [$TBD][1320592] High CVE-2022-1640: Use after free in Sharing. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-04-28
  • [$5000][1305068] Medium CVE-2022-1641: Use after free in Web UI Diagnostics. Reported by Rong Jian of VRI on 2022-03-10
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1323855] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 101.0.4951.41 (Apr 27, 2022)

  • The Chrome team is delighted to announce the promotion of Chrome 101 to the stable channel for Windows, Mac and Linux.This will roll out over the coming days/weeks.
  • Chrome 101.0.4951.41 for Windows,Mac and Linux contains a number of fixes and improvements -- a list of changes is available in the log.
  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 30 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • High CVE-2022-1477: Use after free in Vulkan. Reported by SeongHwan Park (SeHwa) on 2022-04-06
  • High CVE-2022-1478: Use after free in SwiftShader. Reported by SeongHwan Park (SeHwa) on 2022-02-20
  • High CVE-2022-1479: Use after free in ANGLE. Reported by Jeonghoon Shin of Theori on 2022-03-10
  • High CVE-2022-1480: Use after free in Device API. Reported by @uwu7586 on 2022-03-17
  • High CVE-2022-1481: Use after free in Sharing. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-03-04
  • High CVE-2022-1482: Inappropriate implementation in WebGL. Reported by Christoph Diehl, Microsoft on 2022-03-10
  • High CVE-2022-1483: Heap buffer overflow in WebGPU. Reported by Mark Brand of Google Project Zero on 2022-04-08
  • Medium CVE-2022-1484: Heap buffer overflow in Web UI Settings. Reported by Chaoyuan Peng (@ret2happy) on 2022-02-15
  • Medium CVE-2022-1485: Use after free in File System API. Reported by Anonymous on 2022-02-22
  • Medium CVE-2022-1486: Type Confusion in V8. Reported by Brendon Tiszka on 2022-04-08
  • Medium CVE-2022-1487: Use after free in Ozone. Reported by Sri on 2022-03-09
  • Medium CVE-2022-1488: Inappropriate implementation in Extensions API. Reported by Thomas Beverley from Wavebox.io on 2022-03-04
  • Medium CVE-2022-1489: Out of bounds memory access in UI Shelf. Reported by Khalil Zhani on 2022-02-25
  • Medium CVE-2022-1490: Use after free in Browser Switcher. Reported by raven at KunLun lab on 2022-03-01
  • Medium CVE-2022-1491: Use after free in Bookmarks. Reported by raven at KunLun lab on 2022-03-12
  • Medium CVE-2022-1492: Insufficient data validation in Blink Editing. Reported by Michał Bentkowski of Securitum on 2022-04-11
  • Medium CVE-2022-1493: Use after free in Dev Tools. Reported by Zhihua Yao of KunLun Lab on 2021-12-01
  • Medium CVE-2022-1494: Insufficient data validation in Trusted Types. Reported by Masato Kinugawa on 2022-02-17
  • Medium CVE-2022-1495: Incorrect security UI in Downloads. Reported by Umar Farooq on 2022-02-28
  • Medium CVE-2022-1496: Use after free in File Manager. Reported by Zhiyi Zhang and Zhunki from Codesafe Team of Legendsec at Qi'anxin Group on 2022-03-15
  • Medium CVE-2022-1497: Inappropriate implementation in Input. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-10-29
  • Low CVE-2022-1498: Inappropriate implementation in HTML Parser. Reported by SeungJu Oh (@real_as3617) on 2022-02-14
  • Low CVE-2022-1499: Inappropriate implementation in WebAuthentication. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-09-04
  • Low CVE-2022-1500: Insufficient data validation in Dev Tools. Reported by Hoang Nguyen on 2021-06-25
  • Low CVE-2022-1501: Inappropriate implementation in iframe. Reported by Oriol Brufau on 2022-02-02

New in Google Chrome 100.0.4896.127 (Apr 17, 2022)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 2 security fixes:
  • [$NA][1315901] High CVE-2022-1364: Type Confusion in V8. Reported by Clément Lecigne of Google's Threat Analysis Group on 2022-04-13
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • Google is aware that an exploit for CVE-2022-1364 exists in the wild.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1316420] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 100.0.4896.88 (Apr 12, 2022)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers:
  • High CVE-2022-1305: Use after free in storage. Reported by Anonymous on 2022-01-07
  • High CVE-2022-1306: Inappropriate implementation in compositing. Reported by Sven Dysthe on 2022-02-21
  • High CVE-2022-1307: Inappropriate implementation in full screen. Reported by Irvan Kurniawan (sourc7) on 2022-03-01
  • High CVE-2022-1308: Use after free in BFCache. Reported by Samet Bekmezci @sametbekmezci on 2021-12-28
  • High CVE-2022-1309: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-07-17
  • High CVE-2022-1310: Use after free in regular expressions. Reported by Brendon Tiszka on 2022-03-18
  • High CVE-2022-1311: Use after free in Chrome OS shell. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-03-28
  • High CVE-2022-1312: Use after free in storage. Reported by Leecraso and Guang Gong of 360 Vulnerability Research Institute on 2022-03-30
  • Medium CVE-2022-1313: Use after free in tab groups. Reported by Thomas Orlita on 2021-11-16
  • Medium CVE-2022-1314: Type Confusion in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab on 2022-03-09
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1315276] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 100.0.4896.75 (Apr 5, 2022)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 1 security fix:
  • High CVE-2022-1232: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2022-03-30
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

New in Google Chrome 100.0.4896.60 (Mar 30, 2022)

  • This update includes 28 security fixes:
  • [$7000][1292261] High CVE-2022-1125: Use after free in Portals. Reported by Khalil Zhani on 2022-01-29
  • [$5000][1291891] High CVE-2022-1127: Use after free in QR Code Generator. Reported by anonymous on 2022-01-28
  • [$5000][1301920] High CVE-2022-1128: Inappropriate implementation in Web Share API. Reported by Abdel Adim (@smaury92) Oisfi of Shielder on 2022-03-01
  • [$3000][1300253] High CVE-2022-1129: Inappropriate implementation in Full Screen Mode. Reported by Irvan Kurniawan (sourc7) on 2022-02-24
  • [$1000][1142269] High CVE-2022-1130: Insufficient validation of untrusted input in WebOTP. Reported by Sergey Toshin of Oversecurity Inc. on 2020-10-25
  • [$NA][1297404] High CVE-2022-1131: Use after free in Cast UI. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2022-02-15
  • [$TBD][1303410] High CVE-2022-1132: Inappropriate implementation in Virtual Keyboard. Reported by Andr.Ess on 2022-03-07
  • [$TBD][1305776] High CVE-2022-1133: Use after free in WebRTC. Reported by Anonymous on 2022-03-13
  • [$TBD][1308360] High CVE-2022-1134: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2022-03-21
  • [$16000][1285601] Medium CVE-2022-1135: Use after free in Shopping Cart. Reported by Wei Yuan of MoyunSec VLab on 2022-01-09
  • [$7000][1280205] Medium CVE-2022-1136: Use after free in Tab Strip . Reported by Krace on 2021-12-15
  • [$5000][1289846] Medium CVE-2022-1137: Inappropriate implementation in Extensions. Reported by Thomas Orlita on 2022-01-22
  • [$2000][1246188] Medium CVE-2022-1138: Inappropriate implementation in Web Cursor. Reported by Alesandro Ortiz on 2021-09-03
  • [$TBD][1268541] Medium CVE-2022-1139: Inappropriate implementation in Background Fetch API. Reported by Maurice Dauer on 2021-11-10
  • [$TBD][1303253] Medium CVE-2022-1141: Use after free in File Manager. Reported by raven at KunLun lab on 2022-03-05
  • [$TBD][1303613] Medium CVE-2022-1142: Heap buffer overflow in WebUI. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2022-03-07
  • [$TBD][1303615] Medium CVE-2022-1143: Heap buffer overflow in WebUI. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2022-03-07
  • [$TBD][1304145] Medium CVE-2022-1144: Use after free in WebUI. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2022-03-08
  • [$TBD][1304545] Medium CVE-2022-1145: Use after free in Extensions. Reported by Yakun Zhang of Baidu Security on 2022-03-09
  • [$TBD][1290150] Low CVE-2022-1146: Inappropriate implementation in Resource Timing. Reported by Sohom Datta on 2022-01-23
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1311327] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 99.0.4844.74 (Mar 16, 2022)

  • SECURITY FIXES AND REWARDS:
  • Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$NA][1299422] Critical CVE-2022-0971: Use after free in Blink Layout. Reported by Sergei Glazunov of Google Project Zero on 2022-02-21
  • [$NA][1301320] High CVE-2022-0972: Use after free in Extensions. Reported by Sergei Glazunov of Google Project Zero on 2022-02-28
  • [$15000][1297498] High CVE-2022-0973: Use after free in Safe Browsing. Reported by avaue and Buff3tts at S.S.L. on 2022-02-15
  • [$7000][1291986] High CVE-2022-0974 : Use after free in Splitscreen. Reported by @ginggilBesel on 2022-01-28
  • [$7000][1295411] High CVE-2022-0975: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-02-09
  • [$7000][1296866] High CVE-2022-0976: Heap buffer overflow in GPU. Reported by Omair on 2022-02-13
  • [$3000][1299225] High CVE-2022-0977: Use after free in Browser UI. Reported by Khalil Zhani on 2022-02-20
  • [$TBD][1299264] High CVE-2022-0978: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-02-20
  • [$TBD][1302644] High CVE-2022-0979: Use after free in Safe Browsing. Reported by anonymous on 2022-03-03
  • [$TBD][1302157] Medium CVE-2022-0980: Use after free in New Tab Page. Reported by Krace on 2022-03-02
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1305655] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 99.0.4844.51 (Mar 2, 2022)

  • Security Fixes and Rewards:
  • Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 28 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • High CVE-2022-0789: Heap buffer overflow in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-01-21
  • High CVE-2022-0790: Use after free in Cast UI. Reported by Anonymous on 2021-11-26
  • High CVE-2022-0791: Use after free in Omnibox. Reported by Zhihua Yao of KunLun Lab on 2021-12-09
  • High CVE-2022-0792: Out of bounds read in ANGLE. Reported by Jaehun Jeong(@n3sk) of Theori on 2022-01-11
  • High CVE-2022-0793: Use after free in Views. Reported by Thomas Orlita on 2022-01-28
  • High CVE-2022-0794: Use after free in WebShare. Reported by Khalil Zhani on 2022-02-04
  • High CVE-2022-0795: Type Confusion in Blink Layout. Reported by 0x74960 on 2021-12-27
  • High CVE-2022-0796: Use after free in Media. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-02-10
  • High CVE-2022-0797: Out of bounds memory access in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2021-12-21
  • Medium CVE-2022-0798: Use after free in MediaStream. Reported by Samet Bekmezci @sametbekmezci on 2021-12-30
  • Medium CVE-2022-0799: Insufficient policy enforcement in Installer. Reported by Abdelhamid Naceri (halov) on 2021-12-12
  • Medium CVE-2022-0800: Heap buffer overflow in Cast UI. Reported by Khalil Zhani on 2021-08-24
  • Medium CVE-2022-0801: Inappropriate implementation in HTML parser. Reported by Michał Bentkowski of Securitum on 2021-07-20
  • Medium CVE-2022-0802: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2021-11-14
  • Medium CVE-2022-0803: Inappropriate implementation in Permissions. Reported by Abdulla Aldoseri on 2021-12-15
  • Medium CVE-2022-0804: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2021-10-29
  • Medium CVE-2022-0805: Use after free in Browser Switcher. Reported by raven at KunLun Lab on 2022-01-25
  • Medium CVE-2022-0806: Data leak in Canvas. Reported by Paril on 2021-12-31
  • Medium CVE-2022-0807: Inappropriate implementation in Autofill. Reported by Alesandro Ortiz on 2022-01-14
  • Medium CVE-2022-0808: Use after free in Chrome OS Shell. Reported by @ginggilBesel on 2022-01-29
  • Medium CVE-2022-0809: Out of bounds memory access in WebXR. Reported by @uwu7586 on 2022-02-03

New in Google Chrome 98.0.4758.102 (Feb 15, 2022)

  • This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • [$15000][1290008] High CVE-2022-0603: Use after free in File Manager. Reported by Chaoyuan Peng (@ret2happy) on 2022-01-22
  • [$7000][1273397] High CVE-2022-0604: Heap buffer overflow in Tab Groups. Reported by Krace on 2021-11-24
  • [$7000][1286940] High CVE-2022-0605: Use after free in Webstore API. Reported by Thomas Orlita on 2022-01-13
  • [$7000][1288020] High CVE-2022-0606: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-01-17
  • [$TBD][1250655] High CVE-2022-0607: Use after free in GPU. Reported by 0x74960 on 2021-09-17
  • [$NA][1270333] High CVE-2022-0608: Integer overflow in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2021-11-16
  • [$NA][1296150] High CVE-2022-0609: Use after free in Animation. Reported by Adam Weidemann and Clément Lecigne of Google's Threat Analysis Group on 2022-02-10
  • [$TBD][1285449] Medium CVE-2022-0610: Inappropriate implementation in Gamepad API. Reported by Anonymous on 2022-01-08

New in Google Chrome 98.0.4758.80 (Feb 2, 2022)

  • Stable Channel Update for Desktop
  • Tuesday, February 1, 2022
  • The Chrome team is delighted to announce the promotion of Chrome 98 to the stable channel for Windows, Mac and Linux. Chrome 98 is also promoted to our new extended stable channel for Windows and Mac. This will roll out over the coming days/weeks.
  • Chrome 98.0.4758.80/81/82 for windows and 98.0.4758.80 for mac and linux contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 98.
  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 27 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • High CVE-2022-0452: Use after free in Safe Browsing. Reported by avaue at S.S.L. on 2022-01-05
  • High CVE-2022-0453: Use after free in Reader Mode. Reported by Rong Jian of VRI on 2022-01-06
  • High CVE-2022-0454: Heap buffer overflow in ANGLE. Reported by Seong-Hwan Park (SeHwa) of SecunologyLab on 2022-01-17
  • High CVE-2022-0455: Inappropriate implementation in Full Screen Mode. Reported by Irvan Kurniawan (sourc7) on 2021-11-16
  • High CVE-2022-0456: Use after free in Web Search. Reported by Zhihua Yao of KunLun Lab on 2022-01-21
  • High CVE-2022-0457: Type Confusion in V8. Reported by rax of the Group0x58 on 2021-11-29
  • High CVE-2022-0458: Use after free in Thumbnail Tab Strip. Reported by Aonymous on 2021-11-05
  • High CVE-2022-0459: Use after free in Screen Capture. Reported by raven (@raid_akame) on 2021-08-28
  • Medium CVE-2022-0460: Use after free in Window Dialog. Reported by 0x74960 on 2021-09-16
  • Medium CVE-2022-0461: Policy bypass in COOP. Reported by NDevTK on 2021-10-05
  • Medium CVE-2022-0462: Inappropriate implementation in Scroll. Reported by Youssef Sammouda on 2021-11-16
  • Medium CVE-2022-0463: Use after free in Accessibility. Reported by Zhihua Yao of KunLun Lab on 2021-11-09
  • Medium CVE-2022-0464: Use after free in Accessibility. Reported by Zhihua Yao of KunLun Lab on 2021-11-14
  • Medium CVE-2022-0465: Use after free in Extensions. Reported by Samet Bekmezci @sametbekmezci on 2021-12-22
  • Medium CVE-2022-0466: Inappropriate implementation in Extensions Platform. Reported by David Erceg on 2020-08-12
  • Medium CVE-2022-0467: Inappropriate implementation in Pointer Lock. Reported by Alesandro Ortiz on 2021-08-13
  • Medium CVE-2022-0468: Use after free in Payments. Reported by Krace on 2021-09-24
  • Medium CVE-2022-0469: Use after free in Cast. Reported by Thomas Orlita on 2021-12-14
  • Low CVE-2022-0470: Out of bounds memory access in V8. Reported by Looben Yang on 2021-11-11
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 97.0.4692.99 (Jan 24, 2022)

  • Security Fixes and Rewards
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 26 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$NA][1284367] Critical CVE-2022-0289: Use after free in Safe browsing. Reported by Sergei Glazunov of Google Project Zero on 2022-01-05
  • [$20000],[NA][1260134][1260007] High CVE-2022-0290: Use after free in Site isolation. Reported by Brendon Tiszka and Sergei Glazunov of Google Project Zero on 2021-10-15
  • $20000][1281084] High CVE-2022-0291: Inappropriate implementation in Storage. Reported by Anonymous on 2021-12-19
  • [$17000][1270358] High CVE-2022-0292: Inappropriate implementation in Fenced Frames. Reported by Brendon Tiszka on 2021-11-16
  • [$15000][1283371] High CVE-2022-0293: Use after free in Web packaging. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-12-30
  • [$10000][1273017] High CVE-2022-0294: Inappropriate implementation in Push messaging. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-11-23
  • [$10000][1278180] High CVE-2022-0295: Use after free in Omnibox. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2021-12-09
  • [$7000][1283375] High CVE-2022-0296: Use after free in Printing. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2021-12-30
  • [$5000][1274316] High CVE-2022-0297: Use after free in Vulkan. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-11-28
  • [$TBD][1212957] High CVE-2022-0298: Use after free in Scheduling. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-25
  • [$TBD][1275438] High CVE-2022-0300: Use after free in Text Input Method Editor. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-12-01
  • [$NA][1276331] High CVE-2022-0301: Heap buffer overflow in DevTools. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-12-03
  • [$TBD][1278613] High CVE-2022-0302: Use after free in Omnibox. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2021-12-10
  • [$TBD][1281979] High CVE-2022-0304: Use after free in Bookmarks. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-12-22
  • [$TBD][1282354] High CVE-2022-0305: Inappropriate implementation in Service Worker API. Reported by @uwu7586 on 2021-12-23
  • [$NA][1283198] High CVE-2022-0306: Heap buffer overflow in PDFium. Reported by Sergei Glazunov of Google Project Zero on 2021-12-29
  • [$2000][1281881] Medium CVE-2022-0307: Use after free in Optimization Guide. Reported by Samet Bekmezci @sametbekmezci on 2021-12-21
  • [$2000][1282480] Medium CVE-2022-0308: Use after free in Data Transfer. Reported by @ginggilBesel on 2021-12-24
  • [$TBD][1240472] Medium CVE-2022-0309: Inappropriate implementation in Autofill. Reported by Alesandro Ortiz on 2021-08-17
  • [$TBD][1280253][1283805] Medium CVE-2022-0310: Heap buffer overflow in Task Manager. Reported by raven (@raid_akame) and Samet Bekmezci @sametbekmezci on 2021-12-15 and 2021-01-03
  • [$TBD][1283807] Medium CVE-2022-0311: Heap buffer overflow in Task Manager. Reported by Samet Bekmezci @sametbekmezci on 2022-01-03
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1288933] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 97.0.4692.71 (Jan 5, 2022)

  • This update includes 37 security fixes:
  • [$TBD][1275020] Critical CVE-2022-0096: Use after free in Storage. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-11-30
  • [$10000][1117173] High CVE-2022-0097: Inappropriate implementation in DevTools. Reported by David Erceg on 2020-08-17
  • [$10000][1273609] High CVE-2022-0098: Use after free in Screen Capture. Reported by @ginggilBesel on 2021-11-24
  • [$5000][1245629] High CVE-2022-0099: Use after free in Sign-in. Reported by Rox on 2021-09-01
  • [$TBD][1238209] High CVE-2022-0100: Heap buffer overflow in Media streams API. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-08-10
  • [$TBD][1249426] High CVE-2022-0101: Heap buffer overflow in Bookmarks. Reported by raven (@raid_akame) on 2021-09-14
  • [$TBD][1260129] High CVE-2022-0102: Type Confusion in V8 . Reported by Brendon Tiszka on 2021-10-14
  • [$TBD][1272266] High CVE-2022-0103: Use after free in SwiftShader. Reported by Abraruddin Khan and Omair on 2021-11-21
  • [$TBD][1273661] High CVE-2022-0104: Heap buffer overflow in ANGLE. Reported by Abraruddin Khan and Omair on 2021-11-25
  • [$TBD][1274376] High CVE-2022-0105: Use after free in PDF. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-11-28
  • [$TBD][1278960] High CVE-2022-0106: Use after free in Autofill. Reported by Khalil Zhani on 2021-12-10
  • [$10000][1248438] Medium CVE-2022-0107: Use after free in File Manager API. Reported by raven (@raid_akame) on 2021-09-10
  • [$5000][1248444] Medium CVE-2022-0108: Inappropriate implementation in Navigation. Reported by Luan Herrera (@lbherrera_) on 2021-09-10
  • [$4000][1261689] Medium CVE-2022-0109: Inappropriate implementation in Autofill. Reported by Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University on 2021-10-20
  • [$3000][1237310] Medium CVE-2022-0110: Incorrect security UI in Autofill. Reported by Alesandro Ortiz on 2021-08-06
  • [$3000][1241188] Medium CVE-2022-0111: Inappropriate implementation in Navigation. Reported by garygreen on 2021-08-18
  • [$3000][1255713] Medium CVE-2022-0112: Incorrect security UI in Browser UI. Reported by Thomas Orlita on 2021-10-04
  • [$1000][1039885] Medium CVE-2022-0113: Inappropriate implementation in Blink. Reported by Luan Herrera (@lbherrera_) on 2020-01-07
  • [$TBD][1267627] Medium CVE-2022-0114: Out of bounds memory access in Web Serial. Reported by Looben Yang on 2021-11-06
  • [$NA][1268903] Medium CVE-2022-0115: Uninitialized Use in File API. Reported by Mark Brand of Google Project Zero on 2021-11-10
  • [$TBD][1272250] Medium CVE-2022-0116: Inappropriate implementation in Compositing. Reported by Irvan Kurniawan (sourc7) on 2021-11-20
  • [$TBD][1115847] Low CVE-2022-0117: Policy bypass in Service Workers. Reported by Dongsung Kim (@kid1ng) on 2020-08-13
  • [$TBD][1238631] Low CVE-2022-0118: Inappropriate implementation in WebShare. Reported by Alesandro Ortiz on 2021-08-11
  • [$TBD][1262953] Low CVE-2022-0120: Inappropriate implementation in Passwords. Reported by CHAKRAVARTHI (Ruler96) on 2021-10-25
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1284397] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 96.0.4664.110 (Dec 14, 2021)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$NA][1263457] Critical CVE-2021-4098: Insufficient data validation in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2021-10-26
  • [$5000][1270658] High CVE-2021-4099: Use after free in Swiftshader. Reported by Aki Helin of Solita on 2021-11-16
  • [$5000][1272068] High CVE-2021-4100: Object lifecycle issue in ANGLE. Reported by Aki Helin of Solita on 2021-11-19
  • [$TBD][1262080] High CVE-2021-4101: Heap buffer overflow in Swiftshader. Reported by Abraruddin Khan and Omair on 2021-10-21
  • [$TBD][1278387] High CVE-2021-4102: Use after free in V8. Reported by Anonymous on 2021-12-09

New in Google Chrome 96.0.4664.93 (Dec 7, 2021)

  • This update includes 20 security fixes. Below, we highlight fixes that were contributed by external researchers:
  • High CVE-2021-4052: Use after free in web apps. Reported by Wei Yuan of MoyunSec VLab on 2021-11-07
  • High CVE-2021-4053: Use after free in UI. Reported by Rox on 2021-11-08
  • High CVE-2021-4054: Incorrect security UI in autofill. Reported by Alesandro Ortiz on 2021-08-13
  • High CVE-2021-4055: Heap buffer overflow in extensions. Reported by Chen Rong on 2021-11-03
  • High CVE-2021-4056: Type Confusion in loader. Reported by @__R0ng of 360 Alpha Lab on 2021-10-18
  • High CVE-2021-4057: Use after free in file API. Reported by Sergei Glazunov of Google Project Zero on 2021-10-21
  • High CVE-2021-4058: Heap buffer overflow in ANGLE. Reported by Abraruddin Khan and Omair on 2021-11-06
  • High CVE-2021-4059: Insufficient data validation in loader. Reported by Luan Herrera (@lbherrera_) on 2021-11-17
  • High CVE-2021-4061: Type Confusion in V8. Reported by Paolo Severini on 2021-11-18
  • High CVE-2021-4062: Heap buffer overflow in BFCache. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-11-22
  • High CVE-2021-4063: Use after free in developer tools. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-11-23
  • High CVE-2021-4064: Use after free in screen capture. Reported by @ginggilBesel on 2021-11-23
  • High CVE-2021-4065: Use after free in autofill. Reported by 5n1p3r0010 on 2021-11-25
  • High CVE-2021-4066: Integer underflow in ANGLE. Reported by Jaehun Jeong(@n3sk) of Theori on 2021-11-29
  • High CVE-2021-4067: Use after free in window manager. Reported by @ginggilBesel on 2021-11-29
  • Low CVE-2021-4068: Insufficient validation of untrusted input in new tab page. Reported by NDevTK on 2021-10-31

New in Google Chrome 96.0.4664.45 (Nov 15, 2021)

  • Chrome 96.0.4664.45 contains a number of fixes and improvements

New in Google Chrome 95.0.4638.69 (Oct 29, 2021)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 8 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • Changes:
  • [$10000][1259864] High CVE-2021-37997 : Use after free in Sign-In. Reported by Wei Yuan of MoyunSec VLab on 2021-10-14
  • [$7500][1259587] High CVE-2021-37998 : Use after free in Garbage Collection. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-10-13
  • [$1000][1251541] High CVE-2021-37999 : Insufficient data validation in New Tab Page. Reported by Ashish Arun Dhone on 2021-09-21
  • [$N/A][1249962] High CVE-2021-38000 : Insufficient validation of untrusted input in Intents. Reported by Clement Lecigne, Neel Mehta, and Maddie Stone of Google Threat Analysis Group on 2021-09-15
  • [$N/A][1260577] High CVE-2021-38001 : Type Confusion in V8. Reported by Kunlun Lab via Tianfu Cup on 2021-10-16
  • [$N/A][1260940] High CVE-2021-38002 : Use after free in Web Transport. Reported by @__R0ng of 360 Alpha Lab, 漏洞研究院青训队 via Tianfu Cup on 2021-10-16
  • [$TBD][1263462] High CVE-2021-38003 : Inappropriate implementation in V8. Reported by Clément Lecigne from Google TAG and Samuel Groß from Google Project Zero on 2021-10-26
  • Google is aware that exploits for CVE-2021-38000 and CVE-2021-38003 exist in the wild.
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1264537] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 95.0.4638.54 (Oct 20, 2021)

  • Security Fixes and Rewards:
  • This update includes 19 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • [$20000][1246631] High CVE-2021-37981 : Heap buffer overflow in Skia. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-09-04
  • [$10000][1248661] High CVE-2021-37982 : Use after free in Incognito. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-09-11
  • [$10000][1249810] High CVE-2021-37983 : Use after free in Dev Tools. Reported by Zhihua Yao of KunLun Lab on 2021-09-15
  • [$7500][1253399] High CVE-2021-37984 : Heap buffer overflow in PDFium. Reported by Antti Levomäki, Joonas Pihlaja and Christian Jalio from Forcepoint on 2021-09-27
  • [$5000][1241860] High CVE-2021-37985 : Use after free in V8. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-08-20
  • [$6000][1242404] Medium CVE-2021-37986 : Heap buffer overflow in Settings. Reported by raven (@raid_akame) on 2021-08-23
  • [$5000][1206928] Medium CVE-2021-37987 : Use after free in Network APIs. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-08
  • [$5000][1228248] Medium CVE-2021-37988 : Use after free in Profiles. Reported by raven (@raid_akame) on 2021-07-12
  • [$2000][1233067] Medium CVE-2021-37989 : Inappropriate implementation in Blink. Reported by Matt Dyas, Ankur Sundara on 2021-07-26
  • [$N/A][1247395] Medium CVE-2021-37990 : Inappropriate implementation in WebView. Reported by Kareem Selim of CyShield on 2021-09-07
  • [$TBD][1250660] Medium CVE-2021-37991 : Race in V8. Reported by Samuel Groß of Google Project Zero on 2021-09-17
  • [$TBD][1253746] Medium CVE-2021-37992 : Out of bounds read in WebAudio. Reported by sunburst@Ant Security Light-Year Lab on 2021-09-28
  • [$TBD][1255332] Medium CVE-2021-37993 : Use after free in PDF Accessibility. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-10-02
  • [$TBD][1243020] Medium CVE-2021-37996 : Insufficient validation of untrusted input in Downloads. Reported by Anonymous on 2021-08-24
  • [$3000][1100761] Low CVE-2021-37994 : Inappropriate implementation in iFrame Sandbox. Reported by David Erceg on 2020-06-30
  • [$1000][1242315] Low CVE-2021-37995 : Inappropriate implementation in WebApp Installer. Reported by Terence Eden on 2021-08-23
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1261511] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 94.0.4606.81 (Oct 8, 2021)

  • This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • Use after free in Garbage Collection. Reported by Anonymous on 2021-09-24
  • Heap buffer overflow in Blink. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-08-04
  • Heap buffer overflow in WebRTC. Reported by Marcin Towalski of Cisco Talos on 2021-09-07
  • Inappropriate implementation in Sandbox. Reported by Yonghwi Jin (@jinmo123) on 2021-09-

New in Google Chrome 94.0.4606.71 (Oct 1, 2021)

  • This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$20000][1245578] High CVE-2021-37974 : Use after free in Safe Browsing. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-09-01
  • [$TBD][1252918] High CVE-2021-37975 : Use after free in V8. Reported by Anonymous on 2021-09-24
  • [$NA][1251787] Medium CVE-2021-37976 : Information leak in core. Reported by Cl?ment Lecigne from Google TAG, with technical assistance from Sergei Glazunov and Mark Brand from Google Project Zero on 2021-09-21

New in Google Chrome 94.0.4606.61 (Sep 27, 2021)

  • Security Fixes and Rewards:
  • This update includes 1 security fix.
  • [$NA][1251727] High CVE-2021-37973 : Use after free in Portals. Reported by Cl?ment Lecigne from Google TAG, with technical assistance from Sergei Glazunov and Mark Brand from Google Project Zero on 2021-09-21
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • Google is aware that an exploit for CVE-2021-37973 exists in the wild.
  • Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

New in Google Chrome 94.0.4606.54 (Sep 22, 2021)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven?t yet fixed.
  • This update includes 19 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$15000][1243117] High CVE-2021-37956: Use after free in Offline use. Reported by Huyna at Viettel Cyber Security on 2021-08-24
  • [$7500][1242269] High CVE-2021-37957 : Use after free in WebGPU. Reported by Looben Yang on 2021-08-23
  • [$3000][1223290] High CVE-2021-37958 : Inappropriate implementation in Navigation. Reported by James Lee (@Windowsrcer) on 2021-06-24
  • [$1000][1229625] High CVE-2021-37959 : Use after free in Task Manager. Reported by raven (@raid_akame) on 2021-07-15
  • [$TBD][1247196] High CVE-2021-37960 : Inappropriate implementation in Blink graphics. Reported by Atte Kettunen of OUSPG on 2021-09-07
  • [$10000][1228557] Medium CVE-2021-37961 : Use after free in Tab Strip. Reported by Khalil Zhani on 2021-07-13
  • [$10000][1231933] Medium CVE-2021-37962 : Use after free in Performance Manager. Reported by Sri on 2021-07-22
  • [$3000][1199865] Medium CVE-2021-37963 : Side-channel information leakage in DevTools. Reported by Daniel Genkin and Ayush Agarwal, University of Michigan, Eyal Ronen and Shaked Yehezkel, Tel Aviv University, Sioli O?Connell, University of Adelaide, and Jason Kim, Georgia Institute of Technology on 2021-04-16
  • [$3000][1203612] Medium CVE-2021-37964 : Inappropriate implementation in ChromeOS Networking. Reported by Hugo Hue and Sze Yiu Chau of the Chinese University of Hong Kong on 2021-04-28
  • [$3000][1239709] Medium CVE-2021-37965 : Inappropriate implementation in Background Fetch API. Reported by Maurice Dauer on 2021-08-13
  • [$TBD][1238944] Medium CVE-2021-37966 : Inappropriate implementation in Compositing. Reported by Mohit Raj (shadow2639) on 2021-08-11
  • [$TBD][1243622] Medium CVE-2021-37967 : Inappropriate implementation in Background Fetch API. Reported by SorryMybad (@S0rryMybad) of Kunlun Lab on 2021-08-26
  • [$TBD][1245053] Medium CVE-2021-37968 : Inappropriate implementation in Background Fetch API. Reported by Maurice Dauer on 2021-08-30
  • [$TBD][1245879] Medium CVE-2021-37969 : Inappropriate implementation in Google Updater. Reported by Abdelhamid Naceri (halov) on 2021-09-02
  • [$TBD][1248030] Medium CVE-2021-37970 : Use after free in File System API. Reported by SorryMybad (@S0rryMybad) of Kunlun Lab on 2021-09-09
  • [$1000][1219354] Low CVE-2021-37971 : Incorrect security UI in Web Browser UI. Reported by Rayyan Bijoora on 2021-06-13
  • [$TBD][1234259] Low CVE-2021-37972 : Out of bounds read in libjpeg-turbo. Reported by Xu Hanyu and Lu Yutao from Panguite-Forensics-Lab of Qianxin on 2021-07-29

New in Google Chrome 93.0.4577.82 (Sep 14, 2021)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven?t yet fixed.
  • This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • High CVE-2021-30625: Use after free in Selection API. Reported by Marcin Towalski of Cisco Talos on 2021-08-06
  • High CVE-2021-30626: Out of bounds memory access in ANGLE. Reported by Jeonghoon Shin of Theori on 2021-08-18
  • High CVE-2021-30627: Type Confusion in Blink layout. Reported by Aki Helin of OUSPG on 2021-09-01
  • High CVE-2021-30628: Stack buffer overflow in ANGLE. Reported by Jaehun Jeong(@n3sk) of Theori on 2021-08-18
  • High CVE-2021-30629: Use after free in Permissions. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-08-26
  • High CVE-2021-30630: Inappropriate implementation in Blink . Reported by SorryMybad (@S0rryMybad) of Kunlun Lab on 2021-08-30
  • High CVE-2021-30631: Type Confusion in Blink layout. Reported by Atte Kettunen of OUSPG on 2021-09-06
  • High CVE-2021-30632: Out of bounds write in V8. Reported by Anonymous on 2021-09-08
  • High CVE-2021-30633: Use after free in Indexed DB API. Reported by Anonymous on 2021-09-08
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • Google is aware that exploits for CVE-2021-30632 and CVE-2021-30633 exist in the wild.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • Various fixes from internal audits, fuzzing and other initiatives
  • Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

New in Google Chrome 93.0.4577.63 (Sep 1, 2021)

  • 93.0.4577.63 contains a number of fixes and improvements
  • SECURITY FIXES AND REWARDS:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 27 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$20000][1233975] High CVE-2021-30606: Use after free in Blink. Reported by Nan Wang (@eternalsakura13) and koocola (@alo_cook) of 360 Alpha Lab on 2021-07-28
  • [$10000][1235949] High CVE-2021-30607: Use after free in Permissions. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-08-03
  • [$7500][1219870] High CVE-2021-30608: Use after free in Web Share. Reported by Huyna at Viettel Cyber Security on 2021-06-15
  • [$5000][1239595] High CVE-2021-30609: Use after free in Sign-In. Reported by raven (@raid_akame) on 2021-08-13
  • [$N/A][1200440] High CVE-2021-30610: Use after free in Extensions API. Reported by Igor Bukanov from Vivaldi on 2021-04-19
  • [$20000][1233942] Medium CVE-2021-30611: Use after free in WebRTC. Reported by Nan Wang (@eternalsakura13) and koocola (@alo_cook) of 360 Alpha Lab on 2021-07-28
  • [$20000][1234284] Medium CVE-2021-30612: Use after free in WebRTC. Reported by Nan Wang (@eternalsakura13) and koocola (@alo_cook) of 360 Alpha Lab on 2021-07-29
  • [$15000][1209622] Medium CVE-2021-30613: Use after free in Base internals. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-16
  • [$10000][1207315] Medium CVE-2021-30614: Heap buffer overflow in TabStrip. Reported by Huinian Yang (@vmth6) of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-05-10
  • [$5000][1208614] Medium CVE-2021-30615: Cross-origin data leak in Navigation. Reported by NDevTK on 2021-05-12
  • [$5000][1231432] Medium CVE-2021-30616: Use after free in Media. Reported by Anonymous on 2021-07-21
  • [$3000][1226909] Medium CVE-2021-30617: Policy bypass in Blink. Reported by NDevTK on 2021-07-07
  • [$3000][1232279] Medium CVE-2021-30618: Inappropriate implementation in DevTools. Reported by @DanAmodio and @mattaustin from Contrast Security on 2021-07-23
  • [$3000][1235222] Medium CVE-2021-30619: UI Spoofing in Autofill. Reported by Alesandro Ortiz on 2021-08-02
  • [$NA][1063518] Medium CVE-2021-30620: Insufficient policy enforcement in Blink. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-03-20
  • [$NA][1204722] Medium CVE-2021-30621: UI Spoofing in Autofill. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-04-30
  • [$NA][1224419] Medium CVE-2021-30622: Use after free in WebApp Installs. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2021-06-28
  • [$10000][1223667] Low CVE-2021-30623: Use after free in Bookmarks. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-06-25
  • [$TBD][1230513] Low CVE-2021-30624: Use after free in Autofill. Reported by Wei Yuan of MoyunSec VLab on 2021-07-19
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1245324] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 94.0.4606.20 Beta (Aug 28, 2021)

  • Chrome 94.0.4606.20 contains our usual under-the-hood performance and stability tweaks, but there are also some cool new features to explore

New in Google Chrome 92.0.4515.159 (Aug 17, 2021)

  • Security Fixes and Rewards:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven?t yet fixed.
  • This update includes 9 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [$21000][1234764] High CVE-2021-30598: Type Confusion in V8. Reported by Manfred Paul on 2021-07-30
  • [$21000][1234770] High CVE-2021-30599: Type Confusion in V8. Reported by Manfred Paul on 2021-07-30
  • [$20000][1231134] High CVE-2021-30600: Use after free in Printing. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-07-20
  • [$20000][1234009] High CVE-2021-30601: Use after free in Extensions API. Reported by koocola(@alo_cook) and Nan Wang(@eternalsakura13) of 360 Alpha Lab on 2021-07-28
  • [$TBD][1230767] High CVE-2021-30602: Use after free in WebRTC. Reported by Marcin Towalski of Cisco Talos on 2021-07-19
  • [$NA][1233564] High CVE-2021-30603: Race in WebAudio. Reported by Sergei Glazunov of Google Project Zero on 2021-07-27
  • [$TBD][1234829] High CVE-2021-30604: Use after free in ANGLE. Reported by Seong-Hwan Park (SeHwa) of SecunologyLab on 2021-07-30
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1240159] Various fixes from internal audits, fuzzing and other initiatives
  • Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

New in Google Chrome 92.0.4515.107 (Jul 21, 2021)

  • Security Fixes and Rewards:
  • This update includes 35 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information:
  • High CVE-2021-30565: Out of bounds write in Tab Groups. Reported by David Erceg on 2021-05-19
  • High CVE-2021-30566: Stack buffer overflow in Printing. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-04-26
  • High CVE-2021-30567: Use after free in DevTools. Reported by DDV_UA on 2021-05-20
  • High CVE-2021-30568: Heap buffer overflow in WebGL. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-06-15
  • High CVE-2021-30569: Use after free in sqlite. Reported by Chris Salls (@salls) of Makai Security on 2021-06-11
  • High CVE-2021-30571: Insufficient policy enforcement in DevTools. Reported by David Erceg on 2020-07-03
  • High CVE-2021-30572: Use after free in Autofill. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-05-28
  • High CVE-2021-30573: Use after free in GPU. Reported by Security For Everyone Team - https://securityforeveryone.com on 2021-06-06
  • High CVE-2021-30574: Use after free in protocol handling. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-07-08
  • Medium CVE-2021-30575: Out of bounds read in Autofill. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-05-26
  • Medium CVE-2021-30576: Use after free in DevTools. Reported by David Erceg on 2021-04-01
  • Medium CVE-2021-30577: Insufficient policy enforcement in Installer. Reported by Jan van der Put (REQON B.V) on 2021-05-01
  • Medium CVE-2021-30578: Uninitialized Use in Media. Reported by Chaoyuan Peng on 2021-04-21
  • Medium CVE-2021-30579: Use after free in UI framework. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-05-10
  • Medium CVE-2021-30580: Insufficient policy enforcement in Android intents. Reported by @retsew0x01 on 2021-03-17
  • Medium CVE-2021-30581: Use after free in DevTools. Reported by David Erceg on 2021-03-31
  • Medium CVE-2021-30582: Inappropriate implementation in Animation. Reported by George Liu on 2021-05-05
  • Medium CVE-2021-30583: Insufficient policy enforcement in image handling on Windows. Reported by Muneaki Nishimura (nishimunea) on 2021-02-17
  • Medium CVE-2021-30584: Incorrect security UI in Downloads. Reported by @retsew0x01 on 2021-05-26
  • Medium CVE-2021-30585: Use after free in sensor handling. Reported by niarci on 2019-11-11
  • Medium CVE-2021-30586: Use after free in dialog box handling on Windows. Reported by kkomdal with kkwon and neodal on 2021-04-21
  • Medium CVE-2021-30587: Inappropriate implementation in Compositing on Windows. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-04-30
  • Low CVE-2021-30588: Type Confusion in V8. Reported by Jose Martinez (tr0y4) from VerSprite Inc. on 2021-04-04
  • Low CVE-2021-30589: Insufficient validation of untrusted input in Sharing. Reported by Kirtikumar Anandrao Ramchandani (@Kirtikumar_A_R) and Patrick Walker (@homesen) on 2021-02-20
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1231294] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 91.0.4472.164 (Jul 16, 2021)

  • Security Fixes:
  • Out of bounds write in ANGLE. Reported by Seong-Hwan Park (SeHwa) of SecunologyLab on 2021-06-11
  • Use after free in V8. Reported by Richard Wheeldon on 2021-05-31
  • [$N/A][1219209] High CVE-2021-30560: Use after free in Blink XSLT. Reported by Nick Wellnhofer on 2021-06-12
  • Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2021-06-14
  • Use after free in WebSerial. Reported by Anonymous on 2021-06-15
  • Type Confusion in V8. Reported by Anonymous on 2021-07-12
  • Heap buffer overflow in WebXR. Reported by Ali Merchant, iQ3Connect VR Platform on 2021-06-17
  • Various fixes from internal audits, fuzzing and other initiatives:
  • [M91] [Sheriff] Disable flaky mac test
  • 4472: infra: Allow CI & try builds to create RDB invocations in their realms.
  • Revert "Change low stylus battery notification message"
  • ChromeAppSorting should ignore bookmark app extensions which obsolete.
  • ExtensionSyncService::ApplySyncData should not set ChromeAppSorting ordinals for bookmark apps
  • Fix use-after-free with XSLT strip-space
  • serial: Fix parent class tracing for SerialPort
  • Revert "[fuchsia] Use Ubuntu 16.04 or 20.4 for Fuchsia arm64 tests."
  • Change low stylus battery notification message
  • Fix Samsung Odyssey Input Profile Mismatch
  • [fuchsia] Use Ubuntu 16.04 or 20.4 for Fuchsia arm64 tests.
  • [M91] Migrate all builds to bbagent
  • Add luci and test configurations for Win10 20h2 tester and trybot
  • Add the ability to not generate location tag metadata at runhooks-time.
  • [M91][Extensions][Tabs] Allow tabs.query and tabs.get while drag in progress

New in Google Chrome 91.0.4472.114 (Jun 18, 2021)

  • Ensure that XRLayer includes base EventTarget in Trace
  • [M91] Disable QRGeneratorUtilTest.GenerateQRCode_ValidData
  • Reland "Regenerate group IDs when restoring closed window"
  • [ChromeCart] Fix AddToCart false positives for some sites
  • Initialize FFT HashMap with all possible keys
  • [M91] Reland: PaymentInstrumentIconFetcher avoids using released WebContents
  • M91: Update all iOS CI & try builders to accept only Mac 11.
  • [91] chromeos: Unset BOTO_CONFIG env var when flashing public images.
  • Security Fixes:
  • High CVE-2021-30554: Use after free in WebGL.
  • High CVE-2021-30555: Use after free in Sharing.
  • High CVE-2021-30556: Use after free in WebAudio.
  • High CVE-2021-30557: Use after free in TabGroups.

New in Google Chrome 91.0.4472.77 (May 26, 2021)

  • High CVE-2021-30521: Heap buffer overflow in Autofill
  • High CVE-2021-30522: Use after free in WebAudio
  • High CVE-2021-30523: Use after free in WebRTC
  • High CVE-2021-30524: Use after free in TabStrip
  • High CVE-2021-30525: Use after free in TabGroups
  • High CVE-2021-30526: Out of bounds write in TabStrip
  • High CVE-2021-30527: Use after free in WebUI
  • NA1206329 High CVE-2021-30528: Use after free in WebAuthentication
  • Medium CVE-2021-30529: Use after free in Bookmarks
  • Medium CVE-2021-30530: Out of bounds memory access in WebAudio
  • Medium CVE-2021-30531: Insufficient policy enforcement in Content Security Policy
  • Medium CVE-2021-30532: Insufficient policy enforcement in Content Security Policy
  • Medium CVE-2021-30533: Insufficient policy enforcement in PopupBlocker
  • Medium CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox
  • Medium CVE-2021-30535: Double free in ICU
  • Medium CVE-2021-21212: Insufficient data validation in networking
  • Low CVE-2021-30536: Out of bounds read in V8
  • Low CVE-2021-30537: Insufficient policy enforcement in cookies
  • Low CVE-2021-30538: Insufficient policy enforcement in content security policy
  • Low CVE-2021-30539: Insufficient policy enforcement in content security policy
  • Low CVE-2021-30540: Incorrect security UI in payments
  • Various fixes from internal audits, fuzzing and other initiatives:
  • Prevent crashes from large origin trial config
  • Present FRE on the view controller of the current interface that is active
  • [M91] Fix Lacros intermitent build failure
  • WebSQL: Re-enable ALTER TABLE ADD COLUMN
  • WebLayer: Disable 2 tests for Android 10 x86 skew tests
  • Migrate tsan builders to bionic by Stephen Martinis
  • Allow for empty full name and icon URL
  • [M-91] OOBE: Use wildcard label for authorization key when adding PIN. by Denis Kuznetsov
  • [Merge to M-91] capture_mode: Fix being able to capture a window with protected content by Ahmed Fakhry ·
  • Updating XTBs based on .GRDs from branch 4472
  • [fuchsia] Fix an incorrect use of StringPiece
  • [91] Migrate internal linux & CrOS builders' tests to bionic
  • Revert "Do not ignore null navigation context on iOS 13"
  • Updating XTBs based on .GRDs from branch 4472
  • M91: WebUI: Fix dangling observers in two webui handlers. by Matt Falkenhagen
  • b5e5 Reland "Fix target=_blank crash for existing-client-navigate link captures" by Alan Cutter
  • a4b341cb7 Bumping up the quickoffice chrome flag's expiry version. This gives buffer to investigate how to get rid of this flag, or to present the case to make this flag "never expire". by Harmandeep Singh
  • Leave LiveCaption disabled by default on Chrome OS
  • Revert "Roll ChromeOS Atom AFDO profile from 91-4472.33-1620643607-benchmark-91.0.4472.63-r1 to 91-4472.60-1621245530-benchmark-91.0.4472.65-r1"
  • [M91][Extensions][Tabs] Ensure tab strip is editable before editing
  • Revert "Roll ChromeOS Atom AFDO profile from 91-4472.60-1621245530-benchmark-91.0.4472.65-r1 to 91-4472.60-1621245530-benchmark-91.0.4472.66-r1"
  • [91] Migrate all tests on the ASan CQ bot to bionic.
  • [TablesNG] Fix size of table-cell child with overflow and percent height
  • Download: Use tab's OTRProfileID when opening download home
  • Privacy Sandbox Android: updated the default URL
  • Remove tabs and line breaks from the middle of app names when parsing
  • Cloud print: Don't double search for empty account [M91]
  • [M91] chromium.fyi builders to bionic
  • Cloud Print: Give up on loading cloud printers for FAILED event [M91].
  • Disable DesktopCaptureMacV2
  • [media-router] Remove CancelableTaskTracker from DialServiceImpl.
  • Updating XTBs based on .GRDs from branch 4472
  • Fix use-after-free allocating bt allocating memory for strings
  • Make previous fix for Mac z-fighting more specific to avoid Win7 issue

New in Google Chrome 90.0.4430.212 (May 11, 2021)

  • Security Fixes:
  • High CVE-2021-30506: Incorrect security UI in Web App Installs
  • NA1178202 High CVE-2021-30507: Inappropriate implementation in Offline
  • TBD1195340 High CVE-2021-30508: Heap buffer overflow in Media Feeds
  • TBD1196309 High CVE-2021-30509: Out of bounds write in Tab Strip
  • TBD1197436 High CVE-2021-30510: Race in Aura
  • TBD1197875 High CVE-2021-30511: Out of bounds read in Tab Groups
  • TBD1200019 High CVE-2021-30512: Use after free in Notifications
  • NA1200490 High CVE-2021-30513: Type Confusion in V8
  • TBD1200766 High CVE-2021-30514: Use after free in Autofill
  • TBD1201073 High CVE-2021-30515: Use after free in File API
  • TBD1201446 High CVE-2021-30516: Heap buffer overflow in History
  • TBD1203122 High CVE-2021-30517: Type Confusion in V8
  • NA1203590 High CVE-2021-30518: Heap buffer overflow in Reader Mode
  • Medium CVE-2021-30519: Use after free in Payments
  • Medium CVE-2021-30520: Use after free in Tab Strip
  • Various fixes from internal audits, fuzzing and other initiatives:
  • [Merge M90] [Oobe] Check for presence of SigninUi when initializing profile
  • Handle out-of-bounds group index when adding tab to existing group
  • [M90] Add a filter-file for various //chrome/browser/net/ browser_tests
  • [M90] Hard switch tryserver.chromium mirrors to bionic
  • Remove tabs and line breaks from the middle of app names when parsing
  • Fix UserAgentUtilsTest.UserAgentStringOrdering in components_unittests
  • [90] Migrate all chromium.chromiumos CI + try builders to bionic
  • Remove 'Mac11 Tests' from the branch configs
  • [M90][Extensions][Tabs] OOB when extension highlights tab during drag
  • drm/ozone: Change modeset interface to pass planes list
  • [M90] Infra: Disable unprefixed-repeating-gradient-color-hint.html for bionic migration
  • Include Chrome popup windows in occlusion tracking
  • Cancels requests from the renderer with the X-Chrome-offline header
  • [Merge 90] Replace std::vector with base::ObserverList to support container modification while iterating
  • [M90] [CrOS] Fix Apps button for SAML Interstitial
  • M90: Print Preview: Avoid multiple nested runloops.
  • [Autofill] Fixed refill of changed form.
  • [4430][mac][infra] Remove blink_web_tests from "Mac11 Tests" builder
  • [M90 Merge] Disable DirectCompositionForceFullDamage by default
  • Switch tryserver.chromium and its mirrors to use bionic for build.
  • Correctly retain Java objects used by the JS bridge
  • [Autofill] Fixed disappearing Autofill popup.
  • [editing] VisiblePosition::Create should fall back to canonical position
  • Notifications: crash if improper action icons sent from renderer
  • [M90] Migrate linux-rel to run on bionic bots
  • Handle replacing WebContents during a drag session
  • Guard WebContents::DownloadImage() against malformed renderer response
  • [M90] Migrate all CI builds to bbagent
  • Media Feeds: Disable Media Feeds and related features in M90
  • [M90]Clean up WebContentsModalDialogManagerDelegate in desktop Payment UI
  • Rename the xenial or bionic os value.
  • FileAPI: Terminate FileReaderLoader before dispatching onabort event.
  • [M90 merge] weblayer: adds metric to determine navigations before consent
  • webauthn: remember UI steps before it's shown.
  • [M90] [reland] views: handle deletion when toggling fullscreen
  • Revert "WebPagePopup: never set same bounds twice."
  • [Merge to M90] Add a flag to control whether to use stricter opt-in criteria
  • Switch GPU, ANGLE and Dawn Xenial trybots GCEs to Bionic
  • [Merge-90] Use the end pos of the node if incrementing current pos invalidates it
  • [Merge M90] Move CCT header logic into initializeTab instead of createTab
  • [Merge M90] Ensure the X-CCT-Client-Data header is added for popups
  • Read later: adjust list max height.
  • Switch GPU builder GCEs from Xenial to Bionic
  • [4430][mac][infra] Correct Mac10.13 Tests version
  • Upload username and domain from GCPW extension upload device details
  • Switch GPU tester GCEs from Xenial to Bionic

New in Google Chrome 90.0.4430.93 (Apr 27, 2021)

  • Disable mac IsUVPAA startup metric
  • Merge to 90: Presentational objects should not create a paragraph boundary
  • Roll ChromeOS Orderfiles from 90-4430.36-1617012563-benchmark-90.0.4430.53-r1 to 90-4430.73-1618827280-benchmark-90.0.4430.89-r1
  • [ChromeCart] Improve cart content extraction
  • [ChromeCart] Fix AddToCart detection for some sites
  • [MIX-DL] Fix blob: URL handling and clarify console messages by Joe DeBlasio
  • Remove CHECK on BigBuffer shm failure
  • [Merge M90][Extensions] Policy blocked hosts supersede `debugger`
  • [printing] Quit the runloop on Mojo disconnection by Julie Jeongeun Kim
  • Read later: Add new Finch param and new flag for follow up experiment
  • Fix issue on
  • [flex] Don't stretch orthog. flex-items in column flexboxes.
  • Set OAC correctly when committing a data URL with a base URL.
  • Fix CanAccessWindow bindings CHECK failing.
  • [M90] Need to populate OriginAccessList for split-mode extensions.
  • Trigger full invalidation when frame becomes unthrottled
  • Roll ChromeOS Orderfiles from 90-4430.36-1617012563-benchmark-
  • [PAS] Escape URL when passed as a QueryParam
  • [Merge M90] Unexpire a few histograms to explore page load performance by Clark DuVall
  • [Merge M90] Add histograms for subresource load timings during navigation by Clark DuVall
  • [M90 merge] weblayer: don't crash if onNativeLoaded called multiple times
  • Download: Show a proper URL in download home UI.
  • [M90][mac][infra] Remove Mac10.13 Tests (dbg)
  • Security fixes:
  • Insufficient data validation in V8
  • Use after free in Dev Tools
  • Heap buffer overflow in ANGLE
  • Insufficient policy enforcement in extensions
  • Incorrect security UI in downloads
  • Type Confusion in V8
  • Insufficient data validation in V8

New in Google Chrome 90.0.4430.85 (Apr 21, 2021)

  • Reland "Fix the wrong direction with disabling CSSPseudoDir flag"
  • [Message] Update scope change on #navigationEntryCommitted
  • [DevTools] Use OriginalProfile for DevTools window if possible
  • Revert "Resolve Service Worker redirects based on the response"
  • [merge][90][GeneratedCodeCache] Copy large data before hashing and writing
  • [PriceTracking] Set visibility of menu dialog item before it shows
  • [PriceTracking] Add PriceDropNotification feature parameter
  • Don't report PaymentRequest CSP errors
  • [M90] OOBE - Prevent Renderer Crashes
  • Ensure that BrowserContext is not used after it has been freed
  • Add null pointer check in RenderWidgetHostInputEventRouter
  • vaapi: Fix infinite loop in encrypted sample parsing
  • Add weak pointer to RWHIER::FrameSinkIdOwnerMap and RWHIER::TargetMap
  • Add crashkeys to identify where |target| is assigned to a stale value
  • [views] Handle window deletion during HandleDisplayChange.
  • Mojo: Properly validate broadcast events
  • Fix order of matrix multiplication in playback params
  • [M90] OOBE - Improve Renderer Stability
  • Disable the default web apps migration on Chrome OS
  • [CrOS] Disable touchscreen logging
  • Cherry pick: [trigger_script] Include resultdb invocation in tasks
  • [Start] Add early return for testShow_SingleAsHomepage_BackButtonOnHomepageWithGroupTabsDialog__Instant_Return
  • [M90][Sheriff] Disable flaky test BitmapGeneratorTest#testCapturedNewOne
  • [M90][Sheriff] Disable various flaky blink tests.
  • [4430] Remove nacl_loader_unittests from "Mac11 Tests" builder.
  • Security fixes:
  • High CVE-2021-21222: Heap buffer overflow in V8.
  • High CVE-2021-21223: Integer overflow in Mojo.
  • High CVE-2021-21224: Type Confusion in V8.
  • High CVE-2021-21225: Out of bounds memory access in V8.
  • High CVE-2021-21226: Use after free in navigation.
  • Various fixes from internal audits, fuzzing and other initiatives:

New in Google Chrome 90.0.4430.72 (Apr 15, 2021)

  • Security fixes:
  • High: CVE-2021-21201: Use after free in permissions.
  • High: CVE-2021-21202: Use after free in extensions.
  • High: CVE-2021-21203: Use after free in Blink.
  • High: CVE-2021-21204: Use after free in Blink.
  • High: CVE-2021-21205: Insufficient policy enforcement in navigation.
  • High: CVE-2021-21221: Insufficient validation of untrusted input in Mojo.
  • Medium: CVE-2021-21207: Use after free in IndexedDB.
  • Medium: CVE-2021-21208: Insufficient data validation in QR scanner.
  • Medium: CVE-2021-21209: Inappropriate implementation in storage.
  • Medium: CVE-2021-21210: Inappropriate implementation in Network.
  • Medium: CVE-2021-21211: Inappropriate implementation in Navigation.
  • Medium: CVE-2021-21212: Incorrect security UI in Network Config UI.
  • Medium: CVE-2021-21213: Use after free in WebMIDI.
  • Medium: CVE-2021-21214: Use after free in Network API.
  • Medium: CVE-2021-21215: Inappropriate implementation in Autofill.
  • Medium: CVE-2021-21216: Inappropriate implementation in Autofill.
  • Low: CVE-2021-21217: Uninitialized Use in PDFium.
  • Low: CVE-2021-21218: Uninitialized Use in PDFium.
  • Low: CVE-2021-21219: Uninitialized Use in PDFium.

New in Google Chrome 89.0.4389.128 (Apr 14, 2021)

  • Forbid script execution while updating the paint lifecycle
  • [WPT] Mark permissions policy timing test slow on debug
  • [GCPW] Fallback to registry when permitted domains cloud policy is empty
  • Pin win10_chromium_x64_rel_ng and win7-rel to 16 cores
  • Created a duplicate 'Mac11 Tests' from 'Mac11.0 Tests'
  • Launching app inventory, upload device details and fetch experiments
  • [Fuchsia] Add Fuchsia official builders to mb_config
  • [Fuchsia] Remove unnecessary package vars from yaml files
  • Only show krane's custom Demo Mode attract loop on krane devices
  • [4389][mac][infra] Add Mac10.15 Tests (dbg)
  • Security fixes:
  • High CVE-2021-21206: Use after free in Blink.
  • High CVE-2021-21220: Insufficient validation of untrusted input in V8 for x86_64.

New in Google Chrome 89.0.4389.114 (Mar 31, 2021)

  • Security Fixes:
  • High CVE-2021-21194: Use after free in screen capture.
  • High CVE-2021-21195: Use after free in V8.
  • High CVE-2021-21196: Heap buffer overflow in TabStrip.
  • TBD1173903 High CVE-2021-21197: Heap buffer overflow in TabStrip.
  • TBD1184399 High CVE-2021-21198: Out of bounds read in IPC.
  • High CVE-2021-21199: Use Use after free in Aura.
  • Various fixes from internal audits, fuzzing and other initiatives:
  • Merge 4389: Make ComputeNGCaretPosition() to handle upstream position after soft line wrap
  • Enable cloud policies by default
  • Read Os version from registries.
  • [ChromeCart] Fix URL matching for cart and checkout
  • [ChromeCart] Extract product images in absolute URL
  • [ChromeCart] Improve cart visit detection heuristics
  • Disable flaky CommerceHintCacaoTest.Rejected test.
  • [ChromeCart] Exclude products in "saved for later" section
  • [ChromeCart] Fix false positives of add-to-cart detection
  • Reland "Reland "[ChromeCart] Improve checkout detection heuristics""
  • Setting AppType for Win32 apps.
  • [privacy_budget] Remove unnecessary kCanvasReadback metrics.
  • Upload app data only when device is enrolled.
  • Don't use BigBuffer for IPC::Message transport
  • Fix container overflow in add to existing window and group tab context menu commands.
  • Merge 89: Handle DOM-created tables with atypical structure
  • [fuchsia] Recreate web.Context if persisted cache is erased.
  • [floats] Fix overlap tests in NGExclusionSpace.
  • Avoid starting invalidations multiple times.
  • Changes to fetch win32 apps installed on the managed windows device and upload them.
  • [Fuchsia] Fix FuchsiaAudioRenderer to call Stop() only after Start()
  • Allow logged-in sites to be mentioned via optimization guide
  • WebContents bug fix: Device capture only if web contents is valid
  • Unlock win7-rel to run on machines with any core count.
  • Disable variations layers when low entropy provider is null
  • [M89 merge] x11/ozone: fix two edge cases
  • Fix PageInfo for https image compression
  • [M89][CrOS] Align password to start of password row when no icon is shown
  • Allow first K images to load faster
  • Add scheme check to crashing login detection code
  • [Messages] Control autodismiss duration from Finch experiment
  • Record image compression ukm metrics
  • [Start] Make tab switcher page scroll to the last selected card.
  • Download: Support legacy SD card download path content URI on R.
  • [Start] Fix java.lang.NullPointerException at FeedStream.getView(FeedStream.java)
  • [fuchsia] Ensure thread safety for ScenicOverlayView
  • [fuchsia] Disable memory mitigations for visible LayerTreeHostImpls.
  • Sheriff: Disable LoadTimingBrowserTest on the M89 branch.
  • Sheriff: Disable broken StartSurface test on M89.
  • Pull muted tab audio on a RT thread in the audio process.
  • [fuchsia] Add vmodule flag support from config-data for WebEngine
  • Allow ServiceWorkerResourceReader::ReadData() to return empty handle
  • [fuchsia] Change minimum log level when verbose logging is on
  • [fuchsia] Enable the media log as VLOGs on Fuchsia
  • [fuchsia] Disable memory-pressure handling in Renderers by default
  • Use a longer timeout for android-marshamllow-arm64-rel on branches.
  • [CCA] Remove metadata observer when closing streams
  • Add auto rollers as OWNERS of the files they touch
  • [Fuchsia] Fix crash in VideoCaptureDeviceFactoryFuchsia
  • Rename is_master to is_main.
  • Get CameraAppDeviceImpl upon using in CrOS VCD
  • VCD: Refactor CameraAppDeviceBridgeImpl and CameraAppDeviceImpl
  • [ChromeCart] Allow skipping products
  • [ChromeCart] Only handle http(s) schemes
  • OOBE OfflineLogin: Correct login call to use internal authorization
  • [CrOS] Show placeholder text on login/lock screen even with empty pwd
  • Fix crash when restoring selection after a drag during which a dragged tab was closed.
  • [Merge M89] Multi-User WM: Fix disappearing windows during profile switching.
  • [M89][Lacros] Disable multiple Chrome OS sign-in when Lacros is enabled
  • m89: Mitigate performance issues in Google tts
  • [M89] Adds lacros_version_metadata

New in Google Chrome 89.0.4389.90 (Mar 14, 2021)

  • High CVE-2021-21191: Use after free in WebRTC. Reported
  • High CVE-2021-21192: Heap buffer overflow in tab groups. Reported
  • High CVE-2021-21193: Use after free in Blink. Reported
  • Various fixes from internal audits, fuzzing and other initiatives
  • [Merge to M89] Expose langid events from SODA to Chrome and switch to protos
  • Disable SVG composited animation if effective zoom is not 1
  • Remove pre-target event handler before main widget close
  • Fix remaining instances of RevertDragAt losing track of tabs.
  • [ChromeCart] Extract products in shopping cart (2/2)
  • [headless] Don't CHECK() crash on OSCrypt initialization failure.
  • [headless] Move PrefService to HeadlessBrowserMainParts
  • [WebLayer] Fix crash in GPU process when using GMS APIs
  • [Grid] Auto-scroll to selected tab after tab model switching
  • Revert "[headless] Configure renderer preferences from system settings"
  • [headless] Configure renderer preferences from system settings
  • [Merge to M89] Iterate more carefully over DTLS transports at close
  • [ChromeCart] Restore module visibility when cart-action happens
  • [ChromeCart] Extract products in shopping cart (1/2)
  • Mark additional RootInlineBox dirty when culled inline box is removed
  • [ChromeCart] Deflake CommerceHintAgentTest.CartPriority
  • [Sheriff] Disable CommerceHintAgentTest.CartPriority on Linux
  • Copy CSSM_TP_APPLE_EVIDENCE_INFO immediately after SecTrustGetResult
  • Fix null domWindow crash in VisualViewport events
  • [ChromeCart] Try to obtain cart URL when add-to-cart is detected
  • [ChromeCart] Use optimization guide to filter out non-shopping sites
  • M89: Increase BrowsingInstance cleanup delay.
  • [ChromeCart] Pick the best source of cart URL
  • [ChromeCart] Hide a unused function on CrOS
  • [ChromeCart] Disable cart for non-SignIn single-profile users
  • [ChromeCart] De-flake CommerceHintAgentTest tests
  • [ChromeCart] Look up cart URL and merchant name when adding cart
  • [ChromeCart] Add OWNERS file for chrome/renderer/cart
  • [ChromeCart] Disable flaky CommerceHintAgentTest tests
  • [Sheriff] Disable benchmark under Msan.
  • [ChromeCart] Detect more shopping actions
  • [ChromeCart] Implement add-to-cart detection
  • [fuchsia] Add logging to diagnose a crash in the request rewrite throttles
  • Handle resize bitmap operation failing.
  • Revert changes to PPD file parsing
  • [fuchsia] Suppress |is_main_document_loaded| if navigations are pending.
  • Updating XTBs based on .GRDs from branch 4389
  • [floc] change the API return type to Promise
  • SiteForCookies now computes value for frame tree
  • [base/allocator] Intercept (v)asprintf() in the shims on Android.
  • [a11y] Accessibility bridge rejects actions on invalidtrees.
  • [M89] [sheriff] Disable ExtensionInstallDialogViewInteractiveBrowserTest.InvokeUi_ManyPermissions on Windows for real.

New in Google Chrome 89.0.4389.82 (Mar 7, 2021)

  • GMC: Enable Global Media Controls for ChromeOS
  • [sheriff] Disable flaky CartHandlerTest.TestEnableFakeData
  • [Sheriff] Disable flaky test on TSAN
  • Call SetNeedsAssignmentRecalc in HTMLSlotElement::ChildrenChanged
  • Stop preloading vr module to avoid racey crash
  • Don't crash on reentrant RunMoveLoop call.
  • Fix download resumption in reduced mode
  • Add WebLayer getters for referrer and form submission.
  • Enable chromium M89 CQ to trigger chrome M90 builders.
  • [Merge to M89][Multipaste] Restrict the size of the web contents from the copied HTML
  • cros: Make AcceleratorHistory higher priority
  • Wi-Fi Sync: Default autoconnect to enabled when unspecified.
  • Active user takes ownership of networks on password updates.
  • Prevent showing notification when Wi-Fi Sync is not visible in settings.
  • [M89]Use the chrome.exe path instead of the directory.
  • [Fuchsia] Fix OutputPresenterFuchsia to send non-decreasing timestamps
  • Condition Price Tracking on MBB Consent.
  • [fuchsia] Add multiple component support for audio/video capturers
  • [iOS] Guard against grid view item array overrun.
  • [iOS][MF] Validate web state
  • [iOS][Settings] Fixes clear browsing data link
  • [Merge M89] Bento: Save desk names and workspaces after desk reordering
  • [M89] ash: Handle nullptr window in WebAuthn request registrar
  • [Merge to M-89][Multipaste] Destruct the multipaste menu views asynchronously
  • Revert "Use stereo audio processing in stereo calls"
  • m89: Makes all accessibility * enable prefs non-synchable

New in Google Chrome 89.0.4389.72 (Mar 3, 2021)

  • Security Fixes:
  • High CVE-2021-21159: Heap buffer overflow in TabStrip.
  • High CVE-2021-21160: Heap buffer overflow in WebAudio.
  • High CVE-2021-21161: Heap buffer overflow in TabStrip.
  • High CVE-2021-21162: Use after free in WebRTC.
  • High CVE-2021-21163: Insufficient data validation in Reader Mode.
  • High CVE-2021-21164: Insufficient data validation in Chrome for iOS.
  • High CVE-2021-21165: Object lifecycle issue in audio.
  • High CVE-2021-21166: Object lifecycle issue in audio.
  • Medium CVE-2021-21167: Use after free in bookmarks.
  • Medium CVE-2021-21168: Insufficient policy enforcement in appcache.
  • Medium CVE-2021-21169: Out of bounds memory access in V8.
  • Medium CVE-2021-21170: Incorrect security UI in Loader.
  • Medium CVE-2021-21171: Incorrect security UI in TabStrip and Navigation.
  • Medium CVE-2021-21172: Insufficient policy enforcement in File System API.
  • Medium CVE-2021-21173: Side-channel information leakage in Network Internals.
  • Medium CVE-2021-21174: Inappropriate implementation in Referrer.
  • Medium CVE-2021-21175: Inappropriate implementation in Site isolation.
  • Medium CVE-2021-21176: Inappropriate implementation in full screen mode.
  • Medium CVE-2021-21177: Insufficient policy enforcement in Autofill.
  • Medium CVE-2021-21178: Inappropriate implementation in Compositing.
  • Medium CVE-2021-21179: Use after free in Network Internals.
  • Medium CVE-2021-21180: Use after free in tab search.
  • Medium CVE-2020-27844: Heap buffer overflow in OpenJPEG.
  • Medium CVE-2021-21181: Side-channel information leakage in autofill.
  • Low CVE-2021-21182: Insufficient policy enforcement in navigations.
  • Low CVE-2021-21183: Inappropriate implementation in performance APIs.
  • Low CVE-2021-21184: Inappropriate implementation in performance APIs.
  • Low CVE-2021-21185: Insufficient policy enforcement in extensions.
  • Low CVE-2021-21186: Insufficient policy enforcement in QR scanning.
  • Low CVE-2021-21187: Insufficient data validation in URL formatting.
  • Low CVE-2021-21188: Use after free in Blink.
  • Low CVE-2021-21189: Insufficient policy enforcement in payments.
  • Low CVE-2021-21190: Uninitialized Use in PDFium.
  • Various fixes from internal audits, fuzzing and other initiatives:
  • webview: clear the network callback in AwPacProcessor.
  • Better adhere to the Get rule with SecTrustGetCertificateAtIndex
  • Clear the add to submenu before add new items
  • Do not register NetworkCallback for AwPacProcessor if network is not specified.
  • Do not reset shortcuts if no valid Chrome installations were found
  • Introduce AudioBuffers for user access in ScriptProcessorNode
  • [Merge to M89] Prevent re-dropping when the desk is snapping back
  • Merge 89: "Disable AV1 hardware decode w/ D3D11VideoDecoder for Intel GPUs."
  • ios: Check for nullptr cert.
  • [Merge to M89] [X11] Fix incorrect bitmap row-bytes calculation
  • [M89] Fix marking device-wide keys as corporate if no Profile was given
  • Remove usage of WKUserContentController mock
  • [Merge to M-89] Capture Mode: use Env event handler
  • Merge 89: Fix null check and reduce DumpWithoutCrashing
  • Reland "Prevent calling setSelection with negative values"
  • [fuchsia] Enable Partial Site Isolation
  • CrOS system tray: check for Media Router after primary profile init
  • [fuchsia] Reduce likelihood of integration tests timeout-flaking.
  • Disable flaky tests.
  • remoting: Introduce native systemd unit for CRD
  • ChromeOS: Disable touchpad finger swipe in the "Locked Mode"
  • [Merge to M-89] Capture Mode: fix cursor scale for different displays
  • [Blobs] Don't store BlobStorageLimits as a reference in transport strategy.
  • [Merge M89] Attempt to ensure ClassLoaders are consistent for splits
  • [Merge to 89] MediaRecorder: tolerate non-GMB NV12 frames for H264.
  • Updating XTBs based on .GRDs from branch 4389
  • Merge M89 ash: Fix mirror transform when displays have different aspect
  • viz: Clip required overlays to display boundaries
  • [M89][Signin][Android] Set up sign-in promo only with account list cache
  • Move notify call earlier when download is canceled.
  • m89: Do not process hover events when not expected by ChromeVox
  • [ChromeCart] Remove expired cart entries
  • Use the correct layer bounds.
  • Fix dependency
  • Add flag to disable AV1 Decoding on d3d11 video decoder
  • [merge to 89] Reland "capture_mode: Keyboard navigation and chromevox implementation."
  • Fix bug where search_box_view_base active/inactive colors were swapped.

New in Google Chrome 88.0.4324.182 (Feb 17, 2021)

  • Stop using raw WebContents ptr in DragDownloadFile
  • [Messages] Address a CHECK in MessageWrapper on activity destruction
  • Make IncognitoCustomTabIntentDataProvider#isIncognito as single
  • Use a copy for transferring non detachable buffers
  • Add symupload dependency to chrome_cleanup_tool binaries
  • M88 Merge: Disable SurfaceControl on capri devices
  • WebSocket: Don't clear event queue on destruction
  • Make ShapeResult::ComputeGlyphPositions() to calculate safe to break before offset correctly
  • [fuchsia] Send a null client certificate
  • Video Tutorials : Support videos not available in all languages
  • Fix crash in FilePathWatcherKQueue.
  • Add metrics for Web Platform notifications.
  • [fuchsia] Add feature flag for disabling renderer memory pressure handling.
  • Video Tutorials : UI fixes on IPH sequencing and language picker
  • Disable GPU acceleration on all Mesa software rasterizers
  • Video Tutorials : Added missing metrics for IPH cards
  • [Fuchsia] Fix FuchsiaAudioRenderer::GetWallClockTimes()
  • [fuchsia] Add memory pressure monitoring support to Renderers.
  • [M88] [sheriff] Disable NestedIframeTransformedIntoViewViewportIntersection
  • [M88] Disable flaky tests PrerenderBrowserTest.LinkRelPrerender*
  • Video tutorials : Fixed toolbar shadow for video list
  • [M88] Add strip_binary and strip_binary_chrome target
  • [Merge to M88] Avoid spinning a nested message loop for X11 clipboard
  • Fix RevertDragAt losing track of tabs in some cases.
  • c Fix crash when reverting a drag if the source tabstrip changed during the drag.
  • [Merge to M88] [XProto] Switch event queue from a std::list to a base::circular_deque
  • [Merge to M88][Web Payment]PR_sheet_controller should not update views during PR abort
  • Video Tutorials : Fixed summary card not getting shown
  • [fuchsia] Fix AutoPlayTest.*UserActivatedViaSimulatedInteraction
  • Change doubletap backwards test to happen on a paused video
  • Merge: Update hover button state before calling press callback
  • [M88] Skip fast/workers/worker-shared-asm-buffer to unblock V8 roll
  • Block HW video decode on AMD driver 8.17.10.1433
  • [M88] Disable BackForwardCacheBrowserTestWithFileSystemAPISupported.CacheWithFileSystemAPI due to flakes.
  • [M88] Add TRACE_EVENT for RequestTermination and Stop
  • Merge M88: "Don't use effective frame count to expire frames."
  • Merge M88: "Prevent Windows IMFTransform hangs
  • [Merge to M88] Enable ShortcutsMenu during Shortcut creation.
  • Reland "Updating XTBs based on .GRDs from branch 4324"
  • [M88] ServiceWorker: Fix the lifetime of OnFetchEventFinished()
  • [Fuchsia] Send output frames to ImagePipe as soon as possible
  • Revert "Updating XTBs based on .GRDs from branch 4324"
  • Updating XTBs based on .GRDs from branch 4324
  • webauthn: Remove PaaSK USB accessory filter
  • [fuchsia] Never use official Google API keys on Fuchsia.
  • [Autofill Assistant] Fast path++ CL for M-88 refresh#2
  • [Fuchsia] Use embedder origin to determine permissions for iframes
  • [fuchsia] Prevent Media Inspector memory leak on Fuchsia in M88
  • [fuchsia] Allow official keys to remain unset in Fuchsia builds.
  • [fuchsia] Fix a bug in NormalizeConsoleLogMessage
  • [fuchsia] Wait for ContextProvider instances to start.
  • Read later: Delete reading list in search state should not crash.
  • content: adds check for null stop_callback_ in MediaStreamUIProxy
  • [fuchsia] Fix NetworkChangeNotifierFuchsia construction race.
  • Updating XTBs based on .GRDs from branch 4324
  • Fix heap overflow in VideoFrameYUVConverter
  • Revert "Roll AFDO from 88.0.4324.144_rc-r1-merged to 88.0.4324.147_rc-r1-merged"
  • [M88 merge] weblayer: register android-app scheme
  • [m88] Roll ICU to fix Android extra dat file issue
  • Security Fixes and Rewards:
  • High CVE-2021-21149: Stack overflow in Data Transfer. Reported by Ryoya Tsukasaki on 2020-10-14
  • High CVE-2021-21150: Use after free in Downloads. Reported by Woojin Oh(@pwn_expoit) of STEALIEN on 2021-01-29
  • High CVE-2021-21151: Use after free in Payments. Reported by Khalil Zhani on 2021-01-12
  • High CVE-2021-21152: Heap buffer overflow in Media. Reported by Anonymous on 2021-01-14
  • High CVE-2021-21153: Stack overflow in GPU Process. Reported by Jan Ruge of ERNW GmbH on 2020-12-06
  • High CVE-2021-21154: Heap buffer overflow in Tab Strip . Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-02-01
  • High CVE-2021-21155: Heap buffer overflow in Tab Strip . Reported by Khalil Zhani on 2021-02-07
  • High CVE-2021-21156: Heap buffer overflow in V8. Reported by Sergei Glazunov of Google Project Zero on 2021-02-11
  • Medium CVE-2021-21157: Use after free in Web Sockets. Reported by Anonymous on 2021-01-26
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1178973] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 88.0.4324.150 (Feb 5, 2021)

  • [infra] Change 'Mac10.13 Tests' tester os dimension to Mac 10.13 or 10.15
  • mac: enable input sources before selecting them in ScopedKeyboardLayout
  • Remove no_gpu mixin for tasks on Mac 10.13 machines.
  • Security fixes:
  • High CVE-2021-21148: Heap buffer overflow in V8. Reported by Mattias Buelens on 2021-01-24

New in Google Chrome 88.0.4324.146 (Feb 3, 2021)

  • This update includes 6 security fixes. Below, we highlight fixes that were contributed by external researchers:
  • Critical CVE-2021-21142: Use after free in Payments . Reported by Khalil Zhani on 2021-01-21
  • High CVE-2021-21143: Heap buffer overflow in Extensions. Reported by Allen Parker & Alex Morgan of MU on 2021-01-06
  • High CVE-2021-21144: Heap buffer overflow in Tab Groups. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-01-07
  • High CVE-2021-21145: Use after free in Fonts. Reported by Anonymous on 2020-12-03
  • High CVE-2021-21146: Use after free in Navigation. Reported by Alison Huffman and Choongwoo Han of Microsoft Browser Vulnerability Research on 2020-12-24
  • Medium CVE-2021-21147: Inappropriate implementation in Skia. Reported by Roman Starkov on 2021-01-04
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1154775] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 88.0.4324.96 (Jan 20, 2021)

  • Security Fixes:
  • This update includes 36 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • Critical CVE-2021-21117: Insufficient policy enforcement in Cryptohome. Reported by Rory McNamara on 2020-10-10
  • High CVE-2021-21118: Insufficient data validation in V8. Reported by Tyler Nighswander (@tylerni7) of Theori on 2020-12-23
  • High CVE-2021-21119: Use after free in Media. Reported by Anonymous on 2020-12-20
  • High CVE-2021-21120: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2020-12-21
  • High CVE-2021-21121: Use after free in Omnibox. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2020-12-22
  • High CVE-2021-21122: Use after free in Blink. Reported by Renata Hodovan on 2020-12-28
  • High CVE-2021-21123: Insufficient data validation in File System API. Reported by Maciej Pulikowski on 2020-10-11
  • High CVE-2021-21124: Potential user after free in Speech Recognizer. Reported by Chaoyang Ding(@V4kst1z) from Codesafe Team of Legendsec at Qi'anxin Group on 2020-09-23
  • High CVE-2021-21125: Insufficient policy enforcement in File System API. Reported by Ron Masas (Imperva) on 2020-11-24
  • High CVE-2020-16044: Use after free in WebRTC. Reported by Ned Williamson of Project Zero on 2021-01-05
  • Medium CVE-2021-21126: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-07-22
  • Medium CVE-2021-21127: Insufficient policy enforcement in extensions. Reported by Jasminder Pal Singh, Web Services Point WSP, Kotkapura on 2020-08-12
  • Medium CVE-2021-21128: Heap buffer overflow in Blink. Reported by Liang Dong on 2020-10-15
  • Medium CVE-2021-21129: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski on 2020-10-20
  • Medium CVE-2021-21130: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski on 2020-10-20
  • Medium CVE-2021-21131: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski on 2020-10-20
  • Medium CVE-2021-21132: Inappropriate implementation in DevTools. Reported by David Erceg on 2020-09-15
  • Medium CVE-2021-21133: Insufficient policy enforcement in Downloads. Reported by wester0x01(https://twitter.com/wester0x01) on 2020-12-11
  • Medium CVE-2021-21134: Incorrect security UI in Page Info. Reported by wester0x01(https://twitter.com/wester0x01) on 2020-12-11
  • Medium CVE-2021-21135: Inappropriate implementation in Performance API. Reported by ndevtk on 2020-12-11
  • Low CVE-2021-21136: Insufficient policy enforcement in WebView. Reported by Shiv Sahni, Movnavinothan V and Imdad Mohammed on 2019-12-27
  • Low CVE-2021-21137: Inappropriate implementation in DevTools. Reported by bobblybear on 2020-06-11
  • Low CVE-2021-21138: Use after free in DevTools. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2020-08-27
  • Low CVE-2021-21139: Inappropriate implementation in iframe sandbox. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-03-01
  • Low CVE-2021-21140: Uninitialized Use in USB. Reported by David Manouchehri on 2020-10-08
  • Low CVE-2021-21141: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski on 2020-10-20
  • We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1168217] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 87.0.4280.141 (Jan 7, 2021)

  • Security Fixes:
  • High CVE-2021-21106: Use after free in autofill.
  • High CVE-2021-21107: Use after free in drag and drop.
  • High CVE-2021-21108: Use after free in media.
  • High CVE-2021-21109: Use after free in payments.
  • High CVE-2021-21110: Use after free in safe browsing.
  • High CVE-2021-21111: Insufficient policy enforcement in WebUI.
  • High CVE-2021-21112: Use after free in Blink.
  • High CVE-2021-21113: Heap buffer overflow in Skia.
  • High CVE-2020-16043: Insufficient data validation in networking.
  • High CVE-2021-21114: Use after free in audio.
  • High CVE-2020-15995: Out of bounds write in V8.
  • High CVE-2021-21115: Use after free in safe browsing.
  • Medium CVE-2021-21116: Heap buffer overflow in audio.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [1163626] Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 87.0.4280.66 (Nov 18, 2020)

  • Security Fixes:
  • This update includes 33 security fixes. Below, we highlight fixes that were contributed by external researchers.
  • High CVE-2020-16018: Use after free in payments. Reported by Man Yue Mo of GitHub Security Lab on 2020-10-07
  • High CVE-2020-16019: Inappropriate implementation in filesystem. Reported by Rory McNamara on 2020-10-16
  • High CVE-2020-16020: Inappropriate implementation in cryptohome. Reported by Rory McNamara on 2020-10-16
  • High CVE-2020-16021: Race in ImageBurner. Reported by Rory McNamara on 2020-10-16
  • High CVE-2020-16022: Insufficient policy enforcement in networking. Reported by @SamyKamkar on 2020-11-04
  • High CVE-2020-16015: Insufficient data validation in WASM. Reported by Rong Jian and Leecraso of 360 Alpha Lab on 2020-11-07
  • High CVE-2020-16014: Use after free in PPAPI. Reported by Rong Jian and Leecraso of 360 Alpha Lab on 2020-11-07
  • High CVE-2020-16023: Use after free in WebCodecs. Reported by Brendon Tiszka and David Manouchehri supporting the @eff on 2020-11-07
  • High CVE-2020-16024: Heap buffer overflow in UI. Reported by Sergei Glazunov of Google Project Zero on 2020-11-10
  • High CVE-2020-16025: Heap buffer overflow in clipboard. Reported by Sergei Glazunov of Google Project Zero on 2020-11-10
  • Medium CVE-2020-16026: Use after free in WebRTC. Reported by Jong-Gwon Kim (kkwon) on 2020-10-16
  • Medium CVE-2020-16027: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-08-14
  • Medium CVE-2020-16028: Heap buffer overflow in WebRTC. Reported by asnine on 2020-10-14
  • Medium CVE-2020-16029: Inappropriate implementation in PDFium. Reported by Anonymous on 2020-10-01
  • Medium CVE-2020-16030: Insufficient data validation in Blink. Reported by Michał Bentkowski of Securitum on 2020-10-22
  • Medium CVE-2019-8075: Insufficient data validation in Flash. Reported by Nethanel Gelernter, Cyberpion (https://www.cyberpion.com) on 2019-03-26
  • Medium CVE-2020-16031: Incorrect security UI in tab preview. Reported by wester0x01(https://twitter.com/wester0x01) on 2020-09-29
  • Medium CVE-2020-16032: Incorrect security UI in sharing. Reported by wester0x01(https://twitter.com/wester0x01) on 2020-10-09
  • Medium CVE-2020-16033: Incorrect security UI in WebUSB. Reported by Khalil Zhani on 2020-10-28
  • Medium CVE-2020-16034: Inappropriate implementation in WebRTC. Reported by vvmute (Benjamin Petermaier) on 2020-10-12
  • Medium CVE-2020-16035: Insufficient data validation in cros-disks. Reported by Rory McNamara on 2020-10-16
  • Low CVE-2020-16012: Side-channel information leakage in graphics. Reported by Aleksejs Popovs on 2020-05-30
  • Low CVE-2020-16036: Inappropriate implementation in cookies. Reported by Jun Kokatsu (@shhnjk) on 2018-04-09

New in Google Chrome 86.0.4240.198 (Nov 12, 2020)

  • Ignore RenderFrameHostImpl::Detach() for speculative RFHs.
  • Security fixes:
  • High CVE-2020-16013: Inappropriate implementation in V8.
  • High CVE-2020-16017: Use after free in site isolation.

New in Google Chrome 86.0.4240.193 (Nov 10, 2020)

  • Prevent UB if a WeakPtr to an already-destroyed object is dereferenced. by Daniel Cheng
  • Update elapsed cc expiration date for test. by Ian Struiksma
  • [Sheriff] Disable test on Linux, Debug or ASAN by Melissa Zhang
  • Reland "[M-86][VideoCapture] Handle GPU context lost for the zero-copy path" by Ricky Liang
  • Revert "[M-86][VideoCapture] Handle GPU context lost for the zero-copy path" by Ricky Liang
  • [M-86][VideoCapture] Handle GPU context lost for the zero-copy path by Ricky Liang
  • Avoid bitmap overflow. by Adrian Taylor
  • Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 86.0.4240.183 (Nov 3, 2020)

  • Revert "WebUI Settings: Prevent site_data.js running multiple handler requests" by Krishna Govind
  • Only refresh the printer list when we disconnect from a network by Sean Kau
  • Fix UAF in TabDragContext::ContinueDrag. by Taylor Bergquist
  • [merge 86] Fix shutdown hangs related to DB_Impl by Etienne Bergeron
  • [M86 merge] weblayer: ensures TabImpl::OpenURLFromTab handles WebContents deletion by Scott Violet
  • LiteVideo: Fix throttling to stop permanently on rebuffer event by rajendrant
  • 4240: Move every CrOS VM test into pool=chromium.tests. by Ben Pastene
  • Disable parent access code for online login in M86 by Aga Wronska
  • WebUI Settings: Prevent site_data.js running multiple handler requests by sauski
  • Added the missing IPC trait macro (M86). by Darwin Huang
  • [mini_installer] Remove code to delete files left behind by previous runs. by Greg Thompson
  • Fix the resolution issue with picture url. Fallback to default url, by Rakesh Soma
  • GestureNav: Adjust edge width for triggering navigation by Jinsuk Kim
  • [M86 merge] weblayer: ensure DisplayCutoutController is destroyed by Scott Violet
  • [M86] Fix memory leak in inspector by Sigurd Schneider
  • Security fixes:
  • High CVE-2020-16004: Use after free in user interface. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-10-15
  • High CVE-2020-16005: Insufficient policy enforcement in ANGLE. Reported by Jaehun Jeong(@n3sk) of Theori on 2020-10-16
  • High CVE-2020-16006: Inappropriate implementation in V8. Reported by Bill Parks on 2020-09-29
  • High CVE-2020-16007: Insufficient data validation in installer. Reported by Abdelhamid Naceri (halov) on 2020-09-04
  • High CVE-2020-16008: Stack buffer overflow in WebRTC. Reported by Tolya Korniltsev on 2020-10-01
  • High CVE-2020-16009: Inappropriate implementation in V8. Reported by Clement Lecigne of Google's Threat Analysis Group and Samuel Groß of Google Project Zero on 2020-10-29
  • High CVE-2020-16011: Heap buffer overflow in UI on Windows. Reported by Sergei Glazunov of Google Project Zero on 2020-11-01

New in Google Chrome 86.0.4240.111 (Oct 22, 2020)

  • Add finch kill switch for removal of default app protected storage by Daniel Murphy
  • Mark for compositing inputs update after unthrottling. by Chris Harrelson
  • Hardcode default apps to not have protected storage. by Daniel Murphy
  • Merge to M86: Disable caret browsing toggle on Mac when web contents isn't focused. by Dominic Mazzoni
  • Apply edits when closing the bookmarks bubble by Peter Boström
  • Merge to M86: Don't toggle caret browsing on Mac unless web contents has focus. by Dominic Mazzoni
  • Download: Fix a crash for removable SD card on Android R. by Xing Liu
  • Validate input of MediaStreamDispatcherHost::OpenDevice() by Guido Urdaneta
  • Fix AtomicStringTable lowercase translator. by Jeremy Roman
  • Fix NGLineBreaker hang by Koji Ishii
  • bind-gen: Fix HTML{Embed,Object}Element's named definer by Yuki Shiino
  • Revert "Remove TS_SS_TRANSITORY flag from TSF" by Anupam Snigdha
  • Add workaround to avoid crashing when calling LocalBorderBoxProperties by Chris Harrelson
  • Should notify input service about focus change for same input type. by Siye Liu
  • Revert change to notify input method about type change in omnibox during CJK tip. by Siye Liu
  • Views: Fix tab controls to sit flush with the top of the tab strip by Thomas Lukaszewicz
  • [Reland] [Merge to M86] [XProto] Temporarily use libXkb to translate key events by Tom Anderson
  • Revert "[Merge to M86] [XProto] Temporarily use libXkb to translate key events" by Justin Donnelly
  • [WebLayer] Cherry pick MediaSession service fix. by Mugdha Lakhani
  • Cherry-pick of this original change: by Evan Stade
  • [Merge to M86] [XProto] Temporarily use libXkb to translate key events by Tom Anderson
  • [IntentHandling] Add metrics to record the preferred apps entry count. by Maggie Cai
  • [Image-Orientation] Implement WebGL image-orientation by Stephen Chenney
  • M86: Prevent double deletion in PrintRenderFrameHelper. by Lei Zhang
  • usb: Prevent parallel calls to UsbDevice::Open by Reilly Grant
  • Implement LayoutSVGInlineText::InvalidateSubtreeLayoutForFontUpdates by Fredrik Söderqvist
  • Roll src/third_party/sqlite/src/ 5e8c30a1e..0324bd3ef (222 commits) (M86) by Darwin Huang
  • Avoid TabGroupModelFilter casting exception(2) by Mei Liang
  • [M86 merge] weblayer: fixs possible NPE if a11y enabled during Tab creation by Scott Violet
  • Merge M86: "Only zero out cross-origin audio that doesn't get played out." by Dale Curtis
  • M86: Check RF is alive In PrintRenderFrameHelper::PreviewPageRendered(). by Lei Zhang
  • Adding a driver check in PasswordGenerationPopupControllerImpl:: by Maria Kazinova
  • [printing] Reuse AwPrintManager with introducing UpdateParam() by Julie Jeongeun Kim
  • Fix use-after-free triggered from mojo::SyncEventWatcher DTOR by Piotr Tworek
  • [WebLayer] Guard against duplicate tab destruction when launching intent by Colin Blundell
  • Fix a NPE in TabGroupUtils by Yue Zhang
  • Fix TabGroupModelFilter casting exception by Mei Liang
  • [M86] sandbox: add feature flags to control Spectre v2 mitigation in sandbox_bpf by Ricky Liang
  • Don't report layout shift for visibility:hidden by Xianzhu Wang
  • Reland "Add callback to WebMediaPlayerImpl to notify when a redirect occurs" by Dale Curtis
  • Fix IsolatedPrerender misnamed canary check by Robert Ogden
  • Clipboard: Add UMA metrics for content script reads without user activation. (M86). by Darwin Huang
  • ios: Speculative workaround for WebKit dispatchIncomingMessages crash. by Justin Cohen
  • Call ResumeLoadingCreatedWebContents during WillAttach. by Dave Tapuska
  • Fix the UIL blocking issues. by Leo Zhang · 13 days ago
  • Merge "Stop recreating keychain item for SC private API" by Owen Min
  • [M86] OOBE: Make UserSessionManager more robust to shutdown during the login by Roman Sorokin
  • Get supported formats before sandboxing by Wei Lee
  • [ios] append disable_widevine_signing to official_goma_mac mb by Jeff Yoon
  • Update import_util.py to work from chrome/chrome_cleaner/internal by Joe Mason
  • [ios] disable widevine for mac-chrome* trybots by Jeff Yoon
  • Clear fast_ink GpuMemoryBuffer by Drew Davenport
  • [M86 merge] Unsubscribe from Drive invalidations when Drive shuts down by Austin Tankiang
  • Messages: Re-enable feature for users that hit crbug/1131140. by Jon Mann
  • Messages: Wait for app registry to load before querying for PWA info. by Jon Mann
  • Ash Notification: Add SetPaintToLayer to stacked notification bar. by Andre Le
  • [Merge-M86] Turn off Release notes suggestion chips. by Rachel Carpenter
  • Disable flaky external/wpt/webvtt/rendering/cues-with-video/processing-model/embedded_style_media_queries.html [M86] by evliu
  • [CrOs] Update supported version for display password button feature by Thomas Tellier
  • [Merge] [Siri Shortcuts] Add checks for old shortcut actions by Guillaume Jenkins
  • Initialize WebStateListMetricsBrowser after SessionRestorationBrowser by Olivier Robin
  • This update includes 5 security fixes:
  • High CVE-2020-16000: Inappropriate implementation in Blink. Reported by amaebi_jp on 2020-09-06
  • High CVE-2020-16001: Use after free in media. Reported by Khalil Zhani on 2020-10-05
  • High CVE-2020-16002: Use after free in PDFium. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2020-10-13
  • High CVE-2020-15999: Heap buffer overflow in Freetype. Reported by Sergei Glazunov of Google Project Zero on 2020-10-19
  • Medium CVE-2020-16003: Use after free in printing. Reported by Khalil Zhani on 2020-10-04

New in Google Chrome 86.0.4240.75 (Oct 7, 2020)

  • Security Fixes:
  • This update includes 35 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
  • [1127322] Critical CVE-2020-15967: Use after free in payments. Reported by Man Yue Mo of GitHub Security Lab on 2020-09-11
  • [1126424] High CVE-2020-15968: Use after free in Blink. Reported by Anonymous on 2020-09-09
  • [1124659] High CVE-2020-15969: Use after free in WebRTC. Reported by Anonymous on 2020-09-03
  • [1108299] High CVE-2020-15970: Use after free in NFC. Reported by Man Yue Mo of GitHub Security Lab on 2020-07-22
  • [1114062] High CVE-2020-15971: Use after free in printing. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-08-07
  • [1115901] High CVE-2020-15972: Use after free in audio. Reported by Anonymous on 2020-08-13
  • [1133671] High CVE-2020-15990: Use after free in autofill. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30
  • [1133688] High CVE-2020-15991: Use after free in password manager. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30
  • [1106890] Medium CVE-2020-15973: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-07-17
  • [1104103] Medium CVE-2020-15974: Integer overflow in Blink. Reported by Juno Im (junorouse) of Theori on 2020-07-10
  • [1110800] Medium CVE-2020-15975: Integer overflow in SwiftShader. Reported by Anonymous on 2020-07-29
  • [1123522] Medium CVE-2020-15976: Use after free in WebXR. Reported by YoungJoo Lee(@ashuu_lee) of Raon Whitehat on 2020-08-31
  • [1083278] Medium CVE-2020-6557: Inappropriate implementation in networking. Reported by Matthias Gierlings and Marcus Brinkmann (NDS Ruhr-University Bochum) on 2020-05-15
  • [1097724] Medium CVE-2020-15977: Insufficient data validation in dialogs. Reported by Narendra Bhati (https://twitter.com/imnarendrabhati) on 2020-06-22
  • [1116280] Medium CVE-2020-15978: Insufficient data validation in navigation. Reported by Luan Herrera (@lbherrera_) on 2020-08-14
  • [1127319] Medium CVE-2020-15979: Inappropriate implementation in V8. Reported by Avihay Cohen @ SeraphicAlgorithms on 2020-09-11
  • [1092453] Medium CVE-2020-15980: Insufficient policy enforcement in Intents. Reported by Yongke Wang(@Rudykewang) and Aryb1n(@aryb1n) of Tencent Security Xuanwu Lab (腾讯安全玄武实验室) on 2020-06-08
  • [1123023] Medium CVE-2020-15981: Out of bounds read in audio. Reported by Christoph Guttandin on 2020-08-28
  • [1039882] Medium CVE-2020-15982: Side-channel information leakage in cache. Reported by Luan Herrera (@lbherrera_) on 2020-01-07
  • [1076786] Medium CVE-2020-15983: Insufficient data validation in webUI. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-04-30
  • [1080395] Medium CVE-2020-15984: Insufficient policy enforcement in Omnibox. Reported by Rayyan Bijoora on 2020-05-07
  • [1099276] Medium CVE-2020-15985: Inappropriate implementation in Blink. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2020-06-25
  • [1100247] Medium CVE-2020-15986: Integer overflow in media. Reported by Mark Brand of Google Project Zero on 2020-06-29
  • [1127774] Medium CVE-2020-15987: Use after free in WebRTC. Reported by Philipp Hancke on 2020-09-14
  • [1110195] Medium CVE-2020-15992: Insufficient policy enforcement in networking. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-28
  • [1092518] Low CVE-2020-15988: Insufficient policy enforcement in downloads. Reported by Samuel Attard on 2020-06-08
  • [1108351] Low CVE-2020-15989: Uninitialized Use in PDFium. Reported by Gareth Evans (Microsoft) on 2020-07-22

New in Google Chrome 85.0.4183.121 (Sep 22, 2020)

  • [m85] Reland "Add more checks for chrome.debugger extensions"
  • [Merge M85] Fix crash in InspectorCSSAgent::ResetPseudoStates
  • [M85] Quota: Fix precision mistakes for storage pressure.
  • Support disabling lens for incognito users
  • [M85] Skip clean up if stored RealTimeUrlCheck verdict count is 0.
  • (merge) widevine: Only enable Widevine CDM host verification for official builds
  • [m85] Delegate TargetHandler::Session permission checks to the root client
  • Reland Run ObfuscatedFileUtilMemoryDelegate entirely on TaskRunner.
  • (merge) Check for context destroyed in MediaKeys
  • Fix for UAF when referencing a deleted scrollbar layer.
  • [merge to 85] Revert "cros: V2 apps open on the same display as GetDisplayForNewWindows."
  • Re-Enable legacy deep scanning features in M85
  • serial: Check that port is open before reading or writing
  • [mojo] Fix SequenceLocalSyncEventWatcher reset
  • Change how 3D API blocking is implemented
  • Remove redundant lines from TestExpectations
  • Do not override Navigator.share for insecure contexts
  • Reland: Restrict web share feature to URLs without file protocol
  • Security Fixes:
  • High CVE-2020-15960: Out of bounds read in storage. Reported by Anonymous on 2020-06-28
  • High CVE-2020-15961: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-08-10
  • High CVE-2020-15962: Insufficient policy enforcement in serial. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-08-26
  • High CVE-2020-15963: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-08-06
  • High CVE-2020-15965: Out of bounds write in V8. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-09-08
  • Medium CVE-2020-15966: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-08-06
  • Low CVE-2020-15964: Insufficient data validation in media. Reported by Woojin Oh(@pwn_expoit) of STEALIEN on 2020-08-25
  • Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 85.0.4183.102 (Sep 9, 2020)

  • Security fixes:
  • High CVE-2020-6573: Use after free in video. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-08-14
  • High CVE-2020-6574: Insufficient policy enforcement in installer. Reported by CodeColorist of Ant-Financial LightYear Labs on 2020-07-05
  • High CVE-2020-6575: Race in Mojo. Reported by Microsoft on 2020-05-12
  • High CVE-2020-6576: Use after free in offscreen canvas. Reported by Looben Yang on 2020-07-31
  • High CVE-2020-15959: Insufficient policy enforcement in networking. Reported by Eric Lawrence of Microsoft on 2020-08-27

New in Google Chrome 84.0.4147.135 (Aug 19, 2020)

  • This update includes 1 security fix:
  • Heap buffer overflow in SwiftShader. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-08-12

New in Google Chrome 84.0.4147.125 (Aug 11, 2020)

  • This update includes 15 security fixes:
  • High CVE-2020-6542: Use after free in ANGLE. Reported by Piotr Bania of Cisco Talos on 2020-07-20
  • High CVE-2020-6543: Use after free in task scheduling. Reported by Looben Yang on 2020-07-10
  • High CVE-2020-6544: Use after free in media. Reported by Tim Becker of Theori on 2020-07-22
  • High CVE-2020-6545: Use after free in audio. Reported by Anonymous on 2020-06-16
  • High CVE-2020-6546: Inappropriate implementation in installer. Reported by Andrew Hess (any1) on 2020-06-29
  • High CVE-2020-6547: Incorrect security UI in media. Reported by David Albert on 2020-07-05
  • High CVE-2020-6548: Heap buffer overflow in Skia. Reported by Choongwoo Han, Microsoft Browser Vulnerability Research on 2020-07-09
  • High CVE-2020-6549: Use after free in media. Reported by Sergei Glazunov of Google Project Zero on 2020-07-14
  • High CVE-2020-6550: Use after free in IndexedDB. Reported by Sergei Glazunov of Google Project Zero on 2020-07-17
  • High CVE-2020-6551: Use after free in WebXR. Reported by Sergei Glazunov of Google Project Zero on 2020-07-21
  • High CVE-2020-6552: Use after free in Blink. Reported by Tim Becker of Theori on 2020-07-22
  • High CVE-2020-6553: Use after free in offline mode. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-30
  • Medium CVE-2020-6554: Use after free in extensions. Reported by Anonymous on 2020-06-12
  • Medium CVE-2020-6555: Out of bounds read in WebGL. Reported by Marcin Towalski of Cisco Talos on 2020-07-13

New in Google Chrome 84.0.4147.105 (Jul 28, 2020)

  • Security Fixes:
  • High CVE-2020-6537: Type Confusion in V8. Reported by Alphalaab on 2020-07-14
  • High CVE-2020-6538: Inappropriate implementation in WebView.
  • High CVE-2020-6532: Use after free in SCTP. Reported by Anonymous on 2020-07-09
  • High CVE-2020-6539: Use after free in CSS. Reported by Oriol Brufau on 2020-07-14
  • High CVE-2020-6540: Heap buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2020-07-15
  • High CVE-2020-6541: Use after free in WebUSB. Reported by Sergei Glazunov of Google Project Zero on 2020-07-17
  • Various fixes from internal audits, fuzzing and other initiatives

New in Google Chrome 84.0.4147.89 (Jul 16, 2020)

  • This update includes 38 security fixes.

New in Google Chrome 62.0.3202.75 (Oct 29, 2017)

  • [$3000][770452] High CVE-2017-15396: Stack overflow in V8. Reported by Yuan Deng of Ant-financial Light-Year Security Lab on 2017-09-30

New in Google Chrome 58.0.3029.96 (May 2, 2017)

  • In order to improve stability, performance, and security, users who are currently on 32-bit version of Chrome, and 64-bit Windows with 4GB or more of memory and auto-update enabled will be automatically migrated to 64-bit Chrome during this update. 32-bit Chrome will still be available via the Chrome download page.
  • Security Fixes and Rewards:
  • [$500][679306] High CVE-2017-5068: Race condition in WebRTC. Credit to Philipp Hancke

New in Google Chrome 51.0.2704.103 (Jun 16, 2016)

  • This update includes 3 security fixes.

New in Google Chrome 51.0.2704.79 (Jun 1, 2016)

  • [601073] High CVE-2016-1696: Cross-origin bypass in Extension bindings. Credit to anonymous.
  • [613266] High CVE-2016-1697: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
  • [603725] Medium CVE-2016-1698: Information leak in Extension bindings. Credit to Rob Wu.
  • [607939] Medium CVE-2016-1699: Parameter sanitization failure in DevTools. Credit to Gregory Panakkal.
  • [608104] Medium CVE-2016-1700: Use-after-free in Extensions. Credit to Rob Wu.
  • [608101] Medium CVE-2016-1701: Use-after-free in Autofill. Credit to Rob Wu.
  • [609260] Medium CVE-2016-1702: Out-of-bounds read in Skia. Credit to cloudfuzzer.
  • [616539] CVE-2016-1703: Various fixes from internal audits, fuzzing and other initiatives.

New in Google Chrome 49.0.2623.108 (Mar 24, 2016)

  • High CVE-2016-1646: Out-of-bounds read in V8. Credit to Wen Xu from Tencent KeenLab.
  • High CVE-2016-1647: Use-after-free in Navigation. Credit to anonymous.
  • High CVE-2016-1648: Use-after-free in Extensions. Credit to anonymous.
  • High CVE-2016-1649: Buffer overflow in libANGLE. Credit to lokihardt working with HP’s Zero Day Initiative / Pwn2Own.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • CVE-2016-1650: Various fixes from internal audits, fuzzing and other initiatives.
  • Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch (currently 4.9.385.33).

New in Google Chrome 49.0.2623.87 (Mar 9, 2016)

  • High CVE-2016-1643: Type confusion in Blink. Credit to cloudfuzzer.
  • High CVE-2016-1644: Use-after-free in Blink. Credit to Atte Kettunen of OUSPG.
  • High CVE-2016-1645: Out-of-bounds write in PDFium. Credit to anonymous working with HP's Zero Day Initiative.

New in Google Chrome 48.0.2564.109 (Feb 10, 2016)

  • High CVE-2016-1622: Same-origin bypass in Extensions. Credit to anonymous.
  • High CVE-2016-1623: Same-origin bypass in DOM. Credit to Mariusz Mlynski.
  • High CVE-2016-1624: Buffer overflow in Brotli. Credit to lukezli.
  • Medium CVE-2016-1625: Navigation bypass in Chrome Instant. Credit to Jann Horn.
  • Medium CVE-2016-1626: Out-of-bounds read in PDFium. Credit to anonymous, working with HP's Zero Day Initiative.

New in Google Chrome 47.0.2526.106 (Dec 16, 2015)

  • Fixes from internal audits and fuzzing.

New in Google Chrome 47.0.2526.80 (Dec 8, 2015)

  • This release contains an update to Adobe Flash Player (20.0.0.228) and security fixes.

New in Google Chrome 48.0.2564.23 Beta (Dec 4, 2015)

  • Presentation API:
  • Historically, sites have been unable to present content to nearby devices, which made it hard to build experiences like a slide “presenter mode” for the mobile web. The latest release of Chrome on Android now allows mobile sites to present to Google Cast devices using the standards-based Presentation API and the Cast Web SDK.
  • Custom buttons on notifications:
  • Chrome 42 introduced the ability for users to receive push notifications from websites, allowing users to build deeper relationships with the sites they love. Usage of the feature has grown quickly, with Chrome now delivering more than 350 million push notifications every day. In the latest Chrome release, sites can now add custom buttons to notifications, enabling users to complete tasks entirely within the notification.
  • Detecting maximum connection speed:
  • A user’s mobile phone connects to the internet over anything from high quality WiFi to 2G, which has made it difficult to design the right mobile experience. Developers can now use NetworkInformation.downlinkMax to detect a device's maximum bandwidth so they can send the optimal resources for the connection speed. Sites can also respond to changes in connection quality using the NetworkInformation.onChange event handler.
  • Other features in this release:
  • The new DevTools security panel enables developers to understand the security state of a page to help them migrate their websites to HTTPS.
  • Sites can now use FontFaceSet more flexibly with several new iteration methods.
  • WebRTC now supports the VP9 video codec, and can serve HD video at almost half the bandwidth of VP8 or H264.
  • Web Audio JavaScript syntax can now be shortened and simplified with method chaining for AudioNode.connect() and AudioParam.connect() automation methods.
  • The MediaStreamTrack.remote attribute allows sites to detect if a media stream is from a remote source.
  • Sites can now detect key presses from a user without worrying about browser type or operating system using the KeyboardEvent.code attribute.
  • Developers can now leverage JavaScript language behaviors not previously exposed in ES5 or below using the well-known symbols @@isConcatSpreadable, @@toPrimitive, and @@toStringTag.
  • min-width:auto and min-height:auto now work for flex items without flex-basis:auto.
  • Several getAll() methods have been added to IndexedDB to simplify bulk interactions.
  • Minor changes:
  • ServiceWorkerRegistration.update() no longer bypasses the cache for update checks within 24 hours, improving spec compliance.
  • The error attribute on IDBRequest and IDBTransaction will now return DOMException instead of DOMError to improve Chrome's spec compliance.
  • The RC4 cipher is no longer supported over HTTPS connections due to several vulnerabilities.
  • The MediaStreamTrack.getSources() method has been deprecated in favor of MediaDevices.enumerateDevices().
  • SVGGraphicsElement.getTransformToElement has been removed to match the SVG spec.
  • getSVGDocument() has been removed from HTMLFrameElement.prototype to match the spec.
  • SVG glyph-orientation-horizontal and glyph-orientation-vertical properties have been removed in favor of the CSS text-orientation property.
  • SVGElement.offset* properties and SVGPathSeg interfaces have been removed to improve spec compliance.
  • The CSS plus-darker composite operator has been removed to increase spec compliance.
  • The item() method has been removed from TextTrackList and TextTrackCueList to improve spec compliance.
  • Developers can now build robust RTL text experiences using CSS Writing Modes Level 3 without prefixes.
  • CSS font-feature-settings are no longer prefixed.

New in Google Chrome 47.0.2526.73 (Dec 1, 2015)

  • [$10000][558589] Critical CVE-2015-6765: Use-after-free in AppCache. Credit to anonymous.
  • [$11337][551044] High CVE-2015-6766: Use-after-free in AppCache. Credit to anonymous.
  • [$10000][554908] High CVE-2015-6767: Use-after-free in AppCache. Credit to anonymous.
  • [$8000][556724] High CVE-2015-6768: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
  • [$7500][534923] High CVE-2015-6769: Cross-origin bypass in core. Credit to Mariusz Mlynski.
  • [$7500][541206] High CVE-2015-6770: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
  • [$7500][544991] High CVE-2015-6771: Out of bounds access in v8. Credit to anonymous.
  • [$7500][546545] High CVE-2015-6772: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
  • [$7500][554946] High CVE-2015-6764: Out of bounds access in v8. Credit to Guang Gong of Qihoo 360 via pwn2own.
  • [$5000][491660] High CVE-2015-6773: Out of bounds access in Skia. Credit to cloudfuzzer.
  • [$5000][549251] High CVE-2015-6774: Use-after-free in Extensions. Credit to anonymous.
  • [$3500][529012] High CVE-2015-6775: Type confusion in PDFium. Credit to Atte Kettunen of OUSPG.
  • [$3000][457480] High CVE-2015-6776: Out of bounds access in PDFium. Credit to Hanno Böck.
  • [$3000][544020] High CVE-2015-6777: Use-after-free in DOM. Credit to Long Liu of Qihoo 360Vulcan Team.
  • [$2000][514891] Medium CVE-2015-6778: Out of bounds access in PDFium. Credit to Karl Skomski.
  • [$2000][528505] Medium CVE-2015-6779: Scheme bypass in PDFium. Credit to Ullrich Tiljasper.
  • [$1000][490492] Medium CVE-2015-6780: Use-after-free in Infobars. Credit to Khalil Zhani.
  • [$1000][497302] Medium CVE-2015-6781: Integer overflow in Sfntly. Credit to miaubiz.
  • [$1000][536652] Medium CVE-2015-6782: Content spoofing in Omnibox. Credit to Luan Herrera.
  • [$1000][537205] Medium CVE-2015-6783: Signature validation issue in Android Crazy Linker. Credit to Michal Bednarski.
  • [$500][503217] Low CVE-2015-6784: Escaping issue in saved pages. Credit to Inti De Ceukelaire.
  • [$500][534542] Low CVE-2015-6785: Wildcard matching issue in CSP. Credit to [email protected].
  • [$500][534570] Low CVE-2015-6786: Scheme bypass in CSP. Credit to [email protected].

New in Google Chrome 46.0.2490.71 (Oct 13, 2015)

  • High CVE-2015-6755: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
  • High CVE-2015-6756: Use-after-free in PDFium. Credit to anonymous.
  • High CVE-2015-6757: Use-after-free in ServiceWorker. Credit to Collin Payne.
  • High CVE-2015-6758: Bad-cast in PDFium. Credit to Atte Kettunen of OUSPG.
  • Medium CVE-2015-6759: Information leakage in LocalStorage. Credit to Muneaki Nishimura (nishimunea).
  • Medium CVE-2015-6760: Improper error handling in libANGLE. Credit to lastland.net.
  • Medium CVE-2015-6761: Memory corruption in FFMpeg. Credit to Aki Helin of OUSPG and anonymous.
  • Low CVE-2015-6762: CORS bypass via CSS fonts. Credit to Muneaki Nishimura (nishimunea).

New in Google Chrome 45.0.2454.101 (Sep 24, 2015)

  • High CVE-2015-1303: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
  • High CVE-2015-1304: Cross-origin bypass in V8. Credit to Mariusz Mlynski.

New in Google Chrome 46.0.2490.13 Beta (Sep 2, 2015)

  • Chrome 46.0.2490.13 contains our usual under-the-hood performance and stability tweaks, but there are also some cool new features to explore.

New in Google Chrome 45.0.2454.85 (Sep 1, 2015)

  • Chrome 45.0.2454.85 contains a number of fixes and improvements. This update includes 29 security fixes.

New in Google Chrome 44.0.2403.89 (Jul 21, 2015)

  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in Google Chrome 43.0.2357.134 (Jul 14, 2015)

  • This release contains a critical update to Adobe Flash Player (18.0.0.209) and a fix for a full screen casting issue.

New in Google Chrome 43.0.2357.125 (Jun 12, 2015)

  • [498426] Resolved browser font magnification/scaling issue.

New in Google Chrome 44.0.2403.18 Beta (May 28, 2015)

  • A new cadence based rendering algorithm that improves video rendering in Chrome. Users should see much smoother video playback in Chrome for all video content. However, this is especially beneficial for the cases where the system was on the border of playing back certain videos. For example, users who previously had minor stuttering with high resolution or high frame rate content (4k, 1080p60) should now have a smooth playback experience.
  • Lots of under the hood changes for stability and performance.

New in Google Chrome 43.0.2357.81 (May 25, 2015)

  • Fixed an issue where sometimes a blank page would print.
  • Icons not displaying properly on Linux

New in Google Chrome 43.0.2357.65 (May 19, 2015)

  • High CVE-2015-1252: Sandbox escape in Chrome. Credit to anonymous.
  • High CVE-2015-1253: Cross-origin bypass in DOM. Credit to anonymous.
  • High CVE-2015-1254: Cross-origin bypass in Editing. Credit to [email protected].
  • High CVE-2015-1255: Use-after-free in WebAudio. Credit to Khalil Zhani.
  • High CVE-2015-1256: Use-after-free in SVG. Credit to Atte Kettunen of OUSPG.
  • High CVE-2015-1251: Use-after-free in Speech. Credit to SkyLined working with HP's Zero Day Initiative
  • Medium CVE-2015-1257: Container-overflow in SVG. Credit to miaubiz.
  • Medium CVE-2015-1258: Negative-size parameter in Libvpx. Credit to cloudfuzzer
  • Medium CVE-2015-1259: Uninitialized value in PDFium. Credit to Atte Kettunen of OUSPG
  • Medium CVE-2015-1260: Use-after-free in WebRTC. Credit to Khalil Zhani.
  • Medium CVE-2015-1261: URL bar spoofing. Credit to Juho Nurminen.
  • Medium CVE-2015-1262: Uninitialized value in Blink. Credit to miaubiz.
  • Low CVE-2015-1263: Insecure download of spellcheck dictionary. Credit to Mike Ruddy.
  • Low CVE-2015-1264: Cross-site scripting in bookmarks. Credit to K0r3Ph1L.

New in Google Chrome 43.0.2357.18 Beta (Apr 20, 2015)

  • Suggesting Answers in the Omnibox
  • A number of new apps/extension APIs (including the Push API!)
  • Lots of under the hood changes for stability and performance

New in Google Chrome 42.0.2311.90 (Apr 15, 2015)

  • A number of new apps, extension and Web Platform APIs (including the Push API!)
  • Lots of under the hood changes for stability and performance
  • The answer to life, the universe and everything

New in Google Chrome 42.0.2311.22 Beta (Mar 10, 2015)

  • A number of new apps/extension APIs (including the Push API!)
  • Lots of under the hood changes for stability and performance
  • The answer to life, the universe, and everything

New in Google Chrome 41.0.2272.76 (Mar 4, 2015)

  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in Google Chrome 40.0.2214.111 (Feb 5, 2015)

  • This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information:
  • [447906] High CVE-2015-1209: Use-after-free in DOM. Credit to Maksymillian Motyl.
  • [453979] High CVE-2015-1210: Cross-origin-bypass in V8 bindings. Credit to anonymous.
  • [453982] High CVE-2015-1211: Privilege escalation using service workers. Credit to anonymous.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [455225] CVE-2015-1212: Various fixes from internal audits, fuzzing and other initiatives.

New in Google Chrome 41.0.2272.16 Beta (Jan 22, 2015)

  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in Google Chrome 40.0.2214.91 (Jan 21, 2015)

  • Updated Chrome app info dialog for Windows and Linux.
  • A new clock behind/ahead error message.
  • Security Fixes and Rewards:
  • This update includes 62 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.
  • [$5000][430353] High CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning.
  • [$4500][435880] High CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne.
  • [$4000][434136] High CVE-2014-7925: Use-after-free in WebAudio. Credit to mark.buer.
  • [$4000][422824] High CVE-2014-7926: Memory corruption in ICU. Credit to yangdingning.
  • [$3500][444695] High CVE-2014-7927: Memory corruption in V8. Credit to Christian Holler.
  • [$3500][435073] High CVE-2014-7928: Memory corruption in V8. Credit to Christian Holler.
  • [$3000][442806] High CVE-2014-7930: Use-after-free in DOM. Credit to cloudfuzzer.
  • [$3000][442710] High CVE-2014-7931: Memory corruption in V8. Credit to cloudfuzzer.
  • [$2000][443115] High CVE-2014-7929: Use-after-free in DOM. Credit to cloudfuzzer.
  • [$2000][429666] High CVE-2014-7932: Use-after-free in DOM. Credit to Atte Kettunen of OUSPG.
  • [$2000][427266] High CVE-2014-7933: Use-after-free in FFmpeg. Credit to aohelin.
  • [$2000][427249] High CVE-2014-7934: Use-after-free in DOM. Credit to cloudfuzzer.
  • [$2000][402957] High CVE-2014-7935: Use-after-free in Speech. Credit to Khalil Zhani.
  • [$1500][428561] High CVE-2014-7936: Use-after-free in Views. Credit to Christoph Diehl.
  • [$1500][419060] High CVE-2014-7937: Use-after-free in FFmpeg. Credit to Atte Kettunen of OUSPG.
  • [$1000][416323] High CVE-2014-7938: Memory corruption in Fonts. Credit to Atte Kettunen of OUSPG.
  • [$1000][399951] High CVE-2014-7939: Same-origin-bypass in V8. Credit to Takeshi Terada.
  • [$1000][433866] Medium CVE-2014-7940: Uninitialized-value in ICU. Credit to miaubiz.
  • [$1000][428557] Medium CVE-2014-7941: Out-of-bounds read in UI. Credit to Atte Kettunen of OUSPG and Christoph Diehl.
  • [$1000][426762] Medium CVE-2014-7942: Uninitialized-value in Fonts. Credit to miaubiz.
  • [$1000][422492] Medium CVE-2014-7943: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.
  • [$1000][418881] Medium CVE-2014-7944: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
  • [$1000][414310] Medium CVE-2014-7945: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
  • [$1000][414109] Medium CVE-2014-7946: Out-of-bounds read in Fonts. Credit to miaubiz.
  • [$500][430566] Medium CVE-2014-7947: Out-of-bounds read in PDFium. Credit to fuzztercluck.
  • [$500][414026] Medium CVE-2014-7948: Caching error in AppCache. Credit to jiayaoqijia.
  • As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [449894] Various fixes from internal audits, fuzzing and other initiatives.
  • Multiple vulnerabilities in V8 fixed at the tip of the 3.30 branch (currently 3.30.33.15).

New in Google Chrome 39.0.2171.99 (Jan 13, 2015)

  • This release contains an update for Adobe Flash as well as a number of other fixes.

New in Google Chrome 39.0.2171.95 (Dec 9, 2014)

  • This release contains an update for Adobe Flash as well as a number of other fixes.

New in Google Chrome 39.0.2171.71 (Nov 25, 2014)

  • This release contains an update for Adobe Flash as well as a number of other fixes.

New in Google Chrome 40.0.2214.10 Beta (Nov 21, 2014)

  • Profile Lock, which introduces the ability to "child lock" signed-in profiles.
  • New Tabs Page Suggestions, which tries to determine which sites you'd like to visit depending on the the time and day.
  • New crash recovery UI.

New in Google Chrome 39.0.2171.65 (Nov 18, 2014)

  • New Features:
  • 64-bit support for Mac
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance
  • Security Fixes:
  • High CVE-2014-7899: Address bar spoofing.
  • High CVE-2014-7900: Use-after-free in pdfium.
  • High CVE-2014-7901: Integer overflow in pdfium.
  • High CVE-2014-7902: Use-after-free in pdfium.
  • High CVE-2014-7903: Buffer overflow in pdfium.
  • High CVE-2014-7904: Buffer overflow in Skia.
  • High CVE-2014-7905: Flaw allowing navigation to intents that do not have the BROWSABLE category.
  • High CVE-2014-7906: Use-after-free in pepper plugins.
  • High CVE-2014-0574: Double-free in Flash.
  • High CVE-2014-7907: Use-after-free in blink.
  • High CVE-2014-7908: Integer overflow in media.
  • Medium CVE-2014-7909: Uninitialized memory read in Skia.

New in Google Chrome 38.0.2125.101 (Oct 8, 2014)

  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in Google Chrome 38.0.2125.58 Beta (Sep 11, 2014)

  • With this release Chrome Mac is 32-bit and will continue to be 32-bit when Chrome 38 goes to stable. With the release of Chrome 39, we will be moving Mac to 64-bit and will no longer support 32-bit NPAPI plugins.

New in Google Chrome 37.0.2062.120 (Sep 9, 2014)

  • This release contains an update for Adobe Flash as well as a number of other fixes.
  • This update includes 4 security fixes.

New in Google Chrome 38.0.2125.24 Beta (Aug 29, 2014)

  • New experimental user switching design which makes changing profiles and into incognito mode simpler.
  • A new experimental Guest mode.
  • Experimental UI for Chrome supervised users.
  • Lots of under the hood changes for stability and performance.

New in Google Chrome 37.0.2062.94 (Aug 26, 2014)

  • DirectWrite support on Windows for improved font rendering
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance
  • This update includes 50 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting:
  • [$30000][386988] Critical CVE-2014-3176, CVE-2014-3177: A special reward to lokihardt@asrt for a combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox.
  • [$2000][369860] High CVE-2014-3168: Use-after-free in SVG. Credit to cloudfuzzer.
  • [$2000][387389] High CVE-2014-3169: Use-after-free in DOM. Credit to Andrzej Dyjak.
  • [$1000][390624] High CVE-2014-3170: Extension permission dialog spoofing. Credit to Rob Wu.
  • [$4000][390928] High CVE-2014-3171: Use-after-free in bindings. Credit to cloudfuzzer.
  • [$1500][367567] Medium CVE-2014-3172: Issue related to extension debugging. Credit to Eli Grey.
  • [$2000][376951] Medium CVE-2014-3173: Uninitialized memory read in WebGL. Credit to jmuizelaar.
  • [$500][389219] Medium CVE-2014-3174: Uninitialized memory read in Web Audio. Credit to Atte Kettunen from OUSPG.

New in Google Chrome 36.0.1985.143 (Aug 12, 2014)

  • This update includes 12 security fixes.

New in Google Chrome 37.0.2062.20 Beta (Jul 17, 2014)

  • DirectWrite support on Windows
  • A new password manager UI
  • Automatic reload of unreachable pages when network becomes available
  • Dropped Chrome sign-in requirement for Chrome Apps
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in Google Chrome 36.0.1985.122 (Jul 16, 2014)

  • Rich Notifications Improvements
  • An Updated Incognito / Guest NTP design
  • The addition of a Browser crash recovery bubble
  • Chrome App Launcher for Linux
  • Lots of under the hood changes for stability and performance

New in Google Chrome 35.0.1916.153 (Jun 10, 2014)

  • This update includes 4 security fixes:
  • CVE-2014-3154: Use-after-free in filesystem API.
  • CVE-2014-3155: Out-of-bounds read in SPDY.
  • CVE-2014-3156: Buffer overflow in clipboard.
  • CVE-2014-3157: Heap overflow in media.

New in Google Chrome 36.0.1985.18 Beta (May 22, 2014)

  • New Chrome app launcher for Linux
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in Google Chrome 35.0.1916.114 (May 20, 2014)

  • More developer control over touch input
  • New JavaScript features
  • Unprefixed Shadow DOM
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance
  • This update includes 23 security fixes

New in Google Chrome 36.0.1985.8 Dev (May 16, 2014)

  • Fixes and improvements:
  • Introduce a new framework for back-and-forth tracked preference migration between Protected Preferences and unprotected Preferences.
  • Fix the compile error for win64: widevine_key_systems.cc.
  • Prefer GL_ARB_sync/ES3 fences
  • Fix an issue that jni generator is ignoring input param

New in Google Chrome 34.0.1847.137 (May 13, 2014)

  • Bug fixes:
  • High CVE-2014-1740: Use-after-free in WebSockets.
  • High CVE-2014-1741: Integer overflow in DOM ranges.
  • High CVE-2014-1742: Use-after-free in editing.

New in Google Chrome 35.0.1916.27 Beta (Apr 10, 2014)

  • More developer control over touch input
  • New JavaScript features
  • Unprefixed Shadow DOM
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in Google Chrome 34.0.1847.116 (Apr 8, 2014)

  • Responsive Images and Unprefixed Web Audio
  • Import supervised users onto new computers
  • A number of new apps/extension APIs
  • A different look for Win8 Metro mode
  • Lots of under the hood changes for stability and performance

New in Google Chrome 33.0.1750.12 (Mar 15, 2014)

  • [$100,000] [352369] Code execution outside sandbox. Credit to VUPEN.
  • [352374] High CVE-2014-1713: Use-after-free in Blink bindings
  • [$60,000] [352420] Code execution outside sandbox. Credit to Anonymous.
  • [351787] High CVE-2014-1705: Memory corruption in V8
  • [352429] High CVE-2014-1715: Directory traversal issue

New in Google Chrome 33.0.1750.149 (Mar 11, 2014)

  • This update includes 7 security fixes.

New in Google Chrome 33.0.1750.146 (Mar 4, 2014)

  • This update includes 19 security fixes.

New in Google Chrome 34.0.1847.14 Beta (Feb 27, 2014)

  • Responsive Images and Unprefixed Web Audio
  • Hands-free Google Voice Search in Chrome
  • Import supervised users onto new computers
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in Google Chrome 33.0.1750.117 (Feb 20, 2014)

  • This update includes 28 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting.
  • [$2000][334897] High CVE-2013-6652: Issue with relative paths in Windows sandbox named pipe policy. Credit to tyranid.
  • [$1000][331790] High CVE-2013-6653: Use-after-free related to web contents. Credit to Khalil Zhani.
  • [$3000][333176] High CVE-2013-6654: Bad cast in SVG. Credit to TheShow3511.
  • [$3000][293534] High CVE-2013-6655: Use-after-free in layout. Credit to cloudfuzzer.
  • [$500][331725] High CVE-2013-6656: Information leak in XSS auditor. Credit to NeexEmil.
  • [$1000][331060] Medium CVE-2013-6657: Information leak in XSS auditor. Credit to NeexEmil.
  • [$2000][322891] Medium CVE-2013-6658: Use-after-free in layout. Credit to cloudfuzzer.
  • [$1000][306959] Medium CVE-2013-6659: Issue with certificates validation in TLS handshake. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco, Inria Paris.
  • [332579] Low CVE-2013-6660: Information leak in drag and drop. Credit to bishopjeffreys.
  • As usual, our ongoing internal security work responsible for a wide range of fixes:
  • [344876] Low-High CVE-2013-6661: Various fixes from internal audits, fuzzing and other initiatives. Of these, seven are fixes for issues that could have allowed for sandbox escapes from compromised renderers.

New in Google Chrome 32.0.1700.102 (Jan 27, 2014)

  • Mouse Pointer disappears after exiting full-screen mode.
  • Drag and drop files into Chrome may not work properly.
  • Quicktime Plugin crashes in Chrome.
  • Chrome becomes unresponsive.
  • Trackpad users may not be able to scroll horizontally.
  • Scrolling does not work in combo box.
  • Chrome does not work with all CSS minifiers such as whitespace around a media query's `and` keyword.
  • This update includes 14 security fixes.

New in Google Chrome 32.0.1700.77 (Jan 14, 2014)

  • Tab indicators for sound, webcam and casting
  • A different look for Win8 Metro mode
  • Automatically blocking malware files
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance
  • Flash Player has been updated to version 12.0.0.41
  • This update includes 11 security fixes

New in Google Chrome 32.0.1700.77 Beta (Jan 14, 2014)

  • This release fixes the vertical and horizontal scrolling issues (332797 and 320849). If you continue to see issues after the update please add comments to the bugs.

New in Google Chrome 33.0.1736.3 Dev (Dec 13, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 31.0.1650.63 (Dec 4, 2013)

  • CVE-2013-6634: Session fixation in sync related to 302 redirects.
  • CVE-2013-6635: Use-after-free in editing.
  • CVE-2013-6636: Address bar spoofing related to modal dialogs.
  • CVE-2013-6637: Various fixes from internal audits, fuzzing and other initiatives.
  • CVE-2013-6638: Buffer overflow in v8. This issue was fixed in v8 version 3.22.24.7.
  • CVE-2013-6639: Out of bounds write in v8. This issue was fixed in v8 version 3.22.24.7
  • CVE-2013-6640: Out of bounds read in v8. This issue was fixed in v8 version 3.22.24.7.

New in Google Chrome 32.0.1700.39 Beta (Dec 3, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 33.0.1711.3 Dev (Nov 20, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 32.0.1700.19 Beta (Nov 19, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 31.0.1650.57 (Nov 14, 2013)

  • Fixed multiple memory corruption issues.

New in Google Chrome 32.0.1700.14 Beta (Nov 13, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 31.0.1650.48 (Nov 12, 2013)

  • This update includes 25 security fixes.

New in Google Chrome 32.0.1700.6 Beta (Nov 11, 2013)

  • Tab indicators for sound, webcam and casting
  • A different look for Win8 Metro mode
  • Automatically blocking malware files
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in Google Chrome 31.0.1650.48 Beta (Nov 9, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 32.0.1685.0 Dev (Oct 29, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 31.0.1650.34 Beta (Oct 24, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 30.0.1599.114 (Oct 22, 2013)

  • This should resolve the issues with installing the 32-bit version of Chrome.

New in Google Chrome 31.0.1650.26 Beta (Oct 17, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 32.0.1671.3 Dev (Oct 16, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 30.0.1599.101 (Oct 16, 2013)

  • This update includes 5 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting:
  • [$1000][292422] High CVE-2013-2925: Use after free in XHR. Credit to Atte Kettunen of OUSPG.
  • [$2000][294456] High CVE-2013-2926: Use after free in editing. Credit to cloudfuzzer.
  • [$2000][297478] High CVE-2013-2927: Use after free in forms. Credit to cloudfuzzer.
  • As usual, our ongoing internal security work responsible for a wide range of fixes:
  • [305790] CVE-2013-2928: Various fixes from internal audits, fuzzing and other initiatives.

New in Google Chrome 31.0.1650.11 Beta (Oct 10, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 32.0.1664.3 Dev (Oct 9, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 31.0.1650.8 Beta (Oct 3, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 31.0.1650.8 Dev (Oct 2, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 30.0.1599.66 (Oct 1, 2013)

  • Easier searching by image
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in Google Chrome 30.0.1599.66 Beta (Sep 27, 2013)

  • This release fixes a few more of the new crashes in yesterday's morning's build.

New in Google Chrome 31.0.1650.4 Dev (Sep 26, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 30.0.1599.65 Beta (Sep 26, 2013)

  • This release fixes a few of the new crashes in this morning's build.

New in Google Chrome 30.0.1599.59 Beta (Sep 25, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 31.0.1650.0 Dev (Sep 25, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 29.0.1547.76 (Sep 18, 2013)

  • [278940] Canvas loses ability to render, is blank even if page reloaded
  • Other stability improvements

New in Google Chrome 30.0.1599.47 Beta (Sep 18, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 30.0.1599.37 Beta (Sep 11, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 31.0.1626.0 Dev (Sep 11, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 31.0.1622.0 Dev (Sep 6, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 30.0.1599.28 Beta (Sep 4, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 29.0.1547.65 (Sep 2, 2013)

  • This version contains a Flash update, as well as fixes an issue with Sync.

New in Google Chrome 30.0.1599.22 Beta (Aug 28, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 29.0.1547.62 (Aug 28, 2013)

  • This update fixes an issue with printing from Google Docs applications.

New in Google Chrome 31.0.1612.0 Dev (Aug 28, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 30.0.1599.14 Beta (Aug 23, 2013)

  • Easier searching by image
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in Google Chrome 29.0.1547.57 (Aug 20, 2013)

  • Improved Omnibox suggestions based on the recency sites you have visited
  • Ability to reset your profile back to its original state
  • Many new apps and extensions APIs
  • Lots of stability and performance improvements

New in Google Chrome 30.0.1599.14 Dev (Aug 20, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 29.0.1547.57 Beta (Aug 17, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 30.0.1599.10 Dev (Aug 16, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 29.0.1547.55 Beta (Aug 15, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 30.0.1599.0 Dev (Aug 14, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 29.0.1547.49 Beta (Aug 8, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 30.0.1588.0 Dev (Aug 7, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 29.0.1547.41 Beta (Aug 2, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 28.0.1500.95 (Jul 31, 2013)

  • This update includes 11 security fixes.

New in Google Chrome 30.0.1581.2 Dev (Jul 31, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 29.0.1547.32 Beta (Jul 25, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 29.0.1547.18 Dev (Jul 12, 2013)

  • This release fixes a number of crashes and other bugs.

New in Google Chrome 29.0.1547.15 Dev (Jul 9, 2013)

  • This release fixes a number of crashes, as well as other bugs.

New in Google Chrome 29.0.1547.0 Dev (Jun 26, 2013)

  • This release fixes a number of crashes, as well as other bugs.

New in Google Chrome 29.0.1541.2 Dev (Jun 19, 2013)

  • This release fixes a number of crashes, as well as other bugs.

New in Google Chrome 28.0.1500.45 (Jun 18, 2013)

  • The minimum requirements for Linux have also been updated:
  • Ubuntu 12.04+
  • Debian 7+
  • OpenSuSE 12.2+
  • Fedora Linux 17+

New in Google Chrome 29.0.1535.3 Dev (Jun 12, 2013)

  • This release fixes a number of crashes, as well as other bugs.

New in Google Chrome 29.0.1530.2 Dev (Jun 7, 2013)

  • Fixed Issue: [244090] Cached CSS file is used regardless of media type

New in Google Chrome 27.0.1453.110 (Jun 4, 2013)

  • [Windows only] High CVE-2013-2854: Bad handle passed to renderer. Credit to Collin Payne.
  • Medium CVE-2013-2855: Memory corruption in dev tools API. Credit to “daniel.zulla”.
  • High CVE-2013-2856: Use-after-free in input handling. Credit to miaubiz.
  • High CVE-2013-2857: Use-after-free in image handling. Credit to miaubiz.
  • High CVE-2013-2858: Use-after-free in HTML5 Audio. Credit to “cdel921”.
  • High CVE-2013-2859: Cross-origin namespace pollution. Credit to “bobbyholley”.
  • High CVE-2013-2860: Use-after-free with workers accessing database APIs. Credit to Collin Payne.
  • High CVE-2013-2861: Use-after-free with SVG. Credit to miaubiz.
  • High CVE-2013-2862: Memory corruption in Skia GPU handling. Credit to Atte Kettunen of OUSPG.
  • Critical CVE-2013-2863: Memory corruption in SSL socket handling. Credit to Sebastien Marchand of the Chromium development community.
  • High CVE-2013-2864: Bad free in PDF viewer. Credit to Mateusz Jurczyk, with contributions by Gynvael Coldwind, both from Google Security Team.

New in Google Chrome 29.0.1521.3 Dev (May 30, 2013)

  • This release fixes some known crashes, as well as other bugs.

New in Google Chrome 27.0.1453.93 (May 21, 2013)

  • Web pages load 5% faster on average
  • chrome.syncFileSystem API
  • Improved ranking of predictions, improved spell correction, and numerous fundamental improvements for Omnibox predictions. Please see the Help Center for more information on our updated policies.
  • This update includes the following security fixes:
  • [$1000] [235638] High CVE-2013-2837: Use-after-free in SVG. Credit to Sławomir Błażek.
  • [$500] [235311] Medium CVE-2013-2838: Out-of-bounds read in v8. Credit to Christian Holler.
  • [$1500] [230176] High CVE-2013-2839: Bad cast in clipboard handling. Credit to Jon of MWR InfoSecurity.
  • [$1000] [230117] High CVE-2013-2840: Use-after-free in media loader. Credit to Nils of MWR InfoSecurity.
  • [$1000] [227350] High CVE-2013-2841: Use-after-free in Pepper resource handling. Credit to Chamal de Silva.
  • [$2000] [226696] High CVE-2013-2842: Use-after-free in widget handling. Credit to Cyril Cattiaux.
  • [$1000] [222000] High CVE-2013-2843: Use-after-free in speech handling. Credit to Khalil Zhani.
  • [$1000] [196393] High CVE-2013-2844: Use-after-free in style resolution. Credit to Sachin Shinde (@cons0ul).
  • [$3133.7] [188092] [179522] [222136] [188092] High CVE-2013-2845: Memory safety issues in Web Audio. Credit to Atte Kettunen of OUSPG.
  • [$1000] [177620] High CVE-2013-2846: Use-after-free in media loader. Credit to Chamal de Silva.
  • [$1000] [176692] High CVE-2013-2847: Use-after-free race condition with workers. Credit to Collin Payne.
  • [$500] [176137] Medium CVE-2013-2848: Possible data extraction with XSS Auditor. Credit to Egor Homakov.
  • [171392] Low CVE-2013-2849: Possible XSS with drag+drop or copy+paste. Credit to Mario Heiderich.
  • In addition, our ongoing internal security work was as usual responsible for a wide range of fixes:
  • [241595] High CVE-2013-2836: Various fixes from internal audits, fuzzing and other initiatives.
  • This build also contains a new Adobe Flash build.

New in Google Chrome 28.0.1500.20 Dev (May 21, 2013)

  • This build addresses some known regressions and stability issues.

New in Google Chrome 28.0.1500.11 Dev (May 14, 2013)

  • This build addresses some known regressions and stability issues.

New in Google Chrome 28.0.1500.3 Dev (May 8, 2013)

  • This build addresses some known regressions and stability issues.

New in Google Chrome 28.0.1496.0 Dev (May 3, 2013)

  • This build addresses some known regressions and stability issues.

New in Google Chrome 28.0.1485.0 Dev (Apr 23, 2013)

  • This build addresses some known regressions and stability issues.

New in Google Chrome 26.0.1410.63 (Apr 9, 2013)

  • This release contains stability improvements, and a new version of Adobe Flash.

New in Google Chrome 27.0.1453.15 Beta (Apr 5, 2013)

  • Faster page loads
  • Elegant HTML5 date and time forms
  • Live audio input to Web Audio API
  • Sync FileSystem API for Chrome Apps
  • DevTools updates
  • And lots of other features for developers

New in Google Chrome 27.0.1453.12 Alpha (Apr 3, 2013)

  • This build addresses some known regressions and stability issues.

New in Google Chrome 26.0.1410.43 (Mar 27, 2013)

  • "Ask Google for suggestions" spell checking feature improvements (e.g. grammar and homonym checking)
  • Desktop shortcuts for multiple users (profiles) on Windows
  • Asynchronous DNS resolver on Mac and Linux

New in Google Chrome 26.0.1410.40 Beta (Mar 21, 2013)

  • Fixed stability crashes. [Issues: 166397, 172319, 189889, 180445]
  • Fixed sign-in issue in Incognito session. [Issue: 180183]
  • Fixed shortcut issue in enterprise. [Issue: 174465]
  • Fixed floppy drive issue. [Issue: 173953]
  • Fixed bug where extension popups would not properly receive input focus when first shown. [Issue: 122352]
  • Fixed views omnibox unfocused double-click behavior. [Issue: 165873]
  • Show strings in content settings bubble when access to cookies is allowed. [Issue: 181172]
  • Fixed recently closed multiple tabs regression. [Issue: 179697]

New in Google Chrome 26.0.1410.33 Beta (Mar 14, 2013)

  • Updated Flash to 11.6.602.180
  • Fixed Ctrl + X issue in bookmark manager. [Issue: 174613]
  • Fixed 'Your profile cannot be opened' issue on first run. [Issue: 180459]
  • Fixed stability crashes. [Issues: 142931, 178176]
  • Fixed background color for extension badges. [Issue: 177734]
  • Fixed text render issue in Adobe flash. [Issue: 164800]
  • Fixed scroll bar issue in bookmark window. [Issue: 174645]

New in Google Chrome 25.0.1364.172 (Mar 13, 2013)

  • This release contains stability improvements, and a new version of Adobe Flash.

New in Google Chrome 25.0.1364.160 (Mar 8, 2013)

  • This release contains security fixes.

New in Google Chrome 26.0.1410.28 Beta (Mar 7, 2013)

  • Updated Flash to new beta version of Flash 11.6.602.177, includes ActionScript Workers feature.
  • Fixed the way apps appear in new tab page. [Issue: 175377]
  • Fixed a crash while clicking "Install to play offline" button. [Issue: 178036]
  • Fixed prerender of a page when a original prerender was cancelled. [Issue: 178755]
  • Fixed an issue where some avatar icons are shown mirrored in tab strip. [Issue: 178397]
  • Fixed ~60% regression in Cookie.TimeLoadDBQueueWait on Mac and Windows. [Issue: 175415]
  • [Windows] Fixed a crash when installing the app launcher (and the first packaged app). [Issue: 178487]
  • [Chrome Frame] Fixed a crash when trying to process a target="_blank" link. [Issue: 178415]
  • Fixed stability crashes [Issues: 167510, 165952, 177659, 177843]

New in Google Chrome 25.0.1364.152 (Mar 5, 2013)

  • [$1000] [176882] High CVE-2013-0902: Use-after-free in frame loader. Credit to Chamal de Silva.
  • [$1000] [176252] High CVE-2013-0903: Use-after-free in browser navigation handling. Credit to “chromium.khalil”.
  • [$2000] [172926] [172331] High CVE-2013-0904: Memory corruption in Web Audio. Credit to Atte Kettunen of OUSPG.
  • [$1000] [168982] High CVE-2013-0905: Use-after-free with SVG animations. Credit to Atte Kettunen of OUSPG.
  • [174895] High CVE-2013-0906: Memory corruption in Indexed DB. Credit to Google Chrome Security Team (Jüri Aedla).
  • [174150] Medium CVE-2013-0907: Race condition in media thread handling. Credit to Andrew Scherkus of the Chromium development community.
  • [174059] Medium CVE-2013-0908: Incorrect handling of bindings for extension processes.
  • [173906] Low CVE-2013-0909: Referer leakage with XSS Auditor. Credit to Egor Homakov.
  • [172573] Medium CVE-2013-0910: Mediate renderer -> browser plug-in loads more strictly. Credit to Google Chrome Security Team (Chris Evans).
  • [172264] High CVE-2013-0911: Possible path traversal in database handling. Credit to Google Chrome Security Team (Jüri Aedla).

New in Google Chrome 27.0.1425.0 Alpha (Mar 1, 2013)

  • Facebook doesn't always render correctly. [Issue: 177520]
  • Cancel string is missing on the button from the uninstall dialog. [Issue: 178464]
  • Mac: After resizing the window, a frameless window can become draggable in the titlebar area [Issue: 159361]

New in Google Chrome 26.0.1410.19 Beta (Mar 1, 2013)

  • Fixed drop down options in the bookmark manager. [Issue: 174562]
  • Don't unpin the normal Chrome shortcut when deleting profile shortcuts. [Issue: 176642]
  • Fixed cloud print dialog issue which stays open after Print or Cancel pressed. [Issue: 176455]
  • Fixed cloud print dialog hang when user prints to virtual driver. [Issue: 170301]
  • Fixed stability crash. [Issue: 176184]
  • Fixed bookmark manager button which does not respond to selection. [Issue: 177392]
  • Fixed the size of scroll bars when using the Windows Classic theme. [Issue: 175335]
  • [Mac] Fixed the issue with omnibox which closes Chrome while typing. [Issue: 175341]
  • [Linux] Fixed audio issue. [Issue: 158478]

New in Google Chrome 27.0.1423.0 Alpha (Feb 27, 2013)

  • This build fixes several known regressions and stability issues.

New in Google Chrome 26.0.1410.12 Beta (Feb 27, 2013)

  • "Ask Google for suggestions" spell checking feature improvements (e.g. grammar and homonym checking)
  • Developer preview of app launcher on Windows
  • Forced compositing mode and threaded compositing on Mac
  • Desktop shortcuts for multiple users (profiles) on Windows
  • Updated UI styling of menus on Windows
  • Asynchronous DNS resolver on Mac and Linux

New in Google Chrome 25.0.1364.97 (Feb 22, 2013)

  • Improvements in managing and securing your extensions
  • Better support for HTML5 time/date inputs
  • JavaScript Web Speech API support
  • Better WebGL error handling
  • And lots of other features for developers

New in Google Chrome 26.0.1410.12 Alpha (Feb 22, 2013)

  • Hosted apps in Chrome will always be opened from app launcher. [Issue: 176267]
  • Added modal confirmation dialog to the enterprise profile sign-in flow. [Issue: 171236]
  • Fixed a crash with autofill. [Issue: 175454, 176576]
  • Fixed issues with sign-in. [Issue: 175672, 175819, 175541, 176190]
  • Fixed spurious profile shortcuts created with a system-level install. [Issue: 177047]
  • Fixed the background tab flashing with certain themes. [Issue: 175426]
  • [Mac] Fixed background apps dock menu. [Issue: 175113]
  • [Mac] Fixed the hang when clicking on extensions' permission link. [Issue: 175071]
  • [Linux] Fixed broken command line to create extensions with locale info. [Issue: 176187]
  • [Linux] Fixed crash after clicking through malware warning. [Issue: 173986]

New in Google Chrome 26.0.1410.10 Alpha (Feb 20, 2013)

  • Fixed cookie jar transfer regression. [Issue: 176513]
  • Fixed enable bad language translation detection reports for secure pages. [Issue: 176457]
  • [Linux] Fixed a crash while printing a pdf. [Issue: 175514]
  • Fixed crash while closing tab during tab capture. [Issue: 175275]
  • [Linux] Fixed the panel issue which does not accept keyboard input when it is minimized and expanded. [Issue: 175858]
  • Fixed issue in allowing extension permissions to be viewed from extension settings page. [Issue: 170742]
  • Fixed display of CSS3 transformed area which doesn't line up with hit-testing area. [Issue: 157961]
  • Fixed scroll bar and combo box UI issue. [Issue: 175335]
  • Fixed alternate NTP which overlap dev tools with bookmark bar. [Issue: 173205]

New in Google Chrome 26.0.1410.5 Alpha (Feb 15, 2013)

  • This build contains an instability fix in the WebCore (Issue: 175307) and the network: (Issue: 174720) components.

New in Google Chrome 25.0.1364.84 Beta (Feb 14, 2013)

  • This build contains improvements in stability and performance.

New in Google Chrome 26.0.1410.3 Alpha (Feb 13, 2013)

  • Display an info banner on the clear browsing data dialog if the browsing data was cleared within the last 24h (Issue: 164600)
  • Added possibility to history to group domains by week or month (Issue:170690)
  • Added wallpaper picker icon (Issue:168913)
  • Made wallpaper images immutable (Issue:173724)

New in Google Chrome 24.0.1312.70 (Feb 13, 2013)

  • This release contains an update to Flash (11.6.602.167). This Flash update has been pushed to Windows, Mac, and Chrome Frame platforms through component updater.

New in Google Chrome 25.0.1364.68 Beta (Feb 6, 2013)

  • This build contains improvements in stability and performance.

New in Google Chrome 26.0.1403.0 Alpha (Feb 5, 2013)

  • Introduced a different variable icon for VPN (Issue: 172317)
  • Enabled showing Google now notifications in Chrome (Issue: 164227)
  • Implemented drag URL onto Home Button to set homepage (Issue: 152210)
  • Enabled speech bubble for platform apps (Issue: 164382)
  • Added UI to printing selection with print preview (Issue: 83098)
  • Added backup URL support for safe browsing data requests (Issue: 155753)
  • Added support for Chrome's identity API (Issue: 134213)
  • Enabled showing a modal dialog (instead of a bubble) for one-click sign in confirmation window (Issue: 171330)
  • Added search token to omnibox in Mac (Issue: 163190)
  • Changed the gray omnibox suggest color to black (Issue: 172142)
  • Fixed a crash in the DXVA decoder in Chrome (Issue: 171673)
  • Fixed the hierarchy arrow for nested bookmark folders for Mac (Issue: 111101)
  • Fixed showing of the profile picture in the uber tray when user clicks (Issue: 140961)
  • Fixed bug causing tab favicon media indicator to not turn off (Issue: 171077)
  • Fixed unintended first item selection when focusing using mouse (Issue: 172283)
  • Hided action box while typing in an omnibox (Issue: 157232)
  • Hided new Autofill UI when the user moves the window (Issue: 171673)
  • Reverted the appearance of simple notifications (Issue: 172358)
  • Disabled the "Open All in Incognito window" in Context menu for invalid urls (Issue: 106609)

New in Google Chrome 26.0.1397.2 Alpha (Jan 31, 2013)

  • Media Gallery: Removed extension gallery watch count details (Issue: 144491)
  • Media Gallery: Added support for mtp device media file system on Windows (Issue: 151679)
  • Alternate ntp: implemented right-aligned search token (Issue: 163190)
  • Alternate ntp: unpinned bookmark bar in ntp (Issue: 170417)
  • Filemanager uses a smart link to the Files App help page (Issue: 139445, 170291)
  • FIx for Gracefully handling the situation of duplicate public accounts (Issue: 170538)
  • Added incoming intent page transition modifier for Android (Issue: 143118)
  • Added a mechanism to set the default handler for a URL protocol on Windows 8 (Issue: 154081)
  • Made easier to move corners of box when cropping large image in Files.app's photo editor.(Issue: 155705)
  • Fixed showing auto-enrollment-cancellation confirmation dialog (Issue: 170230)
  • Ensured that ChromeVox highlight moves out of a11y popup when it is closed (Issue: 165223)
  • Added 'dark' versions for the LTE/HSPA/GPRS icons so that we show them correctly on the network list (Issue: 169969)
  • Split Date/Time picker values from IME processing (Issue: 143540)
  • Removed the Instant checks for web contents modal dialog (Issue: 157161)
  • Brought back the file dialogs for chrome AURA (Issue: 170483)
  • Fixes for Cellular indicators (Issue: 168935, 169979)
  • Removed the NaCl SRPC proxy from Chrome (Issue: 169152)
  • Updated Task Manager looks closer to the new dialog style (Issue: 166075)
  • Fix to activate the last used profile (Issue: 150856)
  • Fixed crash when popping up speech input bubble in CF (Issue: 156688)
  • Fixed views implementation of table and tree to use the right system colors (Issue: 170368, 170370)
  • Filled unexpected gap in a IME candidate window (Issue: 149185)
  • NaCl SDK: Built a naclports bundle (linux only) ( Issue: 168693)
  • Pop up requestAutocomplete UI when autofill server hints chrome client that it is in a multipage autofill flow (Issue: 159830)
  • Implemented new Task Manager and Edit Bookmark style, etc (Issue: 166075)
  • Implemented support of InputScope for desktop (non-Metro) Chrome (Issue: 150077)

New in Google Chrome 25.0.1364.58 Beta (Jan 31, 2013)

  • [171725] Windows controls have red overlay

New in Google Chrome 24.0.1312.57 (Jan 31, 2013)

  • Mac: r177690 Fix renderer crashes when using certain IMEs. (Issue 152566)
  • Mac: r178517 Fix microphone input dropout with Pepper Flash. (Issue 168859)
  • Chrome Frame: r178591 Fix renderer exiting in certain cases when opening a new Window from Chrome Frame. (Issue 171877)

New in Google Chrome 25.0.1364.45 Beta (Jan 24, 2013)

  • This build contains improvements in stability and fixes for few other issues.

New in Google Chrome 24.0.1312.56 (Jan 23, 2013)

  • Fixed performance of mouse wheel scrolling. [Issue: 160122]
  • Fixed visited links regression. [Issue: 160025]
  • Fixed windows installation when installed as admin. [Issue: 166473]

New in Google Chrome 26.0.1386.0 Alpha (Jan 18, 2013)

  • Fixed marking notifications when opened and closed (Issue: 169388)
  • Fixed web popup menus (Issue: 166832)
  • Fixed renderer form_autofill_util changes to support Checkboxes and Radiobuttons (Issue: 157636)
  • Fixed decoding of URL in bookmark editor (Issue: 165648)
  • Added the preferences and UI to make the launcher opt-inable (Issue: 151676)
  • Added incognito visualization to items in the new app menu (Issue: 169842)
  • Renamed the magnifier names: "Full" -> "Entire screen", "Partial" -> "Lens" (Issue: 166832)
  • Enable webkit preference for Chromium to disallow unsafe plugin pasting (Issue: 112325)
  • Fixed thumbnail view on Drive (Issue 170022)
  • Fixed crash bug in BookmarkEditorView (Issue 167385)

New in Google Chrome 25.0.1364.36 Beta (Jan 17, 2013)

  • This build contains improvements in stability and fixes for few other issues.

New in Google Chrome 26.0.1384.2 Alpha (Jan 16, 2013)

  • This build contains improvements in stability and fixes for few other issues.

New in Google Chrome 25.0.1364.29 Beta (Jan 15, 2013)

  • Improvements in managing and securing your extensions
  • Continued testing of search and the new tab page
  • Better support for HTML5 time/date inputs
  • Javascript speech API support
  • Better WebGL error handling
  • And lots of other features for developers

New in Google Chrome 25.0.1364.29 Alpha (Jan 11, 2013)

  • This update contains additional stability fixes.

New in Google Chrome 24.0.1312.52 (Jan 10, 2013)

  • This is the first Stable release with support for MathML, thanks to WebKit volunteer Dave Barton. This release also contains an update to Flash (11.5.31.137) as well as improvements in speed and stability.

New in Google Chrome 25.0.1364.26 Alpha (Jan 8, 2013)

  • This update contains additional stability fixes.

New in Google Chrome 25.0.1364.5 Alpha (Dec 21, 2012)

  • This update contains stability and memory fixes.

New in Google Chrome 24.0.1312.45 Beta (Dec 20, 2012)

  • This build contains stability fixes.

New in Google Chrome 25.0.1364.2 Alpha (Dec 19, 2012)

  • This update contains additional stability fixes.

New in Google Chrome 25.0.1359.3 Alpha (Dec 14, 2012)

  • This update contains a number of stability fixes.

New in Google Chrome 24.0.1312.40 Beta (Dec 13, 2012)

  • This build contains stability fixes.

New in Google Chrome 23.0.1271.97 (Dec 11, 2012)

  • Some texts in a Website Settings popup are trimmed
  • Linux: selection renders white text on white bg in apps
  • some plugins stopped working
  • Fixed a known crash

New in Google Chrome 25.0.1354.0 Alpha (Dec 11, 2012)

  • This build includes a test of new variations of the New Tab Page for a small set of users.

New in Google Chrome 24.0.1312.36 Beta (Dec 7, 2012)

  • This build contains fixes for stability.

New in Google Chrome 24.0.1312.32 Beta (Dec 5, 2012)

  • Fixed crashes like 161858, 158747, 156878
  • Fixed graphical corruption in Dust. [Issue: 155258]
  • Fixed print preview in Windows 8 mode. [Issue: 159902]
  • Fixed scrolling issue. [Issue: 163553]

New in Google Chrome 24.0.1312.27 Beta (Nov 30, 2012)

  • Fixed random Chinese/Japanese characters that are missing in documents printed via the system print dialog on Windows XP SP3. [Issue: 128506]
  • Fixed memory leak in GPU accelerated canvas. [Issue: 160411]
  • Fixed console.log which doesn’t output jQuery objects properly. [Issue: 162570]
  • Fixed stability issues like 161854, 154483, 154462, 153376.

New in Google Chrome 23.0.1271.95 (Nov 30, 2012)

  • High CVE-2012-5138: Incorrect file path handling. Credit to Google Chrome Security Team (Jüri Aedla).
  • High CVE-2012-5137: Use-after-free in media source handling. Credit to Pinkie Pie.

New in Google Chrome 24.0.1312.25 Beta (Nov 28, 2012)

  • Fixed garbled header and footer text in print preview. [Issue: 152893]
  • Fixed extension action badges with long text. [Issue: 160069]
  • Disable find if constrained window is shown. [Issue: 156969]
  • Enable fullscreen for apps windows. [Issue: 161246]
  • Fixed broken profile with system-wide installation and UserDataDir & DiskCacheDir policy. [Issue: 161336]
  • Fixed stability crashes like 158747, 159437, 149139, 160914, 160401.

New in Google Chrome 23.0.1271.91 (Nov 27, 2012)

  • No audio from Flash content when speaker configuration is set to Quadraphonic (Issue: 159924)
  • Aw, Snap renderer crash on Windows Server 2003 (Issue: 160559)

New in Google Chrome 24.0.1312.14 Beta (Nov 15, 2012)

  • [Linux] {gtk} Fixed selection renders white text on white background in apps. (Issue: 158422)
  • [Linux] Fixed translate infobar button to show selected language. (Issue: 155350)
  • [Linux] Fixed broken Arabic language. (Issue: 158978)
  • Fixed pre-rendering if the preference is disabled at start up. (Issue: 159393)
  • Fixed JavaScript rendering issue. (Issue: 159655)

New in Google Chrome 24.0.1312.5 Beta (Nov 8, 2012)

  • This build contains a slew of awesome developer features.

New in Google Chrome 23.0.1271.64 (Nov 7, 2012)

  • [Mac OS only] [$1000] [149904] High CVE-2012-5115: Defend against wild writes in buggy graphics drivers. Credit to miaubiz.
  • [$3500] [157079] Medium CVE-2012-5127: Integer overflow leading to out-of-bounds read in WebP handling. Credit to Phil Turnbull.
  • [Linux 64-bit only] [$1500] [150729] Medium CVE-2012-5120: Out-of-bounds array access in v8. Credit to Atte Kettunen of OUSPG.
  • [$1000] [143761] High CVE-2012-5116: Use-after-free in SVG filter handling. Credit to miaubiz.
  • [Mac OS only] [$1000] [149717] High CVE-2012-5118: Integer bounds check issue in GPU command buffers. Credit to miaubiz.
  • [$1000] [154055] High CVE-2012-5121: Use-after-free in video layout. Credit to Atte Kettunen of OUSPG.
  • [145915] Low CVE-2012-5117: Inappropriate load of SVG subresource in img context. Credit to Felix Gröbert of the Google Security Team.
  • [149759] Medium CVE-2012-5119: Race condition in Pepper buffer handling. Credit to Fermin Serna of the Google Security Team.
  • [154465] Medium CVE-2012-5122: Bad cast in input handling. Credit to Google Chrome Security Team (Inferno).
  • [154590] [156826] Medium CVE-2012-5123: Out-of-bounds reads in Skia. Credit to Google Chrome Security Team (Inferno).
  • [155323] High CVE-2012-5124: Memory corruption in texture handling. Credit to Al Patrick of the Chromium development community.
  • [156051] Medium CVE-2012-5125: Use-after-free in extension tab handling. Credit to Alexander Potapenko of the Chromium development community.
  • [156366] Medium CVE-2012-5126: Use-after-free in plug-in placeholder handling. Credit to Google Chrome Security Team (Inferno).
  • [157124] High CVE-2012-5128: Bad write in v8. Credit to Google Chrome Security Team (Cris Neckar).

New in Google Chrome 24.0.1312.5 Alpha (Nov 7, 2012)

  • Fixed BrowserFrameWin artifact on opaque to glass frame changes. (Issue: 156982)
  • Fixed a crash that could occur if the user closed a tab with an uncommitted search navigation. (Issue: 158201)
  • Fixed focus issue which does not change from Omnibox to Find in Page on mouseclick. (Issue: 158562)
  • Flash Mac: Fixed escape to exit fullscreen. (Issue: 155492)
  • Fixed crash when installing an extension and the browser window goes away. (Issue: 134194)
  • Ensure sidebar links are re-enabled when a confirmation dialog is closed. (Issue: 158912)
  • Fixed old Chrome version cleanup. (Issue: 75951)
  • Fixed memory leak in Chrome Windows. (Issue: 158931)
  • Fixed F4 inside should not open calendar picker. (Issue: 158482)
  • Fixed calendar picker can flicker when opened from the suggestion picker. (Issue 158608)

New in Google Chrome 24.0.1312.2 Alpha (Nov 2, 2012)

  • Fixed getUserMedia video-only requests which should not fail if no audio input device is present. (Issue: 144421)
  • Fixed infobar prompt for Windows 8. (Issue: 158419)
  • Fixed drag and drop to install extensions. (Issue: 158499)
  • Fixed NaCl games for Windows 8. (Issue: 153368)
  • Fixed few stability issues 134175, 158745, 155653, 158377, 158660, 158703, 158176.

New in Google Chrome 23.0.1271.60 Beta (Nov 1, 2012)

  • Updated V8 - 3.13.7.5
  • Fixed Flash Camera and Microphone doesn't work (Issue: 155524)
  • Fixed Find-in-Page doesn't work properly (Issue: 156919)
  • Fixed several known top crashes

New in Google Chrome 24.0.1312.1 Alpha (Oct 31, 2012)

  • All:
  • Updated WebKit - 537.17
  • Fixed bugs related to bookmark sync and stability issues like 157365, 155871
  • Linux:
  • Fixed GPU process crash on startup if stderr cannot be closed (Issue: 152530)

New in Google Chrome 23.0.1271.52 Beta (Oct 25, 2012)

  • Fixed geolocation (Issue: 152428)
  • Fixed sync to use all datatypes when user chooses default (Issue: 154940)
  • Pepper Flash not setting local timezone (Issue: 154060)

New in Google Chrome 24.0.1305.3 Alpha (Oct 25, 2012)

  • Updated V8 - 3.14.5.0
  • Bookmarks are now searched by their title while typing into the omnibox with matching bookmarks being shown in the autocomplete suggestions pop-down list. Matching is done by prefix. Example: if there is a bookmark with a title of “Doglettes & Catlettes” typing any of the following into the omnibox will likely present the bookmark as a suggestion:: “dog”, “cat”, “cat dog”, “dog cat”, “dogle”, etc. Typing “ogle” or “lettes” will not match.
  • Fixed issues 155871, 154173, 155133.

New in Google Chrome 23.0.1271.40 Beta (Oct 18, 2012)

  • Updated V8 - 3.13.7.4
  • Fixed web spell check (Issue: 144863)

New in Google Chrome 24.0.1297.0 Alpha (Oct 17, 2012)

  • Updated V8 - 3.14.4.1
  • Updated WebKit - 537.16
  • Fixed tab character in text field when pressed Tab in a tag. (Issue: 149859)
  • Fixed omnibox suggestion: restore selection on WM_IME_ENDCOMPOSITION (Issue: 154379)
  • Fixed text that goes out of the box under Related section after an app was installed. (Issue: 154797)
  • Fixed Web Store icon (Issue: 149887)

New in Google Chrome 23.0.1271.22 Beta (Oct 11, 2012)

  • This build fixes a known top crash.

New in Google Chrome 24.0.1290.1 Alpha (Oct 10, 2012)

  • Fixed issue where clearing browse data never completes with PPAPI flash plugin disabled. [Issue: 144874]
  • Fixed issue in disabling sync for default apps. [Issue: 152582]
  • Fixed crashes 154167, 153902, 152622.

New in Google Chrome 23.0.1271.22 Beta (Oct 9, 2012)

  • This build fixes some of the known stability issues and some bugs related to Windows8, Panels, and GPU.
  • This build also has a new version of Flash with security and other fixes.

New in Google Chrome 22.0.1229.92 (Oct 9, 2012)

  • [138208] High CVE-2012-2900: Crash in Skia text rendering. Credit to Atte Kettunen of OUSPG.
  • [147499] Critical CVE-2012-5108: Race condition in audio device handling. Credit to Atte Kettunen of OUSPG.
  • [148692] Medium CVE-2012-5109: OOB read in ICU regex. Credit to Arthur Gerkis.
  • [151449] Medium CVE-2012-5110: Out-of-bounds read in compositor. Credit to Google Chrome Security Team (Inferno).
  • [151895] Low CVE-2012-5111: Plug-in crash monitoring was missing for Pepper plug-ins. Credit to Google Chrome Security Team (Chris Evans).

New in Google Chrome 23.0.1271.17 Beta (Oct 5, 2012)

  • This build fixes some of the known stability issues.

New in Google Chrome 23.0.1271.10 Beta (Oct 3, 2012)

  • Chrome 23 contains some really great improvements including better communication and media experiences.

New in Google Chrome 24.0.1284.2 Alpha (Oct 3, 2012)

  • Updated V8 - 3.13.7.1
  • Updated WebKit - 537.13
  • Fixed an issue where clearing browsing data would not complete when Pepper Flash was disabled (Issue: 144874)
  • Fixed an issue where inline disposition isn’t displaying correctly. (Issue: 145622)
  • Fixed a crash when clicking speech input. (Issue: 146689)
  • Fixed file system URLs no longer work in platform apps. (Issue: 150861)
  • Fixed a crash when opening YouTube in full screen mode. (Issue: 149821)
  • Fixed a crash when loading explicit intent service. (Issue: 150834)

New in Google Chrome 23.0.1271.6 Alpha (Sep 26, 2012)

  • Updated V8 - 3.13.7.2
  • Several fixes to forced compositing mode (Issues: 150881, 157920)
  • Fixed known crashers (Issue: 146689, and several audio ones.)
  • Fixed WebRTC audio (Issue: 150570)

New in Google Chrome 22.0.1229.79 (Sep 26, 2012)

  • Today’s Chrome Stable release advances this effort with the inclusion of the Pointer Lock JavaScript API (often called Mouse Lock). Now, 3D applications such as first-person games can allow users to control their perspective naturally with the mouse, without moving outside the window or bumping into the edge of their screen. Try it out for yourself in this 3D, first-person shooter demo created by our friends at Mozilla.
  • While games are fun, these capabilities also empower other types of applications such as medical and scientific visualization, training, simulation, modeling, authoring packages, and more. We're excited to see recent web platform technologies such as WebGL, Web Audio, Fullscreen, WebSockets, Gamepad, and Pointer Lock combine to be greater than the sum of their parts. Game developers have an excellent platform on which they can deploy rich games with all the benefits of the instant-on, auto-updating, linkable, shareable, and searchable web.
  • As always, Chrome will automatically update itself to include these latest enhancements.

New in Google Chrome 23.0.1271.1 Alpha (Sep 21, 2012)

  • Updated WebKit - 537.11
  • Fixed simultaneous audio playback is broken (Issue: 150003)
  • Fixed bug with Web Intents and non-sticky defaults (Issue: 148740)
  • Audio may drop out under certain play / pause cycles. (Issue: 150702)

New in Google Chrome 23.0.1270.0 Alpha (Sep 19, 2012)

  • Updated V8 - 3.13.7.1
  • Fixed playback of multiple audio streams with Pepper Flash, WebRTC, and WebAudio.
  • Fixed crash when attempting to play audio without a sound card or via remote desktop.
  • Media Galleries Extension API should work on all platforms, though permission format has changed.
  • Chrome will automatically check for captive portals when showing SSL interstitials or when an HTTP server responds to an HTTPS request.

New in Google Chrome 23.0.1262.0 Alpha (Sep 11, 2012)

  • All:
  • Updated V8 - 3.13.6.0
  • Updated WebKit - 537.10
  • Fix top crashes (Issue: 142388, 146606)
  • Mac:
  • Make the favicons for chrome:// URLs high DPI (Issue: 145228)
  • Linux:
  • Make the new sandbox more robust when denying socket calls.

New in Google Chrome 23.0.1255.0 Alpha (Sep 5, 2012)

  • Fixed a crash which occurred when scavenging sessionStorages. (Issue: 145068)
  • Packaged Apps can now request access to local media folders.

New in Google Chrome 21.0.1180.89 (Aug 31, 2012)

  • Several Pepper Flash fixes (Issue 140577, 144107, 140498, 142479).
  • Microphone issues with tinychat.com (Issue: 143192)
  • devtools regression with "save as" of edited source (issue: 141180)
  • mini ninjas shaders fails (Issue: 142705)
  • page randomly turns red/green gradient boxes (Issue: 110343)

New in Google Chrome 23.0.1246.0 Alpha (Aug 28, 2012)

  • Updated V8 - 3.13.3.1
  • Updated WebKit - 537.8
  • Fixed favicons not showing in tab buttons. [Issue: 144253]
  • Fixed cloud-printer being treated as local-printer problem. [Issue: 144048]

New in Google Chrome 23.0.1243.0 Alpha (Aug 24, 2012)

  • Updated V8 - 3.13.1.0
  • Updated WebKit - 537.6
  • SessionStorage is now persisted on disk; it’s stored and restored by the session restore system
  • Linux:
  • Fix GPU rendering failing on Nvidia cards if the kernel supports BPF sandboxing (Issue: 140214).

New in Google Chrome 22.0.1229.14 Beta (Aug 23, 2012)

  • Mouse Lock API availability for Javascript
  • Additional Windows 8 enhancements
  • Continued polish for users of HiDPI/Retina screens

New in Google Chrome 21.0.1180.81 (Aug 22, 2012)

  • Duplex Printing defaults to Yes, which prints extra pages even for a 1 page print out (Issue 138312).
  • Print preview takes forever on Win XP (issue: 140044)
  • Anti-DDoS inversion of logic (Issues: 141643, 141081)
  • Pepper Flash: in file uploads, treats HTTP status != 200 as failure, breaking (e.g.) uploads to Amazon S3 (Issue: 140468)
  • Projectmanager.com application causes Flash to hang (Issue: 141018)
  • Turn off TLS 1.1 in Chrome 21 Stable (Issue: 142172)
  • Setting and unsetting display:none obliterates current scroll position (issue: 140101)

New in Google Chrome 21.0.1180.81 Beta (Aug 18, 2012)

  • Duplex Printing defaults to Yes, which prints extra pages even for a 1 page print out (Issue 138312).
  • Print preview takes forever on Win XP (issue: 140044)
  • Anti-DDoS inversion of logic (Issues: 141643, 141081)
  • Pepper Flash: in file uploads, treats HTTP status != 200 as failure, breaking (e.g.) uploads to Amazon S3 (Issue: 140468)
  • Projectmanager.com application causes Flash to hang (Issue: 141018)
  • Turn off TLS 1.1 in Chrome 21 Stable (Issue: 142172)
  • An additional scroll bar appears at the right on many sites (issue: 140239)
  • Setting and unsetting display:none obliterates current scroll position (issue: 140101)

New in Google Chrome 21.0.1180.57 (Aug 1, 2012)

  • [Linux only] [125225] Medium CVE-2012-2846: Cross-process interference in renderers. Credit to Google Chrome Security Team (Julien Tinnes).
  • [127522] Low CVE-2012-2847: Missing re-prompt to user upon excessive downloads. Credit to Matt Austin of Aspect Security.
  • [127525] Medium CVE-2012-2848: Overly broad file access granted after drag+drop. Credit to Matt Austin of Aspect Security.
  • [128163] Low CVE-2012-2849: Off-by-one read in GIF decoder. Credit to Atte Kettunen of OUSPG.
  • [130251] [130592] [130611] [131068] [131237] [131252] [131621] [131690] [132860] Medium CVE-2012-2850: Various lower severity issues in the PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.
  • [132585] [132694] [132861] High CVE-2012-2851: Integer overflows in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.
  • [134028] High CVE-2012-2852: Use-after-free with bad object linkage in PDF. Credit to Alexey Samsonov of Google.
  • [134101] Medium CVE-2012-2853: webRequest can interfere with the Chrome Web Store. Credit to Trev of Adblock.
  • [134519] Low CVE-2012-2854: Leak of pointer values to WebUI renderers. Credit to Nasko Oskov of the Chromium development community.
  • [134888] High CVE-2012-2855: Use-after-free in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.
  • [134954] [135264] High CVE-2012-2856: Out-of-bounds writes in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.
  • [$1000] [136235] High CVE-2012-2857: Use-after-free in CSS DOM. Credit to Arthur Gerkis.
  • [$1000] [136894] High CVE-2012-2858: Buffer overflow in WebP decoder. Credit to Jüri Aedla.
  • [Linux only] [137541] Critical CVE-2012-2859: Crash in tab handling. Credit to Jeff Roberts of Google Security Team.
  • [137671] Medium CVE-2012-2860: Out-of-bounds access when clicking in date picker. Credit to Chamal de Silva.

New in Google Chrome 22.0.1221.0 Alpha (Jul 31, 2012)

  • This update has an updated version of V8 (3.12.16.0) along with other improvements.

New in Google Chrome 21.0.1180.57 Beta (Jul 27, 2012)

  • Fixed Youtube Drag & Drop Upload Not Working (Issue: 137024)

New in Google Chrome 21.0.1180.55 Beta (Jul 26, 2012)

  • Several crash fixes (Issues: 131310, 134574)
  • Can't press Enter to save to PDF (Issue: 137690)

New in Google Chrome 22.0.1215.0 Alpha (Jul 24, 2012)

  • This build has an update version of V8 (3.12.14.0)

New in Google Chrome 21.0.1180.49 Beta (Jul 19, 2012)

  • Several crash fixes (Issues: 134550, 129446)
  • Fixed Autofill does not work in Incognito mode (Issue: 137100)
  • Fixed Chrome never stops blocking power save features once blocked on KDE (Issue: 137538)
  • Fixed Linux users experiencing slowdown due to accessibility being turned on (Issue: 137537)

New in Google Chrome 22.0.1207.1 Alpha (Jul 17, 2012)

  • Updated V8 - 3.12.11.0
  • New-style packaged apps are enabled by default.

New in Google Chrome 21.0.1180.41 Beta (Jul 13, 2012)

  • Updated V8 - 3.11.10.14
  • Several crash fixes (Issues: 132119, 134263, 134582, 130772, 133108, 134695, 135691, 136413, 133096)
  • Fixed horizontal scrollbar flash on uber page (Issue: 129406)
  • Fixed cloud printers not showing full list (Issue: 134242)
  • Fixed profile editing on uber page (Issue: 132343)
  • Fixed buffered area disappearing while playing video (Issues: 133567, 131444)

New in Google Chrome 20.0.1132.57 (Jul 12, 2012)

  • Along with below mentioned security fixes, this build contains an update to Flash player, v8 (3.10.8.20) and couple of stability/bug fixes.

New in Google Chrome 22.0.1201.0 Alpha (Jul 10, 2012)

  • An update version of V8 (3.12.9.0)

New in Google Chrome 21.0.1180.15 Beta (Jul 9, 2012)

  • Chrome 21 contains some really great improvements including better communication and printing experiences.

New in Google Chrome 21.0.1180.15 Alpha (Jun 29, 2012)

  • This version fixes a small sync problem (Issue: 134715) and contains a fix for Mac hardware with the Intel HD 4000 graphics chip (e.g. the new Macbook Airs), in order to prevent a resource leak which is causing a kernel panic on that hardware. This is a temporary change while we work on fixing the root cause of the issue.

New in Google Chrome 20.0.1132.43 (Jun 27, 2012)

  • [118633] Low CVE-2012-2815: Leak of iframe fragment id. Credit to Elie Bursztein of Google.
  • [Windows only] [119150] [119250] High CVE-2012-2816: Prevent sandboxed processes interfering with each other. Credit to Google Chrome Security Team (Justin Schuh).
  • [$1000] [120222] High CVE-2012-2817: Use-after-free in table section handling. Credit to miaubiz.
  • [$1000] [120944] High CVE-2012-2818: Use-after-free in counter layout. Credit to miaubiz.
  • [120977] High CVE-2012-2819: Crash in texture handling. Credit to Ken “gets” Russell of the Chromium development community.
  • [121926] Medium CVE-2012-2820: Out-of-bounds read in SVG filter handling. Credit to Atte Kettunen of OUSPG.
  • [122925] Medium CVE-2012-2821: Autofill display problem. Credit to “simonbrown60”.
  • [various] Medium CVE-2012-2822: Misc. lower severity OOB read issues in PDF. Credit to awesome ASAN and various Googlers (Kostya Serebryany, Evgeniy Stepanov, Mateusz Jurczyk, Gynvael Coldwind).
  • [$1000] [124356] High CVE-2012-2823: Use-after-free in SVG resource handling. Credit to miaubiz.
  • [$1000] [125374] High CVE-2012-2824: Use-after-free in SVG painting. Credit to miaubiz.
  • [128688] Medium CVE-2012-2826: Out-of-bounds read in texture conversion. Credit to Google Chrome Security Team (Inferno).
  • [Mac only] [129826] Low CVE-2012-2827: Use-after-free in Mac UI. Credit to the Chromium development community (Dharani Govindan).
  • [129857] High CVE-2012-2828: Integer overflows in PDF. Credit to Mateusz Jurczyk of Google Security Team and Google Chrome Security Team (Chris Evans).
  • [$1000] [129947] High CVE-2012-2829: Use-after-free in first-letter handling. Credit to miaubiz.
  • [$1000] [129951] High CVE-2012-2830: Wild pointer in array value setting. Credit to miaubiz.
  • [Windows only] [130276] Low CVE-2012-2764: Unqualified load of metro DLL. Credit to Moshe Zioni of Comsec Consulting.
  • [$1000] [130356] High CVE-2012-2831: Use-after-free in SVG reference handling. Credit to miaubiz.
  • [131553] High CVE-2012-2832: Uninitialized pointer in PDF image codec. Credit to Mateusz Jurczyk of Google Security Team.
  • [132156] High CVE-2012-2833: Buffer overflow in PDF JS API. Credit to Mateusz Jurczyk of Google Security Team.
  • [$1000] [132779] High CVE-2012-2834: Integer overflow in Matroska container. Credit to Jüri Aedla.

New in Google Chrome 21.0.1180.11 Alpha (Jun 26, 2012)

  • Updated V8 - 3.11.10.12
  • Several crash fixes (Issues: 129884, 133692)

New in Google Chrome 20.0.1132.43 Beta (Jun 25, 2012)

  • This build contains stability fixes.

New in Google Chrome 20.0.1132.42 Beta (Jun 23, 2012)

  • This build contains a fix for GPU out of memory issue.

New in Google Chrome 20.0.1132.39 Beta (Jun 21, 2012)

  • This build contains only updates to v8 (3.10.8.18) and fixes for bugs and stability.

New in Google Chrome 21.0.1180.0 Alpha (Jun 20, 2012)

  • Updated V8 - 3.11.10.6
  • Content settings for Cookies now also show protected storage granted to hosted apps
  • Chromoting client plugin correctly up-scales on when page-zoom is >100%.

New in Google Chrome 20.0.1132.34 Beta (Jun 14, 2012)

  • This build contains updates to v8 (3.10.8.16) and fixes for bugs and stability.

New in Google Chrome 21.0.1171.0 Alpha (Jun 12, 2012)

  • HTML5 audio/video and WebAudio now support 24-bit PCM wave files.

New in Google Chrome 19.0.1084.56 (Jun 9, 2012)

  • This build contains a new version of Flash Player (11.3), in addition to some minor stability fixes.

New in Google Chrome 20.0.1132.27 Beta (Jun 7, 2012)

  • This build contains updates to v8 (3.10.8.13) and fixes for bugs and stability.

New in Google Chrome 21.0.1163.0 Alpha (Jun 5, 2012)

  • Updated V8 - 3.11.8.0

New in Google Chrome 20.0.1132.21 Beta (May 31, 2012)

  • This build contains updates to v8 (3.10.8.11) and fixes for bugs and stability.

New in Google Chrome 21.0.1155.2 Alpha (May 30, 2012)

  • Updated V8 - 3.11.6.2
  • Gamepad API prototype http://www.w3.org/TR/gamepad/ available by default.
  • TLS 1.1 is enabled by default.
  • Mouse Lock (Pointer Lock) no longer requires fullscreen. [r138150][r138944] Native Client applications can use this now, while the JavaScript API still requires enabling in about:flags. Try e.g. http://media.tojicode.com/q3bsp/

New in Google Chrome 19.0.1084.52 (May 24, 2012)

  • [117409] High CVE-2011-3103: Crashes in v8 garbage collection. Credit to the Chromium development community (Brett Wilson).
  • [118018] Medium CVE-2011-3104: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno).
  • [$1000] [120912] High CVE-2011-3105: Use-after-free in first-letter handling. Credit to miaubiz.
  • [122654] Critical CVE-2011-3106: Browser memory corruption with websockets over SSL. Credit to the Chromium development community (Dharani Govindan).
  • [124625] High CVE-2011-3107: Crashes in the plug-in JavaScript bindings. Credit to the Chromium development community (Dharani Govindan).
  • [$1337] [125159] Critical CVE-2011-3108: Use-after-free in browser cache. Credit to “efbiaiinzinz”.
  • [Linux only] [$1000] [126296] High CVE-2011-3109: Bad cast in GTK UI. Credit to Micha Bartholomé.
  • [126337] [126343] [126378] [127349] [127819] [127868] High CVE-2011-3110: Out of bounds writes in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
  • [$500] [126414] Medium CVE-2011-3111: Invalid read in v8. Credit to Christian Holler.
  • [127331] High CVE-2011-3112: Use-after-free with invalid encrypted PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
  • [127883] High CVE-2011-3113: Invalid cast with colorspace handling in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.
  • [128014] High CVE-2011-3114: Buffer overflows with PDF functions. Credit to Google Chrome Security Team (scarybeasts).
  • [$1000] [128018] High CVE-2011-3115: Type corruption in v8. Credit to Christian Holler.

New in Google Chrome 21.0.1145.0 Alpha (May 22, 2012)

  • Updated V8 - 3.11.3.0
  • Allow certain unused renderer processes to exit before the tab is closed. (Issue: 126333)
  • Fix password autofill to work again for Incognito windows (Issue: 117720)
  • Prevent an infinite loop inside SSLClientSocketNSS::OnSendComplete. This has been observed in Chrome OS, but could also happen on other platforms. (Issue: 127822)

New in Google Chrome 20.0.1132.11 Alpha (May 18, 2012)

  • This build contains updates to V8 (3.10.8.7) and several other fixes.

New in Google Chrome 20.0.1132.8 Alpha (May 16, 2012)

  • This build contains updates to V8 (3.10.8.5) and several other fixes.

New in Google Chrome 20.0.1132.3 Alpha (May 12, 2012)

  • This build contains update for several fixes.

New in Google Chrome 20.0.1130.1 Alpha (May 9, 2012)

  • This build contains update for V8 - 3.10.8.4 and several stability fixes.

New in Google Chrome 20.0.1123.4 Alpha (May 7, 2012)

  • This build contains fixes for rendering and stability.

New in Google Chrome 18.0.1025.168 / 19.0.1084.36 Beta / 20.0.1123.1 Alpha (May 2, 2012)

  • Updated V8 - 3.10.6.0
  • Fixed about:inducebrowsercrashforrealz (Issue: 124843)
  • [Windows] Visual refinements to the tab strip and toolbar icons, including a slightly wider new tab button (the “baby tab”) that is easier to click.
  • [Known Issues] Mouse over on apps/extensions makes place holder blank in web store. (Issue: 125777)

New in Google Chrome 18.0.1025.168 (Apr 30, 2012)

  • [106413] High CVE-2011-3078: Use after free in floats handling. Credit to Google Chrome Security Team (Marty Barbella) and independent later discovery by miaubiz.
  • [117110] High CVE-2012-1521: Use after free in xml parser. Credit to Google Chrome Security Team (SkyLined) and independent later discovery by wushi of team509 reported through iDefense VCP (V-874rcfpq7z).
  • [117627] Medium CVE-2011-3079: IPC validation failure. Credit to PinkiePie.
  • [121726] Medium CVE-2011-3080: Race condition in sandbox IPC. Credit to Willem Pinckaers of Matasano.
  • [$1000] [121899] High CVE-2011-3081: Use after free in floats handling. Credit to miaubiz.

New in Google Chrome 20.0.1115.1 Alpha (Apr 25, 2012)

  • The build contains few fixes and update to V8 (3.10.5.0).

New in Google Chrome 20.0.1105.0 Alpha (Apr 18, 2012)

  • Updated V8 - 3.10.2.1
  • Fixed issues - 121584, 122130, 122850, 123403
  • Fixed empty apps page crash. (Issue: 122214)

New in Google Chrome 19.0.1084.9 Alpha (Apr 4, 2012)

  • Updated V8 - 3.9.24.7
  • Fixed issues: 120519, 120978, 120430, 120193

New in Google Chrome 19.0.1084.1 Alpha (Mar 30, 2012)

  • Fixed issue cannot add GMail app to Chrome. [Issue: 119975]
  • Fixed theme and bookmarks bar notifications. [Issue: 117027]
  • Fixed popup prompting permission for flash plugin. [Issue: 120358]

New in Google Chrome 18.0.1025.142 (Mar 29, 2012)

  • [$500] [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in EUC-JP. Credit to Masato Kinugawa.
  • [$500] [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling. Credit to Arthur Gerkis.
  • [$500] [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment handling. Credit to miaubiz.
  • [116398] Medium CVE-2011-3061: SPDY proxy certificate checking error. Credit to Leonidas Kontothanassis of Google.
  • [116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to Mateusz Jurczyk of the Google Security Team.
  • [117417] Low CVE-2011-3063: Validate navigation requests from the renderer more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie and scarybeasts (Google Chrome Security Team).
  • [$1000] [117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to Atte Kettunen of OUSPG.
  • [$1000] [117588] High CVE-2011-3065: Memory corruption in Skia. Credit to Omair.
  • [$500] [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian Holler.

New in Google Chrome 19.0.1081.2 Alpha (Mar 29, 2012)

  • Updated V8 - 3.9.24.1
  • The Other Devices menu on the new tab page restores the navigation history when a tab is restored.
  • [Windows] Disable file: or data: downloads for security hardening.
  • [Mac] Fixed: Extension and download icons are drawn incorrectly (Issue: 118755)

New in Google Chrome 18.0.1025.140 Beta (Mar 27, 2012)

  • Fixed Font settings aren't saved on quit (Issue: 112706)
  • Fixed IME failure on specific flows with a windowless Flash (Issue: 117758)
  • Fixed Crash when creating a new tab while the previous one is still loading (Issue: 87176)
  • Fixed Drag and Drop issues (Issue: 119700)

New in Google Chrome 19.0.1077.3 Alpha (Mar 24, 2012)

  • Updated V8 - 3.9.23.0
  • Fixed dialog boxes in settings. (Issue: 118031)
  • Fixed flash videos turning white on mac when running with --disable-composited-core-animation-plugins (Issue: 117916)
  • Change to look for correctly sized favicon when multiple images are provided. (Issue: 118275)
  • Fixed issues - 116044, 117470, 117068, 117668, 118620

New in Google Chrome 17.0.963.83 (Mar 22, 2012)

  • [$1000] [113902] High CVE-2011-3050: Use-after-free with first-letter handling. Credit to miaubiz.
  • [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit to Glenn Randers-Pehrson of the libpng project.
  • [$1000] [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling. Credit to Arthur Gerkis.
  • [116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling. Credit to Ben Vanik of Google.
  • [$1000] [116746] High CVE-2011-3053: Use-after-free in block splitting. Credit to miaubiz.
  • [117418] Low CVE-2011-3054: Apply additional isolations to webui privileges. Credit to Sergey Glazunov.
  • [117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked extension installation. Credit to PinkiePie.
  • [$2000] [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”. Credit to Sergey Glazunov.
  • [$500] [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian Holler.

New in Google Chrome 18.0.1025.113 Beta (Mar 20, 2012)

  • This release changes to turns of print preview and fixes a few known crashes and memory issues. Please note that print preview will possibly be turned back on in a future release.

New in Google Chrome 18.0.1025.108 Beta (Mar 16, 2012)

  • This release changes to V8 version 3.7 and it contains fixes for a number of stability issues along with other bugs.

New in Google Chrome 18.0.1025.100 Beta (Mar 16, 2012)

  • This release turns prerendering back on and it contains fixes for a number of stability issues along with other bugs.

New in Google Chrome 19.0.1068.1 Alpha (Mar 16, 2012)

  • This build contains a fix for browser hang and increase in CPU usage.

New in Google Chrome 19.0.1068.0 Alpha (Mar 14, 2012)

  • Users of Chrome for Android who have tab sync enabled can use the “Other Devices” menu on the new tab page to open tabs from other devices.
  • Several fixes and improvements in the new Settings, Extensions, and Help pages.
  • Fixed the flashing when switched between composited and non-composited mode. [Issue: 116603]
  • Fixed stability issues 116913, 117217, 117347, 117081

New in Google Chrome 18.0.1025.56 Beta (Mar 13, 2012)

  • GPU acceleration of the Canvas 2D is now disabled by default and can be enabled in about:flags
  • We've disabled the image transport surface on Windows Vista and 7. For gpu accelerated content gpu process now renders directly to the window.
  • Core Animation plugins no longer trigger gpu accelerated compositing on the Mac.

New in Google Chrome 17.0.963.79 (Mar 10, 2012)

  • This release fixes issues with Flash games, along with the security fix listed below.

New in Google Chrome 18.0.1025.54 Beta (Mar 9, 2012)

  • Fixed Chrome install/update resets Google search preferences (Issue: 105390)
  • Don't trigger accelerated compositing on 3D CSS when using swiftshader (Issue: 116401)
  • Fixed a GPU crash (Issue: 116096)
  • More fixes for Back button frequently hangs (Issue: 93427)
  • Bastion now works (Issue: 116285)
  • Fixed Composited layer sorting irregularity with accelerated canvas (Issue: 102943)
  • Fixed Composited layer sorting irregularity with accelerated canvas (Issue: 102943)
  • Fixed Google Feedback causes render process to use too much memory (Issue: 114489)
  • Fixed after upgrade, some pages are rendered as blank (Issue: 109888)
  • Fixed Pasting text into a single-line text field shouldn't keep literal newlines (Issue: 106551)

New in Google Chrome 17.0.963.78 (Mar 9, 2012)

  • This release fixes issues with Flash games and videos, along with the security fix listed below.

New in Google Chrome 19.0.1061.1 Alpha (Mar 7, 2012)

  • Updated V8 - 3.9.13.0
  • Added remote file system support for File object by 'create-snapshot-first' approach (Issue: 115603)
  • Fixed overlap of apps in NTP when deleting and reinstalling app (Issue: 116284)
  • Fixed issues - 116174, 115309, 115858, 108239, 115399, 105054 (ChromeOS-specific)

New in Google Chrome 17.0.963.66 (Mar 7, 2012)

  • This release fixes an issue in the DOM.

New in Google Chrome 17.0.963.65 (Mar 5, 2012)

  • Cursors and backgrounds sometimes do not load (bug 111218)
  • Plugins not loading on some pages (bug 108228)
  • Text paste includes trailing spaces (bug 106551)
  • Websites using touch controls break (bug 110332)

New in Google Chrome 18.0.1025.45 Beta (Mar 1, 2012)

  • Fixed NTP signed in state is missing (Issue: 112676)
  • Fixed gmail seems to redraw itself (all white) occasionally (Issue: 111263)
  • Focus "OK" button on Javascript dialogs (Issue: 111015)
  • Fixed Back button frequently hangs (Issue: 93427)
  • Increase the buffer size to fix muted playback rate (Issue: 108239)
  • Fixed Empty span with line-height renders with non-zero height (Issue: 109811)

New in Google Chrome 19.0.1055.1 Alpha (Feb 29, 2012)

  • This build contains stability fixes and updated V8 to 3.9.11.0.

New in Google Chrome 19.0.1049.3 Alpha (Feb 24, 2012)

  • Updated V8 - 3.9.8.0
  • Marked the Certum Trusted Network CA as an issuer of extended-validation (EV) certificates.
  • Fixed importing of bookmarks, history, etc. from Firefox 10+.
  • Fixed issues - 114001, 110785, 114168, 114598, 111663, 113636, 112676

New in Google Chrome 18.0.1025.39 Beta (Feb 22, 2012)

  • Updated V8 - 3.8.9.8
  • Fixed several crashes (Issues: 111376, 108688, 114391)
  • Fixed Firefox browser in Import Bookmarks and Settings drop-down (Issue: 114476)
  • Sync: Sessions aren't associating pre-existing tabs (Issue: 113319)
  • Fixed All "Extensions" make an entry under the "NTP Apps" page (Issue: 113672)

New in Google Chrome 17.0.963.56 (Feb 16, 2012)

  • This release fixes a number of stability and security issues in Chrome, and also includes a new version of Flash.

New in Google Chrome 18.0.1025.33 Beta (Feb 16, 2012)

  • Updated V8 - 3.8.9.6
  • Fixed several crashes (Issues: 110943, 110234, 110176, 108986)
  • Sync: Conflicting sync entries should not be committed (Issue: 82236)
  • Back button frequently hangs (Issue: 93427)
  • Fixed Speech input bubble borders don't closing (Issues: 98323, 112194)
  • Improved the quality of the omnibox

New in Google Chrome 19.0.1041.0 Alpha (Feb 15, 2012)

  • Make speech input bubble borders close with the bubble [Issue: 112194]
  • Fixed stability issues [Issues: 113531, 113492, 113654, 113546, 113847, 114011]

New in Google Chrome 19.0.1036.7 Alpha (Feb 11, 2012)

  • Updated V8 - 3.9.4.0
  • Fix: open incognito windows at exit created extra normal windows when the session was restored [r120554]
  • Show spelling suggestions for misspelled words from the online spellchecker provided by Google (only after users opt into sending text to the service) (r120959).
  • When translating a page, get the code and translation via HTTPS. (r120113)

New in Google Chrome 17.0.963.46 (Feb 8, 2012)

  • New Extensions APIs
  • Updated Omnibox Prerendering
  • Download Scanning Protection
  • Many other small changes

New in Google Chrome 18.0.1025.7 Alpha (Feb 8, 2012)

  • Users can now sync NTP icons to their profile and keep their order across different instances of chrome. [Issues: 111277, 100737, 61447]
  • Pointer Lock / Mouse Lock is implemented behind a flag (see about:flags). Mac only bug fix when closing a tab. [Issue: 111860]
  • Fixed stability crashes [Issue: 112590, 112116, 111968, 110909]

New in Google Chrome 18.0.1025.3 Alpha (Feb 3, 2012)

  • Fixed URL handling of settings page. [Issue: 111900]
  • Fixed crash when unpacking extension. [Issue: 112301]
  • Fixed the case where the utility process crashes after all plugins have been loaded. [Issue: 111935]

New in Google Chrome 18.0.1025.1 Alpha (Feb 1, 2012)

  • Updated V8 - 3.8.9.0
  • Moved the ‘privacy’ extension API out of experimental (Issue: 88030)

New in Google Chrome 17.0.963.46 Beta (Jan 31, 2012)

  • This update fixes a number of stability and UI issues.

New in Google Chrome 17.0.963.44 Beta (Jan 26, 2012)

  • This update fixes a number of stability and UI issues.

New in Google Chrome 18.0.1017.2 Alpha (Jan 25, 2012)

  • Updated V8 - 3.8.7.1
  • Enable linear scaling for Chrome Remote Desktop’s scale-to-fit feature. (issue 93451)
  • Fixed popup windows issue (Issue: 106967)
  • Fixed crashes in extension binding (Issue: 110694)
  • When Strict Transport Security mandates that HTTPS certificate errors must be fatal, add a string telling the user why. (Issue: 110191)

New in Google Chrome 16.0.912.77 (Jan 24, 2012)

  • [$1000] [106484] High CVE-2011-3924: Use-after-free in DOM selections. Credit to Arthur Gerkis.
  • [$3133.7] [107182] Critical CVE-2011-3925: Use-after-free in Safe Browsing navigation. Credit to Chamal de Silva. *
  • [108461] High CVE-2011-3928: Use-after-free in DOM handling. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1415).
  • [$1000] [108605] High CVE-2011-3927: Uninitialized value in Skia. Credit to miaubiz.
  • [$1000] [109556] High CVE-2011-3926: Heap-buffer-overflow in tree builder. Credit to Arthur Gerkis.

New in Google Chrome 17.0.963.38 Beta (Jan 19, 2012)

  • This update fixes a number of stability and UI issues.

New in Google Chrome 18.0.1010.1 Alpha (Jan 18, 2012)

  • The PDF plugin now adds ‘Rotate Clockwise’ and ‘Rotate Counterclockwise’ commands to context menus, so users can more easily view documents scanned horizontally.
  • Updated the first-run bubble text and added a link to change the current search engine. (Issue: 117521)
  • Fixed HTML5 showing download bar in fullscreen mode. (Issue: 99673)

New in Google Chrome 17.0.963.33 Beta (Jan 12, 2012)

  • This update fixes a number of stability and UI issues.

New in Google Chrome 18.0.1003.1 Alpha (Jan 11, 2012)

  • Updated V8 - 3.8.4.1
  • Fixed several crashes (Issues 106869, 104046, 106989, 107574, 106891, 108687, 107171, 109002)
  • When a profile is synced, use GAIA name + GAIA photo for avatar - Use Google OAuth userinfo API to get profile information (Issue: 91241)
  • Added support for manifest_version attribute for extensions (Issue: 62897)
  • Eliminate drawing glitch on WebUI radio controls. (Issue: 105755)
  • Fixed regression with extension omnibox API where whitespace would get trimmed (Issue: 106355)
  • Fix page zoom for plug-in documents (Issues: 106013, 106228)
  • Fix race condition in extension service that causes extensions installed (Issue: 101935)
  • Folders in the wrench menu and application menu are greyed out (Issue: 109196)
  • Better error handling in audio wave out. (Issue: 108685)
  • Made URL filter for web request API mandatory (Issue: 106590)
  • Reject weak RSA and DSA keys when validating certificate chains for HTTPS; related UI (r114879, r116442, r115924)
  • Linux:
  • Native Client applications should now work on Linux systems where /dev/shm is mounted with the “noexec” option, such as Gentoo (r113228).
  • Fixed issue where Google Chrome does not start on RHEL 6 and derivative Linux distributions. (r116534)

New in Google Chrome 17.0.963.26 Beta (Jan 6, 2012)

  • New Extensions APIs
  • Updated Omnibox Prerendering
  • Download Scanning Protection
  • Many other small changes

New in Google Chrome 16.0.912.75 (Jan 6, 2012)

  • [$1000] [106672] High CVE-2011-3921: Use-after-free in animation frames. Credit to Boris Zbarsky of Mozilla.
  • [$1000] [107128] High CVE-2011-3919: Heap-buffer-overflow in libxml. Credit to Jüri Aedla.
  • [108006] High CVE-2011-3922: Stack-buffer-overflow in glyph handling. Credit to Google Chrome Security Team (Cris Neckar).

New in Google Chrome 17.0.963.26 Alpha (Jan 5, 2012)

  • Updated V8 - 3.7.12.12
  • Make webstore installs work when the Downloads folder is missing. (Issue: 108812)

New in Google Chrome 17.0.963.12 Alpha (Dec 16, 2011)

  • This release contains stability and feature improvements.

New in Google Chrome 16.0.912.63 (Dec 13, 2011)

  • Chrome 16 contains some really great improvements including enhancements to Sync and the ability to create multiple profiles on a single instance of Chrome.
  • Bugs fixed:
  • [81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to David Holloway of the Chromium development community.
  • [95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team (Inferno).
  • [$500] [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit to Aki Helin of OUSPG.
  • [$1000] [99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit to Mitja Kolsek of ACROS Security.
  • [100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to Aki Helin of OUSPG.
  • [101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property array. Credit to Google Chrome Security Team (scarybeasts) and Chu.
  • [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling. Credit to Google Chrome Security Team (Cris Neckar).
  • [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF. Credit to Google Chrome Security Team (scarybeasts) and Robert Swiecki of the Google Security Team.
  • [$1000] [102359] High CVE-2011-3912: Use-after-free in SVG filters. Credit to Arthur Gerkis.
  • [$1000] [103921] High CVE-2011-3913: Use-after-free in Range handling. Credit to Arthur Gerkis.
  • [$1000] [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling. Credit to Sławomir Błażek.
  • [$1000] [104529] High CVE-2011-3915: Buffer overflow in PDF font handling. Credit to Atte Kettunen of OUSPG.
  • [$500] [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross references. Credit to Atte Kettunen of OUSPG.
  • [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to Google Chrome Security Team (Marty Barbella).
  • [107258] High CVE-2011-3904: Use-after-free in bidi handling. Credit to Google Chrome Security Team (Inferno) and miaubiz.

New in Google Chrome 17.0.963.2 Alpha (Dec 9, 2011)

  • This release contains stability and feature improvement.

New in Google Chrome 17.0.963.0 Alpha (Dec 7, 2011)

  • Updated V8 - 3.7.12.6
  • r113121 Omnibox suggestions will now be prerendered if our confidence of the user following the suggestion is high.
  • Support for
  • Content Settings (in Options, Under the Hood) now has UI for “Mouse Cursor”, which controls the Mouse Lock API permissions.
  • r110556 Fixed a renderer crash that could happen when opening a new tab with many tabs open.
  • WebKit Issue 73056 - Small fix for BiDi selection.
  • WebKit Issue 63903 - Fixed WebKit's implementation of bdo, bdi, and output elements to match HTML5 spec section 10.3.5.

New in Google Chrome 17.0.942.0 Alpha (Nov 18, 2011)

  • Updated V8 - 3.7.7.0.
  • Fixed New Tab page apps re-ordering issue.
  • Policy support for disabling the Cloud Print Connector has been added.

New in Google Chrome 15.0.874.121 (Nov 17, 2011)

  • Updated V8 - 3.5.10.24
  • This build contains the fix to a regression: SVG in iframe doesn't use specified dimensions (Issue: 98951)

New in Google Chrome 17.0.938.0 Alpha (Nov 15, 2011)

  • Updated V8 - 3.7.6.0. This release includes the new garbage collector.

New in Google Chrome 15.0.874.120 (Nov 11, 2011)

  • Updated V8 - 3.5.10.23
  • Fix small print sizing issues (issues: 102186, 82472, 102154)
  • This new build also contains a new version of Flash which contains security fixes. (Release Notes)

New in Google Chrome 17.0.932.0 Alpha (Nov 8, 2011)

  • Fixed possible hang when using the GPU (Issue: 102214).

New in Google Chrome 17.0.928.0 Alpha (Nov 4, 2011)

  • All:
  • Updated V8 - 3.6.6.3
  • Prompt the user if they want to cancel downloads occurring when the last Incognito Window of a profile is closed.
  • Panels are enabled by default (extensions-only, “Tasky” in Web Store is one example)
  • Adjustable margins supported in Print Preview.
  • Mouse Lock “Allow” permission (given via a prompt) is now saved in content settings per domain.
  • Linux:
  • Fix the multi-profile selection bubble when using a chrome-theme [r107495]
  • Optimization work to make the GTK+ tabstrip do less redundant painting. Please report any regressions, especially with complex themes. [Issue: 100803]

New in Google Chrome 16.0.912.21 Alpha (Nov 2, 2011)

  • This release contains stability fixes.

New in Google Chrome 16.0.912.15 Alpha (Oct 28, 2011)

  • This release contains fixes for stability.

New in Google Chrome 15.0.874.106 (Oct 27, 2011)

  • This release fixes login issues to Barrons Online and The Wall Street Journal (Issue 101274).

New in Google Chrome 15.0.874.102 (Oct 26, 2011)

  • [$500] [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi Chancel.
  • [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to Jordi Chancel.
  • [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of download filenames. Credit to Marc Novak.
  • [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to Google Chrome Security Team (Tom Sepez) plus independent discovery by Juho Nurminen.
  • [94487] Medium CVE-2011-3878: Race condition in worker process initialization. Credit to miaubiz.
  • [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to Masato Kinugawa.
  • [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit to Vladimir Vorontsov, ONsec company.
  • [$12174] [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin policy violations. Credit to Sergey Glazunov.
  • [96292] High CVE-2011-3882: Use-after-free in media buffer handling. Credit to Google Chrome Security Team (Inferno).
  • [$1000] [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to miaubiz.
  • [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian Ryner of the Chromium development community.
  • [$6337] [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale style bugs leading to use-after-free. Credit to miaubiz.
  • [$2000] [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler.
  • [$1500] [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to Sergey Glazunov.
  • [$1000] [99138] High CVE-2011-3888: Use-after-free with plug-in and editing. Credit to miaubiz.
  • [$2000] [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
  • [99553] High CVE-2011-3890: Use-after-free in video source handling. Credit to Ami Fischman of the Chromium development community.
  • [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to Steven Keuchel of the Chromium development community plus independent discovery by Daniel Divricean.

New in Google Chrome 15.0.874.102 Beta (Oct 24, 2011)

  • This version includes a crash fix (75604) and a fix to crash reporting on Linux.

New in Google Chrome 16.0.912.4 Alpha (Oct 21, 2011)

  • Updated V8 - 3.6.6.5
  • Fixed stability issue in Print and Instant

New in Google Chrome 15.0.874.100 Beta (Oct 20, 2011)

  • Updated V8 - 3.5.10.22
  • Numerous buffering fixes and optimizations for HTML5 media elements. (99775, 99749, 100439)
  • Tuned the omnibox to recognize more types of inputs as intranet navigations (99131, 94806)
  • Fixed several crashes and hangs (98975, 98948, 98955, 96861)
  • Fixed Omnibox enters keyword search mode incorrectly (95454)
  • Linux:
  • Fixed partially visible toolbar in fullscreen mode (97177)

New in Google Chrome 16.0.912.0 Alpha (Oct 19, 2011)

  • Updated V8 - 3.6.6.3
  • Native Client and Pepper plug-ins will be able to go use First Person controls for games and other applications after they go full screen and lock the mouse cursor. See PPB_MouseLock::LockMouse.

New in Google Chrome 15.0.874.92 Beta (Oct 13, 2011)

  • Updated V8 - 3.5.10.17
  • Fixed crash during Print Preview (96063)
  • Fixed excessive margins in printing (92000)
  • Fixed large downloads don't show progress (94468)
  • Fixed Netflix/Silverlight error (97319)
  • Disabled acceleration for background pages (96006)
  • Restored the old bookmark menus (93674)
  • Added support for an optional "requirements" section in extension/app manifests (99241)

New in Google Chrome 15.0.874.83 Beta (Oct 7, 2011)

  • Updated V8 - 3.5.10.16
  • Only deliver extension messages to contexts that care (96544, 76571)
  • Fix scrolling of full-frame pdf docs in accelerated compositing mode (93482)

New in Google Chrome 15.0.874.81 Beta (Oct 5, 2011)

  • Updated V8 - 3.5.10.15
  • Match main window notification subscription/unsubscription in BookmarkBarController
  • Fixed a deadlock induced by this pref being set in response to bookmark sync events (97955)
  • Enable floating bookmarks bar for NTP4 for M15 beta branch (98572)

New in Google Chrome 14.0.835.202 (Oct 5, 2011)

  • [$1000] [93788] High CVE-2011-2876: Use-after-free in text line box handling. Credit to miaubiz.
  • [$1000] [95072] High CVE-2011-2877: Stale font in SVG text handling. Credit to miaubiz.
  • [$2000] [95671] High CVE-2011-2878: Inappropriate cross-origin access to the window prototype. Credit to Sergey Glazunov.
  • [96150] High CVE-2011-2879: Lifetime and threading issues in audio node handling. Credit to Google Chrome Security Team (Inferno).
  • [$4500] [97451] [97520] [97615] High CVE-2011-2880: Use-after-free in the v8 bindings. Credit to Sergey Glazunov.
  • [$1500] [97784] High CVE-2011-2881: Memory corruption with v8 hidden objects. Credit to Sergey Glazunov.
  • [98089] Critical CVE-2011-3873: Memory corruption in shader translator. Credit to Zhenyao Mo of the Chromium development community.

New in Google Chrome 16.0.899.0 Alpha (Oct 4, 2011)

  • Updated V8 - 3.6.4.1
  • FTP: fixed compatibility issue with ftp.comconlink.co.za, issue 98212
  • HTML5 audio uses faster method of communications between host and renderer, thus reducing lag for Javascript objects; should be most noticeable in games, issue 61022
  • Fixed many known stability issues.
  • Fixed compile error with Heimdal, r103369

New in Google Chrome 15.0.874.54 Beta (Sep 30, 2011)

  • Updated V8 - 3.5.10.14
  • Notification promos work with New Tab Page (Issue: 93201)

New in Google Chrome 16.0.891.0 Alpha (Sep 27, 2011)

  • Linux: Enabled Native Client for 32-bit Linux and also addresses a performance issue for Native Client on Intel Atom CPUs. [Issue: 92964], [nativeclient: 480]
  • Linux: Fixed fetching proxy settings on Gnome 3 systems when glib2-dev package is not installed. [Issue: 91744]
  • All: Fixed many known stability issues.

New in Google Chrome 15.0.874.24 Beta (Sep 23, 2011)

  • A brand new New Tab Page
  • Javascript Fullscreen API is now enabled by default
  • Chrome Web Store items can now be installed inline by their verified site (more information for developers can be found here.)
  • Omnibox History is now an additional sync data type

New in Google Chrome 16.0.889.0 Alpha (Sep 23, 2011)

  • Updated V8 - 3.6.4.0
  • FTP: fixed compatibility with servers which send 451 response for CWD command. (Issue 96401)
  • Windows and Mac: Enabled multi-users (multi-profiles) by default.
  • Fixed many known stability issues.

New in Google Chrome 15.0.874.21 Alpha (Sep 21, 2011)

  • Fixed a bug that caused a crash if you tried to use the speech input keystroke (Ctrl+Shift+Period) on a (non-speech-enabled) textarea.
  • Fixed many known stability issues.

New in Google Chrome 14.0.835.186 (Sep 21, 2011)

  • This release includes an update to Flash Player that addresses a zero-day vulnerability.

New in Google Chrome 15.0.874.15 Alpha (Sep 19, 2011)

  • Pepper flash 11.0.31.105
  • Netflix plugin 1.2.4
  • Fix several functionality and stability issues

New in Google Chrome 14.0.835.163 (Sep 16, 2011)

  • [49377] High CVE-2011-2835: Race condition in the certificate cache. Credit to Ryan Sleevi of the Chromium development community.
  • [51464] Low CVE-2011-2836: Infobar the Windows Media Player plug-in to avoid click-free access to the system Flash. Credit to electronixtar.
  • [Linux only] [57908] Low CVE-2011-2837: Use PIC / pie compiler flags. Credit to wbrana.
  • [75070] Low CVE-2011-2838: Treat MIME type more authoritatively when loading plug-ins. Credit to Michal Zalewski of the Google Security Team.
  • [76771] High CVE-2011-2839: Crash in v8 script object wrappers. Credit to Kostya Serebryany of the Chromium development community.
  • [78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with unusual user interaction. Credit to kuzzcc.
  • [$500] [78639] High CVE-2011-2841: Garbage collection error in PDF. Credit to Mario Gomes.
  • [Mac only] [80680] Low CVE-2011-2842: Insecure lock file handling in the Mac installer. Credit to Aaron Sigel of vtty.com.
  • [82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers. Credit to Kostya Serebryany of the Chromium development community.
  • [85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files. Credit to Mario Gomes.
  • [$1000] [89219] High CVE-2011-2846: Use-after-free in unload event handling. Credit to Arthur Gerkis.
  • [$1000] [89330] High CVE-2011-2847: Use-after-free in document loader. Credit to miaubiz.
  • [$500] [89564] Medium CVE-2011-2848: URL bar spoof with forward button. Credit to Jordi Chancel.
  • [89795] Low CVE-2011-2849: Browser NULL pointer crash with WebSockets. Credit to Arthur Gerkis.
  • [$500] [89991] Medium CVE-2011-3234: Out-of-bounds read in box handling. Credit to miaubiz.
  • [90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer characters. Credit to miaubiz.
  • [90173] Medium CVE-2011-2851: Out-of-bounds read in video handling. Credit to Google Chrome Security Team (Inferno).
  • [$500] [91120] High CVE-2011-2852: Off-by-one in v8. Credit to Christian Holler.
  • [91197] High CVE-2011-2853: Use-after-free in plug-in handling. Credit to Google Chrome Security Team (SkyLined).
  • [$1000] [92651] [94800] High CVE-2011-2854: Use-after-free in ruby / table style handing. Credit to Sławomir Błażek, and independent later discoveries by miaubiz and Google Chrome Security Team (Inferno).
  • [$1000] [92959] High CVE-2011-2855: Stale node in stylesheet handling. Credit to Arthur Gerkis.
  • [$2000] [93416] High CVE-2011-2856: Cross-origin bypass in v8. Credit to Daniel Divricean.
  • [$1000] [93420] High CVE-2011-2857: Use-after-free in focus controller. Credit to miaubiz.
  • [$1000] [93472] High CVE-2011-2834: Double free in libxml XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
  • [93497] Medium CVE-2011-2859: Incorrect permissions assigned to non-gallery pages. Credit to Bernhard ‘Bruhns’ Brehm of Recurity Labs.
  • [$1000] [93587] High CVE-2011-2860: Use-after-free in table style handling. Credit to miaubiz.
  • [93596] Medium CVE-2011-2861: Bad string read in PDF. Credit to Aki Helin of OUSPG.
  • [$2337] [93906] High CVE-2011-2862: Unintended access to v8 built-in objects. Credit to Sergey Glazunov.
  • [95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan characters. Credit to Google Chrome Security Team (Inferno).
  • [95625] Medium CVE-2011-2858: Out-of-bounds read with triangle arrays. Credit to Google Chrome Security Team (Inferno).
  • [95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a session. Credit to Nishant Yadant of VMware and Craig Chamberlain (@randomuserid).
  • [$1000] [95920] High CVE-2011-2875: Type confusion in v8 object sealing. Credit to Christian Holler.

New in Google Chrome 15.0.874.15 Alpha (Sep 16, 2011)

  • Updated V8 3.5.10.9
  • JavaScript fullscreen API now enabled by default.
  • Bug fixes and visual improvements for the New Tab Page.
  • Fixed many known stability issues.
  • Known Issue: Linux-only: Chrome crashes with Ctrl+P. [Issue: 96734]

New in Google Chrome 14.0.835.163 Beta (Sep 15, 2011)

  • This release re-enables the enhanced completion functionality and takes some additional stability patches.

New in Google Chrome 15.0.874.12 Alpha (Sep 14, 2011)

  • Updated V8 3.5.10.7
  • Print preview issues with self-closing popups have been fixed.
  • Fixed many known stability issues.

New in Google Chrome 14.0.835.126 Beta (Sep 2, 2011)

  • This release has disabled accelerated 2D canvas for Windows, along with other stability fixes.

New in Google Chrome 14.0.835.124 Beta (Sep 1, 2011)

  • This release contains fixes for a number of plugin stability issues and other bugs.

New in Google Chrome 13.0.782.218 (Aug 31, 2011)

  • These releases contain an updated version of the Adobe Flash Player.

New in Google Chrome 14.0.835.122 Beta (Aug 31, 2011)

  • This release contains fixes for a number of stability issues along with other bugs, and an updated version of Adobe Flash Player.

New in Google Chrome 15.0.865.0 Alpha (Aug 30, 2011)

  • Updated V8 3.5.8.0
  • r98474: Fixed some downloads crashers occurring due to over-aggressive consistency checks.
  • Print Preview is working once again.
  • Fixed issue where turning on sync encryption could remove bookmark titles.

New in Google Chrome 15.0.861.0 Alpha (Aug 25, 2011)

  • Updated V8 3.5.7.0
  • Fixes a blank popup issue for extensions (Issue: 92669).
  • Fixes being unable to close tabs by clicking the ‘x’ button on the tab (Issue: 92771).

New in Google Chrome 14.0.835.109 Beta (Aug 24, 2011)

  • This release contains fixes for a number of stability issues along with other bugs.

New in Google Chrome 13.0.782.215 (Aug 23, 2011)

  • [$1000] [Windows only] [72492] Medium CVE-2011-2822: URL parsing confusion on the command line. Credit to Vladimir Vorontsov, ONsec company.
  • [82552] High CVE-2011-2823: Use-after-free in line box handling. Credit to Google Chrome Security Team (SkyLined) and independent later discovery by miaubiz.
  • [$1000] [88216] High CVE-2011-2824: Use-after-free with counter nodes. Credit to miaubiz.
  • [88670] High CVE-2011-2825: Use-after-free with custom fonts. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1283), plus indepdendent later discovery by miaubiz.
  • [$1000] [89402] High CVE-2011-2821: Double free in libxml XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
  • [$1000] [87453] High CVE-2011-2826: Cross-origin violation with empty origins. Credit to Sergey Glazunov.
  • [$1337] [Windows only] [89836] Critical CVE-2011-2806: Memory corruption in vertex handing. Credit to Michael Braithwaite of Turbulenz Limited.
  • [$1000] [90668] High CVE-2011-2827: Use-after-free in text searching. Credit to miaubiz.
  • [91517] High CVE-2011-2828: Out-of-bounds write in v8. Credit to Google Chrome Security Team (SkyLined).
  • [$1500] [32-bit only] [91598] High CVE-2011-2829: Integer overflow in uniform arrays. Credit to Sergey Glazunov.
  • [$1000] [Linux only] [91665] High CVE-2011-2839: Buggy memset() in PDF. Credit to Aki Helin of OUSPG.

New in Google Chrome 15.0.854.0 Alpha (Aug 17, 2011)

  • Updated V8 3.5.5.0
  • [r96420] Fixed uninstalls for forced install extensions [Issue 86519]
  • Fixed many known stability issues
  • [r96518] Fixed import success message when user cancels the import [Issue 88947]

New in Google Chrome 14.0.835.94 Beta (Aug 16, 2011)

  • This release contains fixes for a number of stability issues along with other bugs.

New in Google Chrome 15.0.849.0 Alpha (Aug 12, 2011)

  • Updated V8 3.5.2.0
  • [r96275] FTP: added directory listing parser for OS/2 format, Issue 92154
  • [r96073] FTP: fix directory listing parsing for Hylafax, Issue 90807
  • Large speed improvement for print preview
  • This release also contains fixes for many known stability issues.

New in Google Chrome 14.0.835.35 Alpha (Aug 11, 2011)

  • This release contains an updated version of full screen mode for Mac OS X Lion, along with fixes for a number of stability issues on Lion and other platforms.

New in Google Chrome 14.0.835.29 Alpha (Aug 9, 2011)

  • This release contains fixes for a number of issues, along with increased stability on Mac OS X Lion.

New in Google Chrome 13.0.782.107 (Aug 3, 2011)

  • [75821] Medium CVE-2011-2358: Always confirm an extension install via a browser dialog. Credit to Sergey Glazunov.
  • [$1000 each] [78841] High CVE-2011-2359: Stale pointer due to bad line box tracking in rendering. Credit to miaubiz and Martin Barbella.
  • [79266] Low CVE-2011-2360: Potential bypass of dangerous file prompt. Credit to kuzzcc.
  • [79426] Low CVE-2011-2361: Improve designation of strings in the basic auth dialog. Credit to kuzzcc.
  • [Linux only] [81307] Medium CVE-2011-2782: File permissions error with drag and drop. Credit to Evan Martin of the Chromium development community.
  • [83273] Medium CVE-2011-2783: Always confirm a developer mode NPAPI extension install via a browser dialog. Credit to Sergey Glazunov.
  • [83841] Low CVE-2011-2784: Local file path disclosure via GL program log. Credit to kuzzcc.
  • [84402] Low CVE-2011-2785: Sanitize the homepage URL in extensions. Credit to kuzzcc.
  • [84600] Low CVE-2011-2786: Make sure the speech input bubble is always on-screen. Credit to Olli Pettay of Mozilla.
  • [84805] Medium CVE-2011-2787: Browser crash due to GPU lock re-entrancy issue. Credit to kuzzcc.
  • [85559] Low CVE-2011-2788: Buffer overflow in inspector serialization. Credit to Mikołaj Małecki.
  • [$500 each] [85808] Medium CVE-2011-2789: Use after free in Pepper plug-in instantiation. Credit to Mario Gomes and kuzzcc.
  • [$1000] [86502] High CVE-2011-2790: Use-after-free with floating styles. Credit to miaubiz.
  • [$1000] [86900] High CVE-2011-2791: Out-of-bounds write in ICU. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
  • [$1000] [87148] High CVE-2011-2792: Use-after-free with float removal. Credit to miaubiz.
  • [$1000] [87227] High CVE-2011-2793: Use-after-free in media selectors. Credit to miaubiz.
  • [$500] [87298] Medium CVE-2011-2794: Out-of-bounds read in text iteration. Credit to miaubiz.
  • [$500] [87339] Medium CVE-2011-2795: Cross-frame function leak. Credit to Shih Wei-Long.
  • [87548] High CVE-2011-2796: Use-after-free in Skia. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community.
  • [$1000] [87729] High CVE-2011-2797: Use-after-free in resource caching. Credit to miaubiz.
  • [87815] Low CVE-2011-2798: Prevent a couple of internal schemes from being web accessible. Credit to sirdarckcat of the Google Security Team.
  • [$1000] [87925] High CVE-2011-2799: Use-after-free in HTML range handling. Credit to miaubiz.
  • [$500] [88337] Medium CVE-2011-2800: Leak of client-side redirect target. Credit to Juho Nurminen.
  • [$1000] [88591] High CVE-2011-2802: v8 crash with const lookups. Credit to Christian Holler.
  • [88827] Medium CVE-2011-2803: Out-of-bounds read in Skia paths. Credit to Google Chrome Security Team (Inferno).
  • [$1000] [88846] High CVE-2011-2801: Use-after-free in frame loader. Credit to miaubiz.
  • [$1000] [88889] High CVE-2011-2818: Use-after-free in display box rendering. Credit to Martin Barbella.
  • [$500] [89142] High CVE-2011-2804: PDF crash with nested functions. Credit to Aki Helin of OUSPG.
  • [$1500] [89520] High CVE-2011-2805: Cross-origin script injection. Credit to Sergey Glazunov.
  • [$1500] [90222] High CVE-2011-2819: Cross-origin violation in base URI handling. Credit to Sergey Glazunov.

New in Google Chrome 14.0.835.15 Alpha (Aug 2, 2011)

  • This release contains fixes for sync and stability.

New in Google Chrome 14.0.835.8 Alpha (Jul 29, 2011)

  • Updated V8 - 3.4.14.2
  • [r94125] Unable to open PDF files (bug 90535)

New in Google Chrome 14.0.835.0 Alpha (Jul 27, 2011)

  • Updated V8 - 3.4.13.0
  • Implemented WebSocket HyBi 10 handshake and framing.

New in Google Chrome 14.0.825.0 Alpha (Jul 19, 2011)

  • Updated V8 - 3.4.12.1

New in Google Chrome 14.0.814.0 Alpha (Jul 12, 2011)

  • Updated V8 - 3.4.7.0

New in Google Chrome 12.0.742.112 (Jun 29, 2011)

  • [77493] Medium CVE-2011-2345: Out-of-bounds read in NPAPI string handling. Credit to Philippe Arteau.
  • [84355] High CVE-2011-2346: Use-after-free in SVG font handling. Credit to miaubiz.
  • [85003] High CVE-2011-2347: Memory corruption in CSS parsing. Credit to miaubiz.
  • [85102] High CVE-2011-2350: Lifetime and re-entrancy issues in the HTML parser. Credit to miaubiz.
  • [85177] High CVE-2011-2348: Bad bounds check in v8. Credit to Aki Helin of OUSPG.
  • [85211] High CVE-2011-2351: Use-after-free with SVG use element. Credit to miaubiz.
  • [85418] High CVE-2011-2349: Use-after-free in text selection. Credit to miaubiz.

New in Google Chrome 14.0.803.0 Alpha (Jun 28, 2011)

  • Updated V8 - 3.4.6.2
  • [r90216] Change the meaning of third-party cookie blocking to allow whitelists (Issue 82039)
  • [r90417] Remove the Global Bookmarks menu by default on Ubuntu Natty, in an attempt to fix minute long startup regression on desktop environments that use dbusmenu. (Issue 86715)

New in Google Chrome 14.0.797.0 Alpha (Jun 21, 2011)

  • Updated V8 - 3.4.4.0
  • Print workflow: Chrome Frame displays both Print Dialog and Print Preview (Issue: 86226)
  • Crash when canceling print (Issue: 86229)
  • Mouse back and forward buttons stopped working (Issue: 84836)

New in Google Chrome 14.0.794.0 Alpha (Jun 17, 2011)

  • All:
  • Updated V8 - 3.4.3.0
  • When installing items from the chrome webstore, we now always prompt with a native confirmation dialog.
  • Fix for failing navigation with chrome://newtab showing.
  • Linux:
  • Added a makeshift multiprofile button.
  • Security:
  • DNSSEC authenticated HTTPS supported.
  • Intermittent connectivity issues with broken SSLv3 servers fixed.

New in Google Chrome 13.0.782.24 Alpha (Jun 16, 2011)

  • This release contains a number of stability fixes and the Flash update.

New in Google Chrome 12.0.742.100 (Jun 15, 2011)

  • This release contains an updated version of Adobe Flash

New in Google Chrome 13.0.782.20 Alpha (Jun 14, 2011)

  • This release contains a number of stability fixes and we put hardware accelerated Canvas 2D back behind a flag.

New in Google Chrome 13.0.782.15 Alpha (Jun 10, 2011)

  • This release contains a number of stability fixes.

New in Google Chrome 13.0.782.13 Alpha (Jun 9, 2011)

  • This release contains a number of UI tweaks and stabilities fixes.

New in Google Chrome 12.0.742.91 (Jun 8, 2011)

  • Hardware accelerated 3D CSS
  • New Safe Browsing protection against downloading malicious files
  • Ability to delete Flash cookies from inside Chrome
  • Launch Apps by name from the Omnibox
  • Integrated Sync into new settings pages
  • Improved screen reader support
  • New warning when hitting Command-Q on Mac
  • Removal of Google Gears

New in Google Chrome 13.0.782.11 Alpha (Jun 8, 2011)

  • This release contains a number of UI tweaks and stabilities fixes.

New in Google Chrome 12.0.742.91 Beta (Jun 7, 2011)

  • This release contains additional stability fixes.

New in Google Chrome 13.0.782.10 Alpha (Jun 6, 2011)

  • This release contains an updated version of Adobe Flash.

New in Google Chrome 12.0.742.77 Beta (Jun 3, 2011)

  • This release contains a small number of UI updates and performance fixes

New in Google Chrome 13.0.782.1 Alpha (Jun 2, 2011)

  • Print preview refinements
  • IndexedDB+LevelDB made available in about:flags
  • Canvas 2D moved out from behind a flag (on by default)

New in Google Chrome 12.0.742.68 Beta (May 26, 2011)

  • This release contains a small number of UI updates and performance fixes.

New in Google Chrome 11.0.696.71 (May 25, 2011)

  • Low CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De Silva.
  • [82546] High CVE-2011-1804: Stale pointer in floats rendering. Credit to Martin Barbella.
  • [82873] Critical CVE-2011-1806: Memory corruption in GPU command buffer. Credit to Google Chrome Security Team (Cris Neckar).
  • [82903] Critical CVE-2011-1807: Out-of-bounds write in blob handling. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community.
  • The following bugs were fixed:
  • REGRESSION: selection extended by arrow keys flickers on LinkedIn.com. (Issue 83197).
  • Have ConnectBackupJob try IPv4 first to hide potential long IPv6 connect timeout (Issue 81686).
  • Mac plugin crashes are too low in stats (Issue 82172).
  • Incorrect ACLs on the archived copy of setup.exe (Issue 82424)

New in Google Chrome 13.0.772.0 Alpha (May 24, 2011)

  • Updated V8 - 3.3.8.1
  • Continued work on Print Preview
  • Making progress on rel:preload
  • Crash fixes

New in Google Chrome 12.0.742.60 Beta (May 19, 2011)

  • This release contains a number of UI tweaks and performance fixes.

New in Google Chrome 13.0.767.1 Alpha (May 18, 2011)

  • All:
  • Print preview work continues
  • Omnibox string matching improvements
  • Linux:
  • We are discontinuing support for Ubuntu Hardy for 13.0, in effect matching that Ubuntu has officially stopped supporting Hardy (including stopping security updates) as of May 12th, 2011.

New in Google Chrome 12.0.742.53 Beta (May 16, 2011)

  • This release contains a number of UI tweaks and performance fixes.

New in Google Chrome 11.0.696.68 (May 16, 2011)

  • [64046] High CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit to Google Chrome Security Team (SkyLined).
  • [80608] High CVE-2011-1800: Integer overflows in SVG filters. Credit to Google Chrome Security Team (Cris Neckar)

New in Google Chrome 11.0.696.68 (May 13, 2011)

  • [64046] High CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit to Google Chrome Security Team (SkyLined).
  • [80608] High CVE-2011-1800: Integer overflows in SVG filters. Credit to Google Chrome Security Team (Cris Neckar).

New in Google Chrome 12.0.742.30 Beta (May 10, 2011)

  • Hardware accelerated 3D CSS
  • New Safe Browsing protection against downloading malicious files
  • Ability to delete Flash cookies from inside Chrome
  • Launch Apps by name from the Omnibox
  • Integrated Sync into new settings pages
  • Improved screen reader support
  • New warning when hitting Command-Q on Mac
  • Removal of Google Gears

New in Google Chrome 12.0.742.30 Alpha (May 9, 2011)

  • This release contains an updated version of Flash.

New in Google Chrome 11.0.696.65 (May 9, 2011)

  • After deleting bookmarks on the Bookmark managers, the bookmark bar doesn't display properly with existing bookmarks. (Issue 80580).
  • About Google Chrome window shows unknown channel for 11.0.696.57 (Issue 80683).
  • Chrome/Mac seems to clobber focus when uploading attachments to Gmail with the flash-based uploader (Issue 77172).
  • Also included is an updated version of Flash Player 10.2.

New in Google Chrome 12.0.742.21 Alpha (May 6, 2011)

  • This release contains fixes for a number of UI, performance, and stability issues. It also contains an update for Mac [bug 80602] that fixes garbage being displayed when the accelerated compositor was active. This primarily affected 3D CSS transforms and WebGL content.

New in Google Chrome 12.0.742.16 Alpha (May 3, 2011)

  • This release continues to address UI and performance issues.

New in Google Chrome 11.0.696.57 (Apr 27, 2011)

  • [61502] High CVE-2011-1303: Stale pointer in floating object handling. Credit to Scott Hess of the Chromium development community and Martin Barbella.
  • [70538] Low CVE-2011-1304: Pop-up block bypass via plug-ins. Credit to Chamal De Silva.
  • [Linux / Mac only] [70589] Medium CVE-2011-1305: Linked-list race in database handling. Credit to Kostya Serebryany of the Chromium development community.
  • [$500] [71586] Medium CVE-2011-1434: Lack of thread safety in MIME handling. Credit to Aki Helin.
  • [72523] Medium CVE-2011-1435: Bad extension with ‘tabs’ permission can capture local files. Credit to Cole Snodgrass.
  • [Linux only] [72910] Low CVE-2011-1436: Possible browser crash due to bad interaction with X. Credit to miaubiz.
  • [$1000] [73526] High CVE-2011-1437: Integer overflows in float rendering. Credit to miaubiz.
  • [$1000] [74653] High CVE-2011-1438: Same origin policy violation with blobs. Credit to kuzzcc.
  • [Linux only] [74763] High CVE-2011-1439: Prevent interference between renderer processes. Credit to Julien Tinnes of the Google Security Team.
  • [$1000] [75186] High CVE-2011-1440: Use-after-free with tag and CSS. Credit to Jose A. Vazquez.
  • [$500] [75347] High CVE-2011-1441: Bad cast with floating select lists. Credit to Michael Griffiths.
  • [$1000] [75801] High CVE-2011-1442: Corrupt node trees with mutation events. Credit to Sergey Glazunov and wushi of team 509.
  • [$1000] [76001] High CVE-2011-1443: Stale pointers in layering code. Credit to Martin Barbella.
  • [$500] [Linux only] [76542] High CVE-2011-1444: Race condition in sandbox launcher. Credit to Dan Rosenberg.
  • [76646] Medium CVE-2011-1445: Out-of-bounds read in SVG. Credit to wushi of team509.
  • [$3000] [76666] [77507] [78031] High CVE-2011-1446: Possible URL bar spoofs with navigation errors and interrupted loads. Credit to kuzzcc.
  • [$1000] [76966] High CVE-2011-1447: Stale pointer in drop-down list handling. Credit to miaubiz.
  • [$1000] [77130] High CVE-2011-1448: Stale pointer in height calculations. Credit to wushi of team509.
  • [$1000] [77346] High CVE-2011-1449: Use-after-free in WebSockets. Credit to Marek Majkowski.
  • [77349] Low CVE-2011-1450: Dangling pointers in file dialogs. Credit to kuzzcc.
  • [$2000] [77463] High CVE-2011-1451: Dangling pointers in DOM id map. Credit to Sergey Glazunov.
  • [$500] [77786] Medium CVE-2011-1452: URL bar spoof with redirect and manual reload. Credit to Jordi Chancel.
  • [$1500] [79199] High CVE-2011-1454: Use-after-free in DOM id handling. Credit to Sergey Glazunov.
  • [79361] Medium CVE-2011-1455: Out-of-bounds read with multipart-encoded PDF. Credit to Eric Roman of the Chromium development community.
  • [79364] High CVE-2011-1456: Stale pointers with PDF forms. Credit to Eric Roman of the Chromium development community.

New in Google Chrome 11.0.696.57 Beta (Apr 27, 2011)

  • REGRESSION: left property broken with position:fixed elements in RTL documents. (Issue 80216).
  • REGRESSION: Bottom of window Border is drawn 1 Pixel Higher than it should be (Issue 79640).
  • REGRESSION: Chromium window goes beyond the screen for non-Aero themes (Issue 80391).

New in Google Chrome 12.0.742.0 Alpha (Apr 21, 2011)

  • This release contains stability and performance fixes.

New in Google Chrome 11.0.696.48 Beta (Apr 15, 2011)

  • This release contains a new version of Adobe Flash which includes a fix for security vulnerability.

New in Google Chrome 10.0.648.205 (Apr 15, 2011)

  • Critical CVE-2011-1301: Use-after-free in the GPU process. Credit to Google Chrome Security Team (Inferno).
  • Critical CVE-2011-1302: Heap overflow in the GPU process. Credit to Christoph Diehl.

New in Google Chrome 11.0.696.43 Beta (Apr 13, 2011)

  • Passwords sync: passwords sync commits after EVERY browser restart (Issue 78548).
  • Autofill fails to fill forms (Issue 78509).
  • A few known crashes (Issue 78688, Issue 68350, Issue 77665, Issue 74585, Issue 76092, Issue 77219 and Issue 77447).
  • Redirect to my site without CFInstall.js (Issue 60018).
  • Update Silverlight v3 version metadata (Issue 78005).
  • Blocked plug-in dialog: make sure "Run this time" button is the first one (Issue 78120).
  • Policy: Proxy configuration over policy does not work. (Issue 78016).
  • Editing style adds the word "initial" for any property value that uses a paren (Issue 75302).
  • Google Chrome Helper doesn't quit, killing it relaunches a new helper process (Issue 74983).

New in Google Chrome 12.0.733.0 Alpha (Apr 13, 2011)

  • This release contains updates focused on stability and UI tweaks.

New in Google Chrome 12.0.725.0 Alpha (Apr 6, 2011)

  • Updated V8 - 3.2.6.0
  • Spring cleaning in the code, lots of code cleanup and refactoring under the covers

New in Google Chrome 11.0.696.34 Beta (Apr 5, 2011)

  • Duplicate desktop icon is created using First Run UI even if it's present (Issue 5073).
  • FLACEncoder::Encode has mismatched free (Issue 77653).
  • Switch from using Speex to FLAC for speech input requests (Issue 61677).
  • Chrome hangs on form submit with lots of stored Autofill profiles (Issue 75862).
  • Browser crash if tab is closed while page is being downloaded (Issue 76963).

New in Google Chrome 11.0.696.25 Beta (Mar 29, 2011)

  • cloud print: Error running service on the headless machine (Issue 76991).
  • sync: Not registering for NIGORI data types (Issue 76268).
  • A known crash (Issue 76998 ).
  • REGRESSION: img of extensions not displayed in chrome://extensions within an incognito window (Issue 74905).
  • Cloud policy fetch loop upon POLICY_NOT_FOUND answer from the server (Issue 77232).
  • Token fetcher doesn't correctly enter unmanaged state (Issue 77185).
  • Memory Leak in ChromeFrame in the AutomationResourceMessageFilter::SetCookiesForUrl function (Issue 77421).
  • REGRESSION: Arrows not showing up on tabstrip while dropping links (Issue 74764).
  • Java: Direct users to the right download page (Issue 76634).
  • add es-419, fr-Foo and en-Foo and zh_HK/zh_Hant_HK to Accept-Language list(Issue 62715).

New in Google Chrome 12.0.712.0 Alpha (Mar 25, 2011)

  • Updated V8 - 3.2.3.1
  • Tab Multi-Select - The ability to select multiple tabs, using the ctrl key, and applying actions (e.g. reload) to them all.

New in Google Chrome 10.0.648.204 (Mar 25, 2011)

  • High CVE-2011-1291: Buffer error in base string handling. Credit to Alex Turpin.
  • High CVE-2011-1292: Use-after-free in the frame loader. Credit to Sławomir Błażek.
  • High CVE-2011-1293: Use-after-free in HTMLCollection. Credit to Sergey Glazunov.
  • High CVE-2011-1294: Stale pointer in CSS handling. Credit to Sergey Glazunov.
  • High CVE-2011-1295: DOM tree corruption with broken node parentage. Credit to Sergey Glazunov.
  • High CVE-2011-1296: Stale pointer in SVG text handling. Credit to Sergey Glazunov.

New in Google Chrome 11.0.696.16 Beta (Mar 23, 2011)

  • HTML5 speech input API
  • GPU-accelerated 3D CSS
  • The brand new shiny Chrome icon

New in Google Chrome 11.0.696.16 Alpha (Mar 22, 2011)

  • clicking on the labels of checkboxes / radio buttons closes content settings dialog box (Issue 76115).
  • Unlock Keyring makes chrome unusable (Issue 72499 ).
  • Sample extension for chrome.experimental.proxy API (Issue 62700 ).
  • Several known crashes (Issue 76401 and Issue 75264 ).

New in Google Chrome 11.0.696.14 Alpha (Mar 18, 2011)

  • about:gpu can still launch GPU process even though GPU is blocked by software rendering list (Issue 76115).
  • REGRESSION: After crash, Restore infobar shows up everytime you open a link from external app (Issue 75654 ).
  • App context-menu doesn't disappear even after uninstalling the extension, causes crash when selected (Issue 75662).
  • A known crash (Issue 74777).
  • Fails SPDY-related check (Issue 77893).

New in Google Chrome 10.0.648.151 (Mar 18, 2011)

  • This release blacklists a small number of HTTPS certificates.

New in Google Chrome 11.0.696.12 Alpha (Mar 16, 2011)

  • New York Times Chrome app crashes on the Chorme Dev Channel (Issue 75563).
  • Sync login dlg is truncated (Issue 72490 ).
  • Status bar / target URL not shown when hovering over links(Issue 75268).
  • Several known crashes (Issues 75171 and 75443 and 75828).
  • Bookmark focus is not lost when moved away from the bookmark bar (Issue 75367).
  • Tooltips from browser tabs are persisting for too long (Issue 75334 ).
  • Content settings updates don't reflect the current Incognito session(Issue 74466).
  • NewTabPage is not updating when a new theme is applied (Issue 74311).
  • Fixed download requests in chrome frame which occur in response to top level POSTs (Issue 73985 ).
  • Chrome locks up on form submit, constantly duplicating autofill settings to blame(Issue 74911).

New in Google Chrome 10.0.648.134 (Mar 16, 2011)

  • This release contains an updated version of the Adobe Flash player.

New in Google Chrome 10.0.648.133 (Mar 13, 2011)

  • CVE-2011-1290 [75712] High Memory corruption in style handling. Credit to Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers reported through ZDI.

New in Google Chrome 11.0.696.3 Alpha (Mar 11, 2011)

  • Can not select omnibox auto suggested entries by clicking at it (Issue 75366).
  • Linux: "Behavior " string is not externalized on the Exceptions page(Issue 74080).
  • Chromium not loading some plugins (Issue 75351).
  • POST omits body after NTLM authentication (Issue 62687).

New in Google Chrome 10.0.648.127 (Mar 9, 2011)

  • New version of V8 - Crankshaft - which greatly improves javascript performance
  • New settings pages that open in a tab, rather than a dialog box
  • Improved security with malware reporting and disabling outdated plugins by default
  • Sandboxed Adobe Flash on Windows
  • Password sync as part of Chrome Sync now enabled by default
  • GPU Accelerated Video
  • Background WebApps
  • webNavigation extension API

New in Google Chrome 11.0.696.0 Alpha (Mar 9, 2011)

  • All:
  • Updated V8 - 3.2.0.1
  • New “cookies and other data” page in tabbed settings (Issue 64154).
  • Known Issues:
  • Regression: Can not select omnibox auto suggested entries by clicking at it (Issue 75366)
  • REGRESSION: Bookmark focus is not lost when moved away from the bookmark bar (Issue 75367)

New in Google Chrome 10.0.648.127 Beta (Mar 4, 2011)

  • [Bug 74709] Clicking "Disable individual plug-ins" in Options causes crash

New in Google Chrome 10.0.648.126 Beta (Mar 3, 2011)

  • [Bug 74709] Clicking "Disable individual plug-ins" in Options causes crash

New in Google Chrome 9.0.597.107 (Mar 1, 2011)

  • [54262] High URL bar spoof. Credit to Jordi Chancel.
  • [63732] High Crash with javascript dialogs. Credit to Sergey Radchenko.
  • [68263] High Stylesheet node stale pointer. Credit to Sergey Glazunov.
  • [68741] High Stale pointer with key frame rule. Credit to Sergey Glazunov.
  • [70078] High Crash with forms controls. Credit to Stefan van Zanden.
  • [70244] High Crash in SVG rendering. Credit to Sławomir Błażek.
  • [64-bit Linux only] [70376] Medium Out-of-bounds read in pickle deserialization. Credit to Evgeniy Stepanov of the Chromium development community.
  • [71114] High Stale node in table handling. Credit to Martin Barbella.
  • [71115] High Stale pointer in table rendering. Credit to Martin Barbella.
  • [71296] High Stale pointer in SVG animations. Credit to miaubiz.
  • [71386] High Stale nodes in XHTML. Credit to wushi of team509.
  • [71388] High Crash in textarea handling. Credit to wushi of team509.
  • [71595] High Stale pointer in device orientation. Credit to Sergey Glazunov.
  • Medium Out-of-bounds read in WebGL. Credit to miaubiz.
  • [71855] High Integer overflow in textarea handling. Credit to miaubiz.
  • Medium Out-of-bounds read in WebGL. Credit to Google Chrome Security Team (Inferno).
  • [] High Accidental exposure of internal extension functions. Credit to Tavis Ormandy of the Google Security Team.
  • [72437] High Use-after-free with blocked plug-ins. Credit to Chamal de Silva.
  • [73235] High Stale pointer in layout. Credit to Martin Barbella.

New in Google Chrome 10.0.648.114 Beta (Feb 24, 2011)

  • This release contains stability improvements and UI tweaks.

New in Google Chrome 10.0.648.82 Beta (Feb 18, 2011)

  • New version of V8 - Crankshaft - which greatly improves javascript performance
  • New settings pages that open in a tab, rather than a dialog box
  • Improved security with malware reporting and disabling outdated plugins by default
  • Password sync as part of Chrome Sync now enabled by default
  • GPU Accelerated Video
  • Background WebApps
  • webNavigation extension API

New in Google Chrome 11.0.672.2 Alpha (Feb 18, 2011)

  • Updated V8 - 3.1.4.0
  • Fixed the crash when loading tabbed options in some cases.
  • Fixed a crash triggered when canceling a download. (Issue 70592)
  • Fixed a crash triggered by form resubmissions. (Issue 70315)
  • FTP: fixed a compatibility issue. (Issue 70394)
  • XSS Auditor re-designed and enabled by default. It’s still experimental (and there are known bypasses), but we’re looking for feedback about false positives.

New in Google Chrome 10.0.648.82 Alpha (Feb 17, 2011)

  • This release primarily contains stability fixes from the last dev channel.

New in Google Chrome 10.0.648.45 Alpha (Feb 9, 2011)

  • Updated V8 - 3.0.12.12
  • Update Flash - 10.2
  • Many Crash fixes
  • Background applications UI cleanup
  • Additional settings UI cleanup
  • Fix for differential installers not applying cleanly
  • [r74051] Horizontal scroll should not move the options behind Settings. (Issue 71689)
  • [r74060] No sound in extension with Chromium (Issue 57263)

New in Google Chrome 9.0.597.94 (Feb 9, 2011)

  • [67234] High Stale pointer in animation event handling. Credit to Rik Cabanier.
  • [$1000] [68120] High Use-after-free in SVG font faces. Credit to miaubiz.
  • [$1000] [69556] High Stale pointer with anonymous block handling. Credit to Martin Barbella.
  • [69970] Medium Out-of-bounds read in plug-in handling. Credit to Bill Budge of Google.
  • [$1000] [70456] Medium Possible failure to terminate process on out-of-memory condition. Credit to David Warren of CERT/CC.

New in Google Chrome 10.0.648.18 Alpha (Feb 4, 2011)

  • Updated V8 - 3.0.12.8
  • [73562] Removed icon from View Background Pages menu item in wrench menu. (Issue: 71489)
  • [r73158] Fix crash on closing Download Manager (Issue: 71027)
  • [r73207] Auto-scroll while drag and dropping apps on the New Tab Page (Issue: 70965)
  • webNavigation extension API ready for testing (Issue: 60100)
  • [r73163] Find bug where web text input would sometimes trigger find-in-page (Issue: 70644)

New in Google Chrome 9.0.597.84 (Feb 4, 2011)

  • [$1000] [55831] High Use-after-free in image loading. Credit to Aki Helin of OUSPG.
  • [59081] Low Apply some restrictions to cross-origin drag + drop. Credit to Google Chrome Security Team (SkyLined) and the Google Security Team (Michal Zalewski, David Bloom).
  • [62791] Low Browser crash with extension with missing key. Credit to Brian Kirchoff.
  • [$1000] [64051] High Crashing when printing in PDF event handler. Credit to Aki Helin of OUSPG.
  • [65669] Low Handle merging of autofill profiles more gracefully. Credit to Google Chrome Security Team (Inferno).
  • [Mac only] [66931] Low Work around a crash in the Mac OS 10.5 SSL libraries. Credit to Dan Morrison.
  • [68244] Low Browser crash with bad volume setting. Credit to Matthew Heidermann.
  • [69195] Critical Race condition in audio handling. Credit to the gamers of Reddit!

New in Google Chrome 10.0.648.6 Alpha (Jan 27, 2011)

  • This build primarily contains stability fixes from the previous dev channel release.

New in Google Chrome 9.0.597.83 Beta (Jan 26, 2011)

  • This is primarily a stability/ minor bug fix release.

New in Google Chrome 10.0.642.2 Alpha (Jan 21, 2011)

  • All:
  • Updated V8 - 3.0.7.0
  • Many polish changes and fixes for the new tabbed preferences dialog
  • Several tweaks to Instant
  • [r71435] Integrate about:sync with the new tabbed preference dialog (Issue: 69500)
  • [r71519] Add “Save” and “Print” to the context menu of PDFs in frames (Issue: 50285)
  • Linux:
  • [r71203] Fix crash on some distributions when accessing GNOME Keyring (Issue: 69295)

New in Google Chrome 9.0.597.67 Beta (Jan 19, 2011)

  • Due to stability issues Flash Player sandboxing has been put behind a flag for 9.0. Accelerated composting and WebGL will remain on. The remaining set of changes for this release constituted bug and stability fixes.

New in Google Chrome 8.0.552.237 (Jan 13, 2011)

  • [58053] Medium Browser crash in extensions notification handling. Credit to Eric Roman of the Chromium development community.
  • [$1337] [65764] High Bad pointer handling in node iteration. Credit to Sergey Glazunov.
  • [66334] High Crashes when printing multi-page PDFs. Credit to Google Chrome Security Team (Chris Evans).
  • [$1000] [66560] High Stale pointer with CSS + canvas. Credit to Sergey Glazunov.
  • [$500] [66748] High Stale pointer with CSS + cursors. Credit to Jan Tošovský.
  • [67100] High Use after free in PDF page handling. Credit to Google Chrome Security Team (Chris Evans).
  • [$1000] [67208] High Stack corruption after PDF out-of-memory condition. Credit to Jared Allar of CERT.
  • [$1000] [67303] High Bad memory access with mismatched video frame sizes. Credit to Aki Helin of OUSPG; plus independent discovery by Google Chrome Security Team (SkyLined) and David Warren of CERT.
  • [$500] [67363] High Stale pointer with SVG use element. Credited anonymously; plus indepdent discovery by miaubiz.
  • [$1000] [67393] Medium Uninitialized pointer in the browser triggered by rogue extension. Credit to kuzzcc.
  • [$1000] [68115] High Vorbis decoder buffer overflows. Credit to David Warren of CERT.
  • [$1000] [68170] High Buffer overflow in PDF shading. Credit to Aki Helin of OUSPG.
  • [$1000] [68178] High Bad cast in anchor handling. Credit to Sergey Glazunov.
  • [$1000] [68181] High Bad cast in video handling. Credit to Sergey Glazunov.
  • [$1000] [68439] High Stale rendering node after DOM node removal. Credit to Martin Barbella; plus independent discovery by Google Chrome Security Team (SkyLined).
  • [$3133.7] [68666] Critical Stale pointer in speech handling. Credit to Sergey Glazunov.

New in Google Chrome 10.0.634.0 Alpha (Jan 12, 2011)

  • Updated V8 - 3.0.6.1
  • Chrome no longer says "restart required" when there's no update (Issue 67478)

New in Google Chrome 9.0.597.45 Beta (Jan 7, 2011)

  • Flash Player sandboxing has been restored, and accelerated composting and WebGL have been moved behind flags temporarily: --enable-accelerated-compositing and --enable-webgl respectively.

New in Google Chrome 10.0.628.0 Alpha (Jan 6, 2011)

  • Updated V8 - 3.0.4.1
  • Updated WebKit - 534.16
  • Eliminated crash on shutdown after “Clear All Downloads” (Issue 66676)

New in Google Chrome 10.0.612.1 Alpha (Dec 17, 2010)

  • Updated V8 - 3.0.2.1
  • Updated WebKit - 534.15

New in Google Chrome 8.0.552.224 (Dec 14, 2010)

  • [64-bit Linux only] [56449] High Bad validation for message deserialization on 64-bit builds. Credit to Lei Zhang of the Chromium development community.
  • [60761] Medium Bad extension can cause browser crash in tab handling. Credit to kuzzcc.
  • [63529] Low Browser crash with NULL pointer in web worker handling. Credit to Nathan Weizenbaum of Google.
  • [$1000] [63866] Medium Out-of-bounds read in CSS parsing. Credit to Chris Rohlf.
  • [$1000] [64959] High Stale pointers in cursor handling. Credit to Sławomir Błażek and Sergey Glazunov.

New in Google Chrome 9.0.597.19 Alpha (Dec 14, 2010)

  • This was primarily a crash fix release, in particular resolving a sync related crash issue (Issue: 57898).

New in Google Chrome 8.0.552.215 (Dec 3, 2010)

  • [17655] Low Possible pop-up blocker bypass. Credit to Google Chrome Security Team (SkyLined).
  • [55745] Medium Cross-origin video theft with canvas. Credit to Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR).
  • [56237] Low Browser crash with HTML5 databases. Credit to Google Chrome Security Team (Inferno).
  • [58319] Low Prevent excessive file dialogs, possibly leading to browser crash. Credit to Cezary Tomczak (gosu.pl).
  • [$500] [59554] High Use after free in history handling. Credit to Stefan Troger.
  • [Linux / Mac] [59817] Medium Make sure the “dangerous file types” list is uptodate with the Windows platforms. Credit to Billy Rios of the Google Security Team.
  • [61701] Low Browser crash with HTTP proxy authentication. Credit to Mohammed Bouhlel.
  • [61653] Medium Out-of-bounds read regression in WebM video support. Credit to Google Chrome Security Team (Chris Evans), based on earlier testcases from Mozilla and Microsoft (MSVR).
  • [$1000] [62127] High Crash due to bad indexing with malformed video. Credit to miaubiz.
  • [62168] Medium Possible browser memory corruption via malicious privileged extension. Credit to kuzzcc.
  • [$1000] [62401] High Use after free with SVG animations. Credit to Sławomir Błażek.
  • [$500] [63051] Medium Use after free in mouse dragging event handling. Credit to kuzzcc.
  • [$1000] [63444] High Double free in XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.

New in Google Chrome 9.0.597.0 Alpha (Dec 2, 2010)

  • Ongoing work on IndexDB and GPU
  • Tweaks/Fixes to Google Chrome Instant
  • Extensions/Apps work
  • Autofill related fixes

New in Google Chrome 8.0.552.208 Beta (Nov 19, 2010)

  • This release contains a number of stability and UI improvements.

New in Google Chrome 9.0.587.0 Alpha (Nov 19, 2010)

  • GPU Related Fixes
  • Crash Fixes
  • Instant Fixes
  • [r65953] Move click-to-play to about:flags. (Issue: 62091)

New in Google Chrome 8.0.552.200 Beta (Nov 12, 2010)

  • This release contains a number of stability and UI improvements.

New in Google Chrome 9.0.576.0 Alpha (Nov 10, 2010)

  • All:
  • Typing on a form with highlighted profile, keeps its highlighted value. (Issue 58774)
  • Handle selection changes due to AutoFill more carefully. (Issue 58774)
  • Autofill popup labels should reflect the contents of the HTML form. (Issue 58887)
  • Linux:
  • Port SSLClientSocketNSS to use Windows CryptoAPI for SSL client authentication. (Issue 37560)

New in Google Chrome 9.0.570.1 (Nov 5, 2010)

  • This release contains a new version of Flash

New in Google Chrome 7.0.517.44 (Nov 4, 2010)

  • [51602] High Use-after-free in text editing. Credit to David Bloom of the Google Security Team, Google Chrome Security Team (Inferno) and Google Chrome Security Team (Cris Neckar).
  • [$1000] [55257] High Memory corruption with enormous text area. Credit to wushi of team509.
  • [$1000] [58657] High Bad cast with the SVG use element. Credit to the kuzzcc.
  • [$1000] [58731] High Invalid memory read in XPath handling. Credit to Bui Quang Minh from Bkis (www.bkis.com).
  • [$500] [58741] High Use-after-free in text control selections. Credit to “vkouchna”.
  • [$1000] [Linux only] [59320] High Integer overflows in font handling. Credit to Aki Helin of OUSPG.
  • [$1000] [60055] High Memory corruption in libvpx. Credit to Christoph Diehl.
  • [$500] [60238] High Bad use of destroyed frame object. Credit to various developers, including “gundlach”.
  • [$500] [60327] [60769] [61255] High Type confusions with event objects. Credit to “fam.lam” and Google Chrome Security Team (Inferno).
  • [$1000] [60688] High Out-of-bounds array access in SVG handling. Credit to wushi of team509.

New in Google Chrome 9.0.570.0 (Nov 3, 2010)

  • Fix incorrect border colors in incognito mode. (Issue 52815)
  • Security:
  • Require a user gesture when opening file choose dialog and make sure file choose dialog from invisible windows can not be displayed (Issue 58319)
  • Known Issues:
  • REGRESSION: Windows media player for Firefox doesn't load - Issue 61603
  • Regression:accelerated compositing slows down the whole machine - Issue 61520
  • google.com/wave : "Page Unresponsive" dailog box appears - Issue 61533
  • myspace.com : Cannot enter a character in Comments field - Issue 61513

New in Google Chrome 8.0.552.23 Alpha (Nov 1, 2010)

  • Various fixes for browser sign-in
  • [r64308] Fix importing from Firefox on first run on Mac when it’s the default browser. (Issue 61112)
  • Disable accelerated 2D canvas

New in Google Chrome 8.0.552.18 Alpha (Oct 27, 2010)

  • This release addresses a number of stability and polish issues found in the previous release.

New in Google Chrome 8.0.552.11 Alpha (Oct 22, 2010)

  • about:labs moved to about:flags
  • New Tab Page cleanup
  • Various Chrome Frame fixes for non-en-US locales

New in Google Chrome 7.0.517.41 (Oct 20, 2010)

  • Hundreds of bug fixes
  • An updated HTML5 parser
  • File API
  • Directory upload via input tag

New in Google Chrome 7.0.517.36 Beta (Oct 8, 2010)

  • The majority of fixes in this release were related to stability and polish. Of particular note, we also landed fixes for NTLM authentication and restored the ability to hide the most visited sites on the new tab page.

New in Google Chrome 7.0.517.24 Alpha (Sep 29, 2010)

  • This release focused on resolving minor bug fixes or crashes.

New in Google Chrome 7.0.517.17 Alpha (Sep 27, 2010)

  • This release focused on resolving minor bug fixes or crashes.

New in Google Chrome 6.0.472.63 (Sep 23, 2010)

  • This version contains a fix in V8 for direct loading of global function prototypes [V8 r5483].

New in Google Chrome 6.0.472.62 (Sep 20, 2010)

  • High Bad cast with malformed SVG. Credit to wushi of team 509.
  • Critical Buffer mismanagement in the SPDY protocol. Credit to Ron Ten-Hove of Google.
  • High Cross-origin property pollution. Credit to Stefano Di Paola of MindedSecurity.

New in Google Chrome 7.0.517.8 Alpha (Sep 17, 2010)

  • This release focused on resolving minor bug fixes or crashes.

New in Google Chrome 7.0.517.0 Alpha (Sep 9, 2010)

  • about:labs (Issue: 53399)
  • Fewer wstrings in the bookmark code!
  • Problems visiting http://localhost in various network configurations should be resolved (Issues: 42058, 49024, 32522).
  • [r58011] [[email protected]] [OS-LINUX] Issue 29333 - use_system_xml causes many sites to fail to load
  • Remove libxml hack that is not needed after we rolled in the WebKit fix (Issue: 29333)
  • [r58449] Fix default browser selection on KDE 4 on many RPM-based distributions. (Issue 33842)

New in Google Chrome 6.0.472.55 (Sep 8, 2010)

  • [r58038] [r58039] Failures when using autocomplete (issue 51727, 52940)
  • [r58106] Default search engine settings wiped out (issue 10913)
  • Shift reload not working (issue 1906)

New in Google Chrome 6.0.472.53 (Sep 2, 2010)

  • [34414] Low Pop-up blocker bypass with blank frame target. Credit to Google Chrome Security Team (Inferno) and “ironfist99”.
  • [37201] Medium URL bar visual spoofing with homographic sequences. Credit to Chris Weber of Casaba Security.
  • [41654] Medium Apply more restrictions on setting clipboard content. Credit to Brook Novak.
  • [45659] High Stale pointer with SVG filters. Credit to Tavis Ormandy of the Google Security Team.
  • [45876] Medium Possible installed extension enumeration. Credit to Lostmon.
  • [46750] [51846] Low Browser NULL crash with WebSockets. Credit to Google Chrome Security Team (SkyLined), Google Chrome Security Team (Justin Schuh) and Keith Campbell.
  • [$1000] [50386] High Use-after-free in Notifications presenter. Credit to Sergey Glazunov.
  • [50839] High Notification permissions memory corruption. Credit to Michal Zalewski of the Google Security Team and Google Chrome Security Team (SkyLined).
  • [$1337] [51630] [51739] High Integer errors in WebSockets. Credit to Keith Campbell and Google Chrome Security Team (Cris Neckar).
  • [$500] [51653] High Memory corruption with counter nodes. Credit to kuzzcc.
  • [51727] Low Avoid storing excessive autocomplete entries. Credit to Google Chrome Security Team (Inferno).
  • [52443] High Stale pointer in focus handling. Credit to VUPEN Vulnerability Research Team (VUPEN-SR-2010-249).
  • [$1000] [52682] High Sandbox parameter deserialization error. Credit to Ashutosh Mehra and Vineet Batra of the Adobe Reader Sandbox Team.
  • [$500] [53001] Medium Cross-origin image theft. Credit to Isaac Dawson.

New in Google Chrome 7.0.503.0 Alpha (Aug 26, 2010)

  • [r56615] IP addresses typed into the omnibox now work when offline. (Issue: 39830)
  • Many stability fixes

New in Google Chrome 5.0.375.127 (Aug 20, 2010)

  • [$1337] [45400] Critical Memory corruption with file dialog. Credit to Sergey Glazunov.
  • [$500] [49596] High Memory corruption with SVGs. Credit to wushi of team509.
  • [$500] [49628] High Bad cast with text editing. Credit to wushi of team509.
  • [$1000] [49964] High Possible address bar spoofing with history bug. Credit to Mike Taylor.
  • [$2000] [50515] [51835] High Memory corruption in MIME type handling. Credit to Sergey Glazunov.
  • [$1337] [50553] Critical Crash on shutdown due to notifications bug. Credit to Sergey Glazunov.
  • [51146] Medium Stop omnibox autosuggest if the user might be about to type a password. Credit to Robert Hansen.
  • [$1000] [51654] High Memory corruption with Ruby support. Credit to kuzzcc.
  • [$1000] [51670] High Memory corruption with Geolocation support. Credit to kuzzcc.

New in Google Chrome 6.0.495.0 Alpha (Aug 18, 2010)

  • [r55669] Fixed some minor issues with css custom cursor rendering (Issue: 51709)
  • Re-enable the link to disable individual plug-ins in a group. (Issue: 51597)
  • [r55596] Fixed playback rate for WebM/VP8 on certain content. (Issue: 51014)

New in Google Chrome 6.0.472.36 Beta (Aug 17, 2010)

  • All:
  • More UI Polish
  • Stability Fixes
  • [r55562] Re-enable the link to disable individual plug-ins in a group. (Issue: 51597)
  • Chrome Frame:
  • [r55941] Fix Chrome Frame upgrade from old to new beta. (Issue: 51620)

New in Google Chrome 6.0.490.1 Beta (Aug 14, 2010)

  • All:
  • Late binding enabled for SSL sockets: High priority SSL requests are now always sent to the server first.
  • Fixed focus problems with restoring from minimize (Issue 48917)
  • Fixed Cannot add an address properly in the "AutoFill options" dialog box (Issue 50047)
  • Several fixes and checks relating to syncing extensions (Issue 46516, Issue 49346, Issue 46516, Issue 49346, Issue 50567)
  • Click-to-play is now behind the --enable-click-to-play command line switch.
  • Fixed several issues with click-to-play (Issue 49686, Issue 49836)
  • Linux:
  • Fixed broken thumbnail images in new tab window (Issue 48066)

New in Google Chrome 5.0.375.126 (Aug 11, 2010)

  • This version contains an updated version of the Flash plugin.

New in Google Chrome 6.0.472.25 Alpha (Aug 9, 2010)

  • UI Updates
  • Stability Fixes

New in Google Chrome 6.0.472.22 Alpha (Aug 5, 2010)

  • UI Updates
  • Stability Fixes
  • (Issue 49493) Fix some problems with SSL connections through HTTP proxies.

New in Google Chrome 6.0.472.14 Alpha (Aug 2, 2010)

  • UI tweaks and clean up
  • Additional stability fixes
  • PDF Plugin does not load - Issue 49702

New in Google Chrome 6.0.472.11 Alpha (Jul 29, 2010)

  • UI tweaks and clean up
  • Additional stability fixes

New in Google Chrome 5.0.375.125 (Jul 27, 2010)

  • Security fixes and rewards:
  • Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
  • Aside from the listed security bugs fixed in Chromium, we have also deployed workarounds for two critical vulnerabilities where the root cause lies in external components. Credit and $1337 to Marc Schoenefeld for enabling us to work around a Windows kernel bug [48283]. Credit and $1337 to Simon Berry-Byrne for enabling us to work around a glibc bug [48733].
  • [$500] [42736] Medium Memory contents disclosure in layout code. Credit to Michail Nikolaev.
  • [$500] [43813] High Issue with large canvases. Credit to sp3x of SecurityReason.com.
  • [$500] [47866] High Memory corruption in rendering code. Credit to Jose A. Vazquez.
  • [$500] [48284] High Memory corruption in SVG handling. Credit to Aki Helin of OUSPG.
  • [48597] Low Avoid hostname truncation and incorrect eliding. Credit to Google Chrome Security Team (Inferno).

New in Google Chrome 6.0.472.0 Alpha (Jul 22, 2010)

  • [r52790] Chromium stops saving files for any large downloads (Issue 49216)
  • [r52693] Fix crash with SSL client auth (Issue 49197)
  • [r52850] Option clicking a link now saves a resource directly without triggering a “Save As...” dialog (Issue 36775)
  • Linux:
  • [r52507] Fixed tab dragging glitches with newer GDEs (Issue 48774)
  • [r52729] Access GNOME Keyring on the main thread to fix a crash for some users (Issue 48343)
  • Known Issues:
  • PDF plugin does not load on Linux (Issue 49702)

New in Google Chrome 6.0.466.0 Alpha (Jul 16, 2010)

  • Late binding enabled for SSL sockets: High priority SSL requests are now always sent to the server first.
  • The extension api “chrome.idle” has moved out of experimental and now has its own permission: “idle”.
  • Flickering favicons on Ubuntu Maverick should be fixed. (There are other graphical glitches, but those also appear in other apps, so that appears to not be our bug.)
  • Content settings window now uses a list instead of tabs.
  • Remove unnecessary MIMEType field from application shortcuts.

New in Google Chrome 6.0.458.1 Alpha (Jul 12, 2010)

  • InfoBar should not be shown when the user first submits a form
. (Issue: 47426)
  • AutoFill should continuously update profile data as the user submits forms with new data
AutoFill: Aggregate profile data. Remove the AutoFill InfoBar. Remove more remnants of shipping address and CVV. (Issue: 47423)
  • When editing a field in a previously auto-filled form, only display unique suggestions
AutoFill: Remove duplicate suggestions when providing suggestions for a field (Issue: 47436)
  • Enabling sync freezes Chromium
Remove NIGORI from the sync routing info. (Issue: 47766)

New in Google Chrome 6.0.453.1 Alpha (Jul 9, 2010)

  • New experimental support for gnome-keyring and kwallet for storing your passwords. Currently off by default; you can opt in via a command line flag and we’d love feedback as to whether it eats your data. Please see this thread for information on how to test it (importantly, back up your passwords first).
  • Fixed overlapping characters sometimes seen with complex (Thai, Indic) text.
  • The PDF plugin is now available (turn it on in about:plugins).

New in Google Chrome 5.0.375.99 (Jul 5, 2010)

  • [42396] Low OOB read with WebGL. Credit to Sergey Glazunov; Google Chrome Security Team (SkyLined).
  • [42575] [42980] Medium Isolate sandboxed iframes more strongly. Credit to sirdarckcat of Google Security Team.
  • [$500] [43488] High Memory corruption with invalid SVGs. Credit to Aki Hekin of OUSPG; wushi of team509.
  • [$500] [44424] High Memory corruption in bidi algorithm. Credit to wushi of team509.
  • [45164] Low Crash with invalid image. Credit to Jose A. Vazquez.
  • [$1000] [45983] High Memory corruption with invalid PNG (libpng bug). Credit to Aki Helin of OUSPG.
  • [$500] [46360] High Memory corruption in CSS style rendering. Credit to wushi of team509.
  • [46575] Low Annoyance with print dialogs. Credit to Mats Ahlgren.
  • [47056] Low Crash with modal dialogs. Credit to Aki Helin of OUSPG.

New in Google Chrome 5.0.375.86 (Jun 25, 2010)

  • [38105] Medium XSS via application/json response (regression). Credit to Ben Davis for original discovery and Emanuele Gentili for regression discovery.
  • [43322] Medium Memory error in video handling. Credit to Mark Dowd under contract to Google Chrome Security Team.
  • [43967] High Subresource displayed in omnibox loading. Credit to Michal Zalewski of Google Security Team.
  • [45267] High Memory error in video handling. Credit to Google Chrome Security Team (Cris Neckar).
  • [$500] [46126] High Stale pointer in x509-user-cert response. Credit to Rodrigo Marcos of SECFORCE.

New in Google Chrome 5.0.375.86 Beta (Jun 24, 2010)

  • The integrated flash player has been re-enabled by default.

New in Google Chrome 6.0.437.1 Alpha (Jun 18, 2010)

  • All:
  • [r49492] Detach Reload from omnibox, combine with Stop, and eliminate Go. (Issue: 45745).
  • [r49712] Implemented initial version of extension syncing. (Issue (with instructions on how to enable): 32413, but see 46742).
  • The onChanged event is now working in the extensions experimental cookies API.
  • Linux:
  • [r49458] Undo experiment where we used the tab theme image as the frame in popup windows. We now always use the default blue frame, matching Windows instead of matching Mac. (Issue: 43938)
  • [r49467] Side tabs for content settings window (Issue: 45546)
  • [r49451] Fix restore button doing nothing in certain circumstances (Issue: 46232)
  • Known Issues:
  • Some images for the main toolbar are wrong (the Stop button is incorrectly squared off on Windows and Linux, and the omnibox edges are wrong on Mac).

New in Google Chrome 5.0.375.70 (Jun 9, 2010)

  • [15766] Medium Cross-origin keystroke redirection. Credit to Michal Zalewski of Google Security Team.
  • [$2000] [39985] High Cross-origin bypass in DOM methods. Credit to Sergey Glazunov.
  • [$500] [42723] High Memory error in table layout. Credit to wushi of team509.
  • [Linux only] [43304] High Linux sandbox escape. Credit to Mark Dowd under contract to Google Chrome Security Team.
  • [43307] High Bitmap stale pointer. Credit to Mark Dowd under contract to Google Chrome Security Team.
  • [43315] High Memory corruption in DOM node normalization. Credit to Mark Dowd under contract to Google Chrome Security Team.
  • [43487] High Memory corruption in text transforms. Credit to wushi of team509.
  • [43902] Medium XSS in innerHTML property of textarea. Credit to sirdarckcat of Google Security Team.
  • [44740] High Memory corruption in font handling. Credit: Apple.
  • [44868] High Geolocation events fire after document deletion. Credit to Google Chrome Security Team (Justin Schuh).
  • [44955] High Memory corruption in rendering of list markers. Credit: Apple.

New in Google Chrome 5.0.375.70 Beta (Jun 4, 2010)

  • Fix some crash and stability issues.

New in Google Chrome 6.0.422.0 Alpha (Jun 4, 2010)

  • VP8/WebM support has been added
  • Crash when changing networks or waking from sleep (Issue: 44724)
  • CUPS “add printer” crashes tab (Issue 30880)

New in Google Chrome 5.0.375.55 (May 26, 2010)

  • Security Fixes:
  • Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
  • [7713] Medium Canonicalize URLs closer to the Safe Browsing specification. Credit to Brett Wilson of the Chromium development community.
  • [16535] High Possible URL bar spoofing via unload event handlers. Credit to Michal Zalewski, Google Security Team.
  • [30079] Medium Memory error in Safe Browsing interaction. Credit to Google Chrome Security Team (SkyLined).
  • [39740] Medium Bypass of whitelist-mode plugin blocker. Credit to Darin Fisher of the Chromium development community.
  • [41469] Medium Memory error with drag + drop. Credit to kuzzcc.
  • [42228] High Incorrect execution of Javascript in the extension context. Credit to Andrey Kosyakov of the Chromium development community.
  • In addition, we fixed a range of minor issues such as non-exploitable crashes, hangs and other annoyances. Credit to Sumit Gwalani; Google Security Team, sirdarckcat; Google Security Team, Google Chrome Security Team (Inferno), Carlos Ghan, WHK; elhacker.net, x41, Aki Helin; OUSPG, Jordi Chancel, kuzzcc, Robert Swiecki; Google Security Team, Tavis Ormandy; Google Security Team and Florent; Skyrecon Systems.
  • Also, we would like to extend our thanks to the following people who helped find bugs so we could fix them before they ever affected the stable channel: Robert Swiecki; Google Security Team, Alexey Proskuryakov; Apple, Florian Rienhardt; BSI, and Ben Davis.

New in Google Chrome 6.0.408.1 Alpha (May 21, 2010)

  • [r47574] Don't remember incognito zoom changes (Issue: 43107)
  • Fixed various memory related errors

New in Google Chrome 5.0.375.53 Beta (May 21, 2010)

  • This release contains some minor crash and stability fixes, in addition, we have also temporarily put our internal version of Flash Player back behind a flag. We plan on re-enabling our internal version of Flash Player by default on the beta channel in the near future.
  • We have also fixed a regression so that we no longer remember incognito zoom changes (Issue: 43107)

New in Google Chrome 5.0.396.0 Alpha (May 7, 2010)

  • All:
  • The toolbar, omnibox and other UI changes reverted for Chrome 5 have been restored in this build.
  • Fixed bug related to scheme stripping that could cause URLs of the form "http://ftp.foo.com" to be misnavigated, by not stripping the scheme in this case.
  • Many bugs fixed relating to stripping "http://" and its interaction with the clipboard. Chrome should now prepend schemes onto the pasted text in a variety of situations.
  • Linux:
  • Bookmark bar icons should no longer be cropped under some GTK themes
  • (particularly, the new ones in Ubuntu Lucid).
  • Flash content when using nspluginwrapper should be clickable again.
  • Security:
  • Linux: Fixed a crash caused by a premature application data record in the middle of an SSL handshake (Issue: 42538)
  • Known Issues:
  • Several autofill related issues (Issue 43260, Issue 43262, Issue 43365, Issue 43353, Issue 41573)

New in Google Chrome 5.0.375.29 Beta (May 6, 2010)

  • HTML5 Features: Geolocation, App Cache, web sockets, file drag-and-drop.
  • Integrated Flash Player Plugin
  • V8 performance improvements
  • Preferences synchronization
  • NaCl behind a flag

New in Google Chrome 5.0.375.23 Alpha (Apr 28, 2010)

  • Disabled profile based Autofill (this will return in a future release)
  • Various UI features related to the url bar/ omnibox have been removed from this release (e.g. http:// truncation, star icon, etc...)
  • We are currently examining ways to address the usability issues that were raised and plan to reintroduce in the near future
  • Various crash fixes

New in Google Chrome 5.0.375.3 Alpha (Apr 14, 2010)

  • Flash enabled by default
  • Implement patterns for content setting exceptions.
  • A nicer looking video scaling algorithm is now used

New in Google Chrome 5.0.371.0 Alpha (Apr 9, 2010)

  • Geolocation support (Issue 11246 and many others)
  • Fixed bug where HTML5 audio/video elements stopped firing timeupdate events (Issue 25185)
  • WebGL is running inside the sandbox under the --enable-webgl flag (i.e. this no longer requires the --no-sandbox flag to run). Browsing with the --no-sandbox is dangerous and we strongly recommend that you not do it.
  • Changes to the Omnibox (e.g. the bookmark star has moved, icon changes, etc...)
  • After some churn in recent dev channels, we now obey more font settings from fontconfig while still not sacrificing web compatibility. Unhappy about how your fonts look? Read a document about how to diagnose the various issues.

New in Google Chrome 5.0.342.9 Beta (Apr 8, 2010)

  • This update fixes issue 38220: some extensions cannot be installed.

New in Google Chrome 5.0.360.5 Alpha (Mar 31, 2010)

  • An integrated Adobe Flash Player Plug-in. We're integrating Adobe Flash Player 10.1.51.95 (10.1 beta 3) with Google Chrome so that you don't have to install it or worry about keeping it up-to-date. See the blog post on the Chromium blog for more details.
  • To use the bundled Flash Player plug-in, add --enable-internal-flash to your command line or shortcut for starting Google Chrome.
  • A basic plug-in manager. The about:plugins page now lets you disable any plug-in from loading on all web pages. See the Known Issues section: this doesn't work in all cases yet if you already have Adobe Flash Player for Windows Firefox, Safari, or Opera installed.
  • Known Issues:
  • On Windows, if you have Adobe Flash Player for Windows Firefox, Safari, or Opera installed, the Flash plug-in will still work in some cases even if you decline the license agreement (when using --enable-internal-flash) or disable the Flash plugin from about:plugins. We're working on it.
  • If you disable (or enable) a plugin on about:plugins, your change does not take effect until you restart Google Chrome.
  • There is no bundled Adobe Flash Player plug-in for 64-bit Linux.

New in Google Chrome 5.0.342.7 Beta (Mar 25, 2010)

  • Automatic translations and greater control over content for privacy. The Google Chrome 4.1 Beta announcement for Windows explains these features in more detail.
  • Really, really reload. A normal reload causes the browser to check with the server before reusing its cached content. The server can decide whether or not the browser should use its cached content. A force reload causes the browser to ignore its cached content and ask the server for a fresh copy of the page. Use Shift+Reload to force a reload (the reload keyboard shortcut varies by platform).

New in Google Chrome 5.0.342.3 Alpha (Mar 12, 2010)

  • This release improves stability and fixes some known crashers (such as Issues: 37035, 37674, 37567).
  • Known Issues:
  • Linux: Chromium Bookmark Sync Not Working (Issue: 36460).

New in Google Chrome 5.0.335.0 Alpha (Feb 25, 2010)

  • Support "cache-bypassing reload"; this is hooked to various accelerators on different platforms (e.g. shift-reload, ctrl-reload, etc.) (Issue 1906)
  • [r38877, r39018, r39040, r39133, r39346, r39524] Fix numerous issues relating to new Content Settings functionality (Issues 34633, 34668, 35011, 35775, 36021)
  • [r39285] Fix crash when alert() is called from extension popup (Issue 33698)
  • [r39365] When a single tab is open, "Close other tabs" context menu option should be grayed out (Issue 35576)
  • [r39381] Remove all infobars from a tab when its renderer crashes (Issue 36035)
  • [r39412] Fix crash adding/deleting bookmark/folder when browser sync is on and the network is not available (Issue 36200)
  • [r39670] Do not send extra blur and focus events if popup menu is showing (Issue 23499)
  • [r39682] Fix crash when dragging bookmarks (Issue 36473)
  • Fix package dependencies in .deb package (Issue 35639)
  • [r38999] Fix crash with some extensions (Issue 35577)
  • [r39160, r39257] Fix issues relating to new Content Settings functionality (Issues 34941, 35861)
  • [r39250] Fix crash when editing a bookmark in the bookmark manager (Issue 35438)
  • [r39251] Implement the new AutoFill section of the Options dialog (Issue 33025)
  • [r39436] Failing NSS version check should not be a fatal error (Issue 33163)
  • [r39669] Add "deb" and "rpm" to dangerous extension list (Issue 31144)
  • Security:
  • [r39503, r39635] Be more careful about size calculations in GPU code (Issue: 35931)
  • Notable behavior change: every HTML document hosted on a local file:// URI now lives in a unique domain. Old behavior can be re-enabled with the new flag --allow-file-access-from-files. For a cross-browser discussion on background, please see http://blog.chromium.org/2008/12/security-in-depth-local-web-pages.html
  • Known Issues:
  • Mac client SSL certificate support limitations: does not yet support server renegotiation attempts (so it doesn't work with all sites) (Issue 36207); client cert generation (the tag) is not implemented yet (Issue 34607)
  • Mac: Blocked popups can currently not be opened (Issue 35594)

New in Google Chrome 5.0.307.5 Alpha (Feb 5, 2010)

  • Bugs fixed in this release:
  • [r37760] (Mac/Linux) Fix themes being corrupted after upgrade (bad colors, extra wrench menu, etc). (Issue 33416)
  • [r37440] (Mac) Fix a crash when the page is closed or navigates while a popup menu is open. (Issue 33250)
  • [r37445] (Mac) Bookmark manager: restore focus when people press Esc. (Issue 32734)
  • [r37522] (Mac) Bookmark manager: Fix a crash on deleting a folder (Issue 33083)
  • [r37542] (Mac) Fix a crash when plugins are scrolled or multiple plugins frames load (Issue 33467)
  • [r37549] (Mac) Prevent tabs from closing when a popup window is open (Issue 31716)
  • [r37342] (Linux) Fix a browser crash when the network connection is down. (Issue 33091)
  • [r37738] (Mac) Fix a crash when opening a menu while the browser starts. (Issue 33890)
  • [r37838] (Linux) Developer Tools: fix broken autocomplete. (Issue 33403)
  • [r37853] (Mac) Fix cookie management dialog being slow to load (Issue 33248)
  • [r37725] (Linux) Fix App and Edit menus not appearing on pressing Alt+F or Alt+E (Issue 33471)

New in Google Chrome 5.0.307.1 Alpha (Feb 3, 2010)

  • [r37017] Preliminary desktop notifications support. (Why not libnotify? See our technical FAQ.) (Issue: 23954)
  • [r37193] Use GTK+ selection colors when using GTK theme mode. (Issue: 25831)
  • [r37201] We now also will load plugins from ~/.config/$PRODUCT_NAME/Plugins. (Issue: 22261)
  • Improved complex text support, fixing a number of bugs in Hebrew/Arabic/Hindi/etc. display.