February 11th, 2012All:
· Updated V8 - 3.9.4.0
· Fix: open incognito windows at exit created extra normal windows when the session was restored [r120554]
· Show spelling suggestions for misspelled words from the online spellchecker provided by Google (only after users opt into sending text to the service) (r120959).
· When translating a page, get the code and translation via HTTPS. (r120113)
Windows:
· Fix a visual artifact when UI bubbles fade [r119916]
· Fix an infrequent crash on repaint [r120196]
· Fix 3D acceleration on computers with NVIDIA Optimus graphics [r120651]
· Use Google’s online spellchecker to identify misspelled words as well as provide suggestions, for pasted text only. (r120959).
· Fixed a crash that could occur if a page was closed while playing audio [r120749].
February 10th, 2012· ntp: add more UMA to prove existing UMA is sane.
· Exempt default apps from external-extension alerts.
· Remove 2 pointless NULL checks. These two functions are normal functions these days and can't be NULL.
· Add AUTHENTICATED session state. Also removed AUTHENTICATED state from ConnectionToHost
· [Sync] Add new EnumSet class representing a set of enum values. This will eventually replace ModelType{Bit,}Set.
· Reland 112770, but with test disabled. Prevent a crash in the first run search engine selector.It is possible to try and close the window now before the TemplateURLService is loaded. In this case we will not have a fallback search engine to select by default. So we will just reject attempts to close the window in this circumstance until it is loaded and a fallback choice has been set. It should be an edge case.
· Use Google OAuth userinfo API to get profile information
· Update CreateTabContents to use a content::Referrer instead of a plain URL
February 9th, 2012· New Extensions APIs
· Updated Omnibox Prerendering
· Download Scanning Protection
Security fixes and rewards:
· [73478] Low CVE-2011-3953: Avoid clipboard monitoring after paste event. Credit to Daniel Cheng of the Chromium development community.
· [92550] Low CVE-2011-3954: Crash with excessive database usage. Credit to Collin Payne.
· [93106] High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit to David Grogan of the Chromium development community.
· [103630] Low CVE-2011-3956: Incorrect handling of sandboxed origins inside extensions. Credit to Devdatta Akhawe, UC Berkeley.
· [$1000] [104056] High CVE-2011-3957: Use-after-free in PDF garbage collection. Credit to Aki Helin of OUSPG.
· [$2000] [105459] High CVE-2011-3958: Bad casts with column spans. Credit to miaubiz.
· [$1000] [106441] High CVE-2011-3959: Buffer overflow in locale handling. Credit to Aki Helin of OUSPG.
· [$500] [108416] Medium CVE-2011-3960: Out-of-bounds read in audio decoding. Credit to Aki Helin of OUSPG.
· [$1000] [108871] Critical CVE-2011-3961: Race condition after crash of utility process. Credit to Shawn Goertzen.
· [$500] [108901] Medium CVE-2011-3962: Out-of-bounds read in path clipping. Credit to Aki Helin of OUSPG.
· [109094] Medium CVE-2011-3963: Out-of-bounds read in PDF fax image handling. Credit to Atte Kettunen of OUSPG.
· [109245] Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to Code Audit Labs of VulnHunt.com.
· [109664] Low CVE-2011-3965: Crash in signature check. Credit to Sławomir Błażek.
· [$1000] [109716] High CVE-2011-3966: Use-after-free in stylesheet error handling. Credit to Aki Helin of OUSPG.
· [109717] Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben Carrillo.
· [$1000] [109743] High CVE-2011-3968: Use-after-free in CSS handling. Credit to Arthur Gerkis.
· [$1000] [110112] High CVE-2011-3969: Use-after-free in SVG layout. Credit to Arthur Gerkis.
· [$500] [110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to Aki Helin of OUSPG.
· [$1000] [110374] High CVE-2011-3971: Use-after-free with mousemove events. Credit to Arthur Gerkis.
· [110559] Medium CVE-2011-3972: Out-of-bounds read in shader translator. Credit to Google Chrome Security Team (Inferno).
February 8th, 2012· Users can now sync NTP icons to their profile and keep their order across different instances of chrome. [Issues: 111277, 100737, 61447]
· Pointer Lock / Mouse Lock is implemented behind a flag (see about:flags). Mac only bug fix when closing a tab. [Issue: 111860]
· Fixed stability crashes [Issue: 112590, 112116, 111968, 110909]
February 3rd, 2012· Fixed URL handling of settings page. [Issue: 111900]
· Fixed crash when unpacking extension. [Issue: 112301]
· Fixed the case where the utility process crashes after all plugins have been loaded. [Issue: 111935]
February 1st, 2012· Updated V8 - 3.8.9.0
· Moved the ‘privacy’ extension API out of experimental
January 31st, 2012Fix race condition in utility process clients:
· A few clients of the utility process had a race condition that could lead to a browser crash if the utility process crashed. IndexedDB was the worst offender.
· WebstoreInstallHelper, the profile importer, and posix plugin loader were also affected.
· As a side effect, NaClProcessHost and GpuProcessHost are now notified when their respective processes are killed and treat such an occurrence as a crash.
· Disable profile shortcuts on M17
· Quick fix to resolve a heap corruption in shader translator.
· Don't force groups.google.com to HTTPS.
· Fix a crash in profile_shortcut_manager_win involving ProfileInfoCache::GetIndexOfProfileWithPath.
· Disable NetworkDelayListener because it creates too long delays during session restart
January 26th, 2012Bookmarks menu empty after switching profile:
· Fixes tear-down of the BookmarkMenuCocoaController so that it only de-registers itself as the main menu's delegate. During tear-down it was mistakenly de-registering the newly installed BookmarkMenuCocoaController for a different profile.
· Fix issue with pattern parsing in xsltCompilePatternInternal
· return early from ProcessRawBytesWithSeperators() when data length is 0
· Fix null deref when walking cert chain.
· Change omnibox behavior when stripping javascript schema to navigate after stripping the schema on drag drop.
January 25th, 2012· Updated V8 - 3.8.7.1
· Enable linear scaling for Chrome Remote Desktop’s scale-to-fit feature. (issue 93451)
· Fixed popup windows issue (Issue: 106967)
· Fixed crashes in extension binding (Issue: 110694)
· When Strict Transport Security mandates that HTTPS certificate errors must be fatal, add a string telling the user why. (Issue: 110191)
January 24th, 2012· High CVE-2011-3924: Use-after-free in DOM selections.
· Critical CVE-2011-3925: Use-after-free in Safe Browsing navigation.
· High CVE-2011-3928: Use-after-free in DOM handling.
· High CVE-2011-3927: Uninitialized value in Skia.
· High CVE-2011-3926: Heap-buffer-overflow in tree builder.
January 19th, 2012· Merge 118016 - Disable GAIA profile info. This CL disables the GAIA profile info feature for now. Note, this is basically a revert of r112368.
· Merge 117924 - Fix default apps losing the "bookmark app" bit once they get updated.
· Merge 115632 - Add performance_ui_tests to chrome_official_builder.
· Mark css3/flexbox/position-absolute-child.html as failing.
· Merge 117944 - Stop pumping messages while handling cookie requests for Chrome Frame. This is to reduce (and possibly remove) the likelihood of hitting the deferred navigation code path in webkit when a navigation event is received while pumping messages. The deferered navigation code path puts the renderer's FrameLoader instance into an invalid state that eventually causes a crash. Note that there is a side effect to this. If we don't pump messages then anything done as part of the cookie request that would require the renderer to pump messages will result in deadlock.
· Updating XTBs based on .GRDs from branch 963
· Help compiler by pointing it to the right PostTask method.
· Merge 117658 - Substitute ResourceHandlers with dummy ResourceHandler while request is transferred
· Merge 117685 - Prevent callbacks after URLRequest/URLRequestJob have been canceled/completed/killed.
· Merge 113806 - Revert 113794 - Revert 113785 - Enable TransferNavigationResourceHandler
· Merge 117127 - mach_port_deallocate() the result of mach_thread_self(), which obtains a port send right.
· Disable accelerated 2D canvas in M17 branch (963)
· Merge 117854 - Do not preload auth extension on lock screen.
· Merge 114784 - Extension docs: Links from `samples.html` now point to the correct branch.
· Merge 117507 - Crash fix for mobile activation page refresh request.
· Merge 117361 - Print Preview: Handle a CHECK that's getting hit in PrintPreviewHandler::HandlePrint().
· Merge 117260 - Fix bug 104170: [Mac OS] Best-fit-window-zoom doesn't work anymore
· Merge 116775 - Revert 116769 - Revert 116765 - Revert 111279 - Removed logic that was disabling other types of network connections during mobile activation.
· Merge 117082 - Copy all the max page IDs to Instant/Prerender's TabContents
· This fixes history problems that could arise with the previous approach.
· disable flaky test
· Fix flakiness and re-enable http search in find_in_page.FindMatchTests.testSearchInPDF for 963
· Add loop to _VerifySearchInPDFURL to try FindInPage 10 times and re-raise
· the exception on the final loop. This is required because
· _GetResultFromJSONRequest appears to timeout if called before the PDF has
· loaded.
· Add timeout parameter to pyauto.FindInPage to be passed to
· _GetResultFromJSONRequest to speed up the loop in _VerifySearchInPDFURL
· from the default of 45 seconds to 1 second.
· Re-enable test on Win, Mac, and Linux.
· Merge 116931 - Calculate extension permission increases from changes in warning messages.
· Instead of calculating permission increases from changes in API permissions, use the changes in actual warning messages. This makes sure we only prompt the user once when permissions share warnings.
· Merge 116961 - Use the current download directory when installing extensions.The WebstoreInstaller had been downloading extensions to the default download directory, rather than the user's current selection.
· Merge 115885 - Fixed the prefetch in the Photo Editor
· Merge 117205 - Implements queue for serializing device settings change requests. Without the queue there exists a chance for running into races between stores to the policy blob that come very close to each other, and cause the second change to erase the results of the first change.
· Merge 115883 - Fixed navigation after editing in the Photo Editor
· Merge 117146 - Remove contexts from lists of shared contexts on lost context. Even if a context was lost, we tried to use it as the share group for newly-created contexts, resulting in a new context that shared with nothing. Remove all the dead contexts from the list of shared contexts to avoid that.
· Merge 116457 - Fix crash in didReceiveData, if user calls Close() during RunCallback.
· Fix same-origin requests, so they can send credentials.
· Merge 113417 - Fix null pointer exception in WebViewColorOverlay.
· Merge 116581 - When renderer process tries to establish a GPU channel, close any existing one.
· Merge 117173 - Add NULL-check around |url| in TemplateURLService::SetDefaultSearchProviderNoNotify
· Merge 117178 - Postpone deletion of P2PTransportImpl internals when it is being deleted.
· [filebrowser] Change 'File Shelf' to 'Chromebook'.
· Merge 115134 - [filebrowser] In image editor, remove focus from file name edit when clicked outside.
· [filebrowser] Fix the context menu not working, and move new folder action there instead of separate button.
January 18th, 2012· The PDF plugin now adds ‘Rotate Clockwise’ and ‘Rotate Counterclockwise’ commands to context menus, so users can more easily view documents scanned horizontally.
· Updated the first-run bubble text and added a link to change the current search engine. (Issue: 117521)
· Fixed HTML5 showing download bar in fullscreen mode. (Issue: 99673)
January 12th, 2012· Remove internal error message from user facing UI.
· net: allow GeoTrust to sign Google certs.
· Better error handling in audio wave out.
· Fix calling NULL callback, slightly reorder the code to avoid potential problems.
· Remove comment that webRequest API is experimental from API documentation
· Update omnibox prerender field trial percentages for stable and beta.
· Stop updating SafeBrowsing download hash list.
· Fix client to always handle error messages properly
January 11th, 2012· Updated V8 - 3.8.4.1
· Fixed several crashes (Issues 106869, 104046, 106989, 107574, 106891, 108687, 107171, 109002)
· When a profile is synced, use GAIA name + GAIA photo for avatar - Use Google OAuth userinfo API to get profile information (Issue: 91241)
· Added support for manifest_version attribute for extensions (Issue: 62897)
· Eliminate drawing glitch on WebUI radio controls. (Issue: 105755)
· Fixed regression with extension omnibox API where whitespace would get trimmed (Issue: 106355)
· Fix page zoom for plug-in documents (Issues: 106013, 106228)
· Fix race condition in extension service that causes extensions installed (Issue: 101935)
· Folders in the wrench menu and application menu are greyed out (Issue: 109196)
· Better error handling in audio wave out. (Issue: 108685)
· Made URL filter for web request API mandatory (Issue: 106590)
· Reject weak RSA and DSA keys when validating certificate chains for HTTPS; related UI (r114879, r116442, r115924)
· Popups opened from a maximized window should now be unmaximized (Issue: 106967)
· Hide panels in presence of full screen app for windows. (Issue: 102731)
· Provide windows notification of thread termination (Issues: 107974, 103209)
· Abort in-flight load tasks if the DB has been closed. (Issue: 106722)
January 6th, 2012· New Extensions APIs
· Updated Omnibox Prerendering
· Download Scanning Protection
· Many other small changes
January 6th, 2012Security fixes:
· Use-after-free in animation frames.
· Heap-buffer-overflow in libxml.
· Stack-buffer-overflow in glyph handling.
January 5th, 2012· Updated V8 - 3.7.12.12
· Make webstore installs work when the Downloads folder is missing. (Issue: 108812)
December 16th, 2011· This release contains stability and feature improvements.
December 13th, 2011· Chrome 16 contains some really great improvements including enhancements to Sync and the ability to create multiple profiles on a single instance of Chrome.
Security fixes and rewards:
· [81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to David Holloway of the Chromium development community.
· [95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team (Inferno).
· [$500] [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit to Aki Helin of OUSPG.
· [$1000] [99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit to Mitja Kolsek of ACROS Security.
· [100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to Aki Helin of OUSPG.
· [101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property array. Credit to Google Chrome Security Team (scarybeasts) and Chu.
· [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling. Credit to Google Chrome Security Team (Cris Neckar).
· [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF. Credit to Google Chrome Security Team (scarybeasts) and Robert Swiecki of the Google Security Team.
· [$1000] [102359] High CVE-2011-3912: Use-after-free in SVG filters. Credit to Arthur Gerkis.
· [$1000] [103921] High CVE-2011-3913: Use-after-free in Range handling. Credit to Arthur Gerkis.
· [$1000] [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling. Credit to Sławomir Błażek.
· [$1000] [104529] High CVE-2011-3915: Buffer overflow in PDF font handling. Credit to Atte Kettunen of OUSPG.
· [$500] [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross references. Credit to Atte Kettunen of OUSPG.
· [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to Google Chrome Security Team (Marty Barbella).
· [107258] High CVE-2011-3904: Use-after-free in bidi handling. Credit to Google Chrome Security Team (Inferno) and miaubiz.
December 9th, 2011· Stability & security fixes
December 7th, 2011· Updated V8 - 3.7.12.6
· r113121 Omnibox suggestions will now be prerendered if our confidence of the user following the suggestion is high.
· Support for
· Content Settings (in Options, Under the Hood) now has UI for “Mouse Cursor”, which controls the Mouse Lock API permissions.
· r110556 Fixed a renderer crash that could happen when opening a new tab with many tabs open.
· WebKit Issue 73056 - Small fix for BiDi selection.
· WebKit Issue 63903 - Fixed WebKit's implementation of bdo, bdi, and output elements to match HTML5 spec section 10.3.5.
· r111156 - Desktop shortcuts will be created for each user account, to launch Chrome with that account active.
December 7th, 2011· Updated V8 - 3.7.12.6
· r113121 Omnibox suggestions will now be prerendered if our confidence of the user following the suggestion is high.
· Support for
· Content Settings (in Options, Under the Hood) now has UI for “Mouse Cursor”, which controls the Mouse Lock API permissions.
· r110556 Fixed a renderer crash that could happen when opening a new tab with many tabs open.
· WebKit Issue 73056 - Small fix for BiDi selection.
· WebKit Issue 63903 - Fixed WebKit's implementation of bdo, bdi, and output elements to match HTML5 spec section 10.3.5.
· r111156 - Desktop shortcuts will be created for each user account, to launch Chrome with that account active.
November 18th, 2011· Updated V8 - 3.7.7.0.
· Fixed New Tab page apps re-ordering issue.
· Policy support for disabling the Cloud Print Connector has been added.
· Fixed an issue where Chrome app windows would hang. [r110239]
November 17th, 2011· Updated V8 - 3.5.10.24
· This build contains the fix to a regression: SVG in iframe doesn't use specified dimensions (Issue: 98951)
November 15th, 2011· Updated V8 - 3.7.6.0. This release includes the new garbage collector.
· Windows: Fixed a bug where the missing plug-in infobar would not do anything (issue 103216).
November 11th, 2011· Updated V8 - 3.5.10.23
· Fix small print sizing issues (issues: 102186, 82472, 102154)
· This new build also contains a new version of Flash which contains security fixes.
November 8th, 2011· Fixed possible hang when using the GPU (Issue: 102214).
· Fixed a bug causing the missing plug-in infobar (“An additional plug-in is required…”) to wrongly appear (Issue: 101821)
· Stopped search engine dialog from appearing even when not changed.
· NaCl working again on Win64.
November 4th, 2011· Updated V8 - 3.6.6.3
· Prompt the user if they want to cancel downloads occurring when the last Incognito Window of a profile is closed.
· Panels are enabled by default (extensions-only, “Tasky” in Web Store is one example)
· Adjustable margins supported in Print Preview.
· Mouse Lock “Allow” permission (given via a prompt) is now saved in content settings per domain.
November 3rd, 2011· Signing in to Chrome enables sync and brings your Chrome bookmarks and other personalized settings to all of your computers. Just go to the Wrench menu and select “Sign in to Chrome.”
· Added a new feature that lets people who use a shared computer each have their own personalized Chrome, and lets them each sign in to Chrome to sync their stuff. To try it out, go to Options (Preferences on Mac), click Personal Stuff, and click "Add new user."
November 2nd, 2011· This release contains stability fixes.
October 28th, 2011· This release contains fixes for stability
October 27th, 2011· This release fixes login issues to Barrons Online and The Wall Street Journal
October 22nd, 2011· This version includes a crash fix (75604) and a fix to crash reporting on Linux.
October 21st, 2011· Updated V8 - 3.6.6.5
· Fixed stability issue in Print and Instant
October 20th, 2011· Updated V8 - 3.5.10.22
· Numerous buffering fixes and optimizations for HTML5 media elements. (99775, 99749, 100439)
· Tuned the omnibox to recognize more types of inputs as intranet navigations (99131, 94806)
· Fixed several crashes and hangs (98975, 98948, 98955, 96861)
· Fixed Omnibox enters keyword search mode incorrectly (95454)
October 19th, 2011· Updated V8 - 3.6.6.3
· Native Client and Pepper plug-ins will be able to go use First Person controls for games and other applications after they go full screen and lock the mouse cursor. See PPB_MouseLock::LockMouse.
October 13th, 2011· Updated V8 - 3.5.10.17
· Fixed crash during Print Preview (96063)
· Fixed excessive margins in printing (92000)
· Fixed large downloads don't show progress (94468)
· Fixed Netflix/Silverlight error (97319)
· Disabled acceleration for background pages (96006)
· Restored the old bookmark menus (93674)
· Added support for an optional "requirements" section in extension/app manifests (99241)
· Fixed window rendering issue on focus(90386)
October 11th, 2011· [r104051] Eliminate window frame rendering errors on activate / deactivate.
October 7th, 2011· Updated V8 - 3.5.10.16
· Only deliver extension messages to contexts that care (96544, 76571)
· Fix scrolling of full-frame pdf docs in accelerated compositing mode (93482)
October 5th, 2011· Updated V8 - 3.5.10.15
· Match main window notification subscription/unsubscription in BookmarkBarController
· Fixed a deadlock induced by this pref being set in response to bookmark sync events (97955)
· Enable floating bookmarks bar for NTP4 for M15 beta branch (98572)
· Prevent a rendering error on Windows where content behind Chrome may render in front of the Chrome window (97808)
· Added heuristic for fixing the alpha channel when reading clipboard images on Windows (97160)
October 5th, 2011· [93788] High CVE-2011-2876: Use-after-free in text line box handling.
· [95072] High CVE-2011-2877: Stale font in SVG text handling.
· [95671] High CVE-2011-2878: Inappropriate cross-origin access to the window prototype. Credit to Sergey Glazunov.
· [96150] High CVE-2011-2879: Lifetime and threading issues in audio node handling.
· [97451] [97520] [97615] High CVE-2011-2880: Use-after-free in the v8 bindings.
· [97784] High CVE-2011-2881: Memory corruption with v8 hidden objects.
· [98089] Critical CVE-2011-3873: Memory corruption in shader translator.
October 4th, 2011· Updated V8 - 3.6.4.1
· FTP: fixed compatibility issue with ftp.comconlink.co.za, issue 98212
· HTML5 audio uses faster method of communications between host and renderer, thus reducing lag for Javascript objects; should be most noticeable in games, issue 61022
· Fixed many known stability issues.
· Fixed a regression where pages couldn’t receive Esc key events,
October 1st, 2011· Microsoft Security Essentials tool began falsely identifying Google Chrome as a piece of malware ("PWS:Win32/Zbot") and removing it from people's computers. This update should automatically repair Chrome for affected users.
September 30th, 2011· Updated V8 - 3.5.10.14
· Notification promos work with New Tab Page (Issue: 93201)
September 28th, 2011· Updated V8 - 3.5.10.13
· Several crash fixes (including 96727, 93314, 97165, 96282)
· Intranet URLs don't inline autocomplete (Issue 94805)
· The New Tab Page bookmark pane has been reverted to the detached bar pending future improvements to the pane version. Thanks for all the feedback! (Issue: 92609)
· Only show NTP4 info bubble for upgrading users (Issue 97103)
· Sync not enforcing server legal bookmark names when migrating to new specifics (Issue 96623)
· Fixed wrench menu bottom border truncated in Win 7 32-bit (Issue: 96505)
September 27th, 2011· Fixed many known stability issues.
September 23rd, 2011· Updated V8 - 3.6.4.0
· FTP: fixed compatibility with servers which send 451 response for CWD command. (Issue 96401)
· Windows and Mac: Enabled multi-users (multi-profiles) by default.
· Fixed many known stability issues.
September 23rd, 2011· A brand new New Tab Page
· Javascript Fullscreen API is now enabled by default
· Chrome Web Store items can now be installed inline by their verified site (more information for developers can be found here.)
· Omnibox History is now an additional sync data type
September 21st, 2011· Fixed a bug that caused a crash if you tried to use the speech input keystroke (Ctrl+Shift+Period) on a (non-speech-enabled) textarea.
· Fixed many known stability issues.
September 21st, 2011· This release includes an update to Flash Player that addresses a zero-day vulnerability
September 19th, 2011· Updated V8 3.5.10.9
· JavaScript fullscreen API now enabled by default.
· Bug fixes and visual improvements for the New Tab Page.
· Fixed many known stability issues.
September 19th, 2011· [49377] High CVE-2011-2835: Race condition in the certificate cache.
· [51464] Low CVE-2011-2836: Infobar the Windows Media Player plug-in to avoid click-free access to the system Flash.
· [75070] Low CVE-2011-2838: Treat MIME type more authoritatively when loading plug-ins. .
· [76771] High CVE-2011-2839: Crash in v8 script object wrappers.
· [78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with unusual user interaction.
· [78639] High CVE-2011-2841: Garbage collection error in PDF.
· [82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers.
· [85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files. [89219] High CVE-2011-2846: Use-after-free in unload event handling.
· [89330] High CVE-2011-2847: Use-after-free in document loader.
· [89564] Medium CVE-2011-2848: URL bar spoof with forward button.
· [89795] Low CVE-2011-2849: Browser NULL pointer crash with WebSockets.
· [89991] Medium CVE-2011-3234: Out-of-bounds read in box handling.
· [90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer characters.
· [90173] Medium CVE-2011-2851: Out-of-bounds read in video handling.
· [91120] High CVE-2011-2852: Off-by-one in v8.
· [91197] High CVE-2011-2853: Use-after-free in plug-in handling.
· [92651] [94800] High CVE-2011-2854: Use-after-free in ruby / table style handing. Credit to Sławomir Błażek, and independent later discoveries by miaubiz and Google Chrome Security Team (Inferno).
· [92959] High CVE-2011-2855: Stale node in stylesheet handling.
· [93416] High CVE-2011-2856: Cross-origin bypass in v8.
· [93420] High CVE-2011-2857: Use-after-free in focus controller.
· [93472] High CVE-2011-2834: Double free in libxml XPath handling.
· [93497] Medium CVE-2011-2859: Incorrect permissions assigned to non-gallery pages.
· [93587] High CVE-2011-2860: Use-after-free in table style handling.
· [93596] Medium CVE-2011-2861: Bad string read in PDF.
· [93906] High CVE-2011-2862: Unintended access to v8 built-in objects.
· [95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan characters.
· [95625] Medium CVE-2011-2858: Out-of-bounds read with triangle arrays.
· [95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a session.
· [95920] High CVE-2011-2875: Type confusion in v8 object sealing.
September 13th, 2011· This release re-enables chrome:flags and disables some of the enhanced completion functionality, that we introduced in 13.0, for the omnibox.
September 9th, 2011· Updated V8 3.6.0.0
· Fixed a possible sync crash triggered by encryption of all sync data.
· The --enable-accelerated-plugins flag was changed to --disable-accelerated-plugins. Pepper Plugins are now accelerated by default.
· Fixed a crash when deleting cookies from chrome://settings/clearBrowserData.
· Enable new client-side phishing detection for non-UMA users (previously UMA-only). When local heuristics trigger, sends only limited information that does not identify the page, such as a prefix of the hash of the URL, and other non-identifiable features such as whether you've visited the page before. [r99582]
· Fixed many known stability issues.
September 9th, 2011· This release disables chrome:flags. We are currently investigating some stability issues and are looking to see how greatly flags usage contributes to our stability metrics, hence we are temporarily disabling them.
September 8th, 2011· Updated V8 3.6.0.0
· Fixed a possible sync crash triggered by encryption of all sync data.
· The --enable-accelerated-plugins flag was changed to --disable-accelerated-plugins. Pepper Plugins are now accelerated by default.
· Fixed a crash when deleting cookies from chrome://settings/clearBrowserData.
· Enable new client-side phishing detection for non-UMA users (previously UMA-only). When local heuristics trigger, sends only limited information that does not identify the page, such as a prefix of the hash of the URL, and other non-identifiable features such as whether you've visited the page before. [r99582]
· Fixed many known stability issues.
September 2nd, 2011· This release has disabled accelerated 2D canvas for Windows, along with other stability fixes
September 1st, 2011· This release contains fixes for a number of stability issues along with other bugs, and an updated version of Adobe Flash Player
August 31st, 2011· This release contains fixes for a number of stability issues along with other bugs, and an updated version of Adobe Flash Player
August 31st, 2011· These releases contain an updated version of the Adobe Flash Player
August 30th, 2011· Updated V8 3.5.8.0
· r98474: Fixed some downloads crashers occurring due to over-aggressive consistency checks.
· Print Preview is working once again.
· Fixed issue where turning on sync encryption could remove bookmark titles.
· r98148: When downloading a file with illegal trailing characters in the file name, they are replaced rather than truncated.
August 25th, 2011· Updated V8 3.5.7.0
· Fixes a blank popup issue for extensions (Issue: 92669).
· Fixed many of the common crashes.
August 24th, 2011· This release contains fixes for a number of stability issues along with other bugs
August 23rd, 2011· [Windows only] [72492] Medium CVE-2011-2822: URL parsing confusion on the command line.
· [82552] High CVE-2011-2823: Use-after-free in line box handling.
· [88216] High CVE-2011-2824: Use-after-free with counter nodes.
· [88670] High CVE-2011-2825: Use-after-free with custom fonts.
· [89402] High CVE-2011-2821: Double free in libxml XPath handling.
· [87453] High CVE-2011-2826: Cross-origin violation with empty origins.
· [Windows only] [89836] Critical CVE-2011-2806: Memory corruption in vertex handing.
· [90668] High CVE-2011-2827: Use-after-free in text searching.
· High CVE-2011-2828: Out-of-bounds write in v8.
· [32-bit only] [91598] High CVE-2011-2829: Integer overflow in uniform arrays.
August 17th, 2011· Updated V8 3.5.5.0
· [r96420] Fixed uninstalls for forced install extensions [Issue 86519]
· Fixed many known stability issues
August 16th, 2011· This release contains fixes for a number of stability issues along with other bugs.
August 12th, 2011· Updated V8 3.5.2.0
· [r96275] FTP: added directory listing parser for OS/2 format, Issue 92154
· [r96073] FTP: fix directory listing parsing for Hylafax, Issue 90807
· Large speed improvement for print preview
· This release also contains fixes for many known stability issues.
August 12th, 2011· Initial release of Native Client
· Web Audio API
· Additional Mac OS X Lion feature support
· Sync Encryption for all data
· Print Preview on Mac
· Experimental Web Request extension API
· Experimental Content Settings extension API
August 9th, 2011· Includes an updated version of Flash Player.
August 9th, 2011· This release contains fixes for a number of issues
August 6th, 2011· This release contains fixes for print preview and other stability issues.
August 2nd, 2011· [75821] Medium CVE-2011-2358: Always confirm an extension install via a browser dialog. Credit to Sergey Glazunov.
· [$1000 each] [78841] High CVE-2011-2359: Stale pointer due to bad line box tracking in rendering. Credit to miaubiz and Martin Barbella.
· [79266] Low CVE-2011-2360: Potential bypass of dangerous file prompt. Credit to kuzzcc.
· [79426] Low CVE-2011-2361: Improve designation of strings in the basic auth dialog. Credit to kuzzcc.
· [Linux only] [81307] Medium CVE-2011-2782: File permissions error with drag and drop. Credit to Evan Martin of the Chromium development community.
· [83273] Medium CVE-2011-2783: Always confirm a developer mode NPAPI extension install via a browser dialog. Credit to Sergey Glazunov.
· [83841] Low CVE-2011-2784: Local file path disclosure via GL program log. Credit to kuzzcc.
· [84402] Low CVE-2011-2785: Sanitize the homepage URL in extensions. Credit to kuzzcc.
· [84600] Low CVE-2011-2786: Make sure the speech input bubble is always on-screen. Credit to Olli Pettay of Mozilla.
· [84805] Medium CVE-2011-2787: Browser crash due to GPU lock re-entrancy issue. Credit to kuzzcc.
· [85559] Low CVE-2011-2788: Buffer overflow in inspector serialization. Credit to Mikołaj Małecki.
· [$500 each] [85808] Medium CVE-2011-2789: Use after free in Pepper plug-in instantiation. Credit to Mario Gomes and kuzzcc.
· [$1000] [86502] High CVE-2011-2790: Use-after-free with floating styles. Credit to miaubiz.
· [$1000] [86900] High CVE-2011-2791: Out-of-bounds write in ICU. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
· [$1000] [87148] High CVE-2011-2792: Use-after-free with float removal. Credit to miaubiz.
· [$1000] [87227] High CVE-2011-2793: Use-after-free in media selectors. Credit to miaubiz.
· [$500] [87298] Medium CVE-2011-2794: Out-of-bounds read in text iteration. Credit to miaubiz.
· [$500] [87339] Medium CVE-2011-2795: Cross-frame function leak. Credit to Shih Wei-Long.
· [87548] High CVE-2011-2796: Use-after-free in Skia. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community.
· [$1000] [87729] High CVE-2011-2797: Use-after-free in resource caching. Credit to miaubiz.
· [87815] Low CVE-2011-2798: Prevent a couple of internal schemes from being web accessible. Credit to sirdarckcat of the Google Security Team.
· [$1000] [87925] High CVE-2011-2799: Use-after-free in HTML range handling. Credit to miaubiz.
· [$500] [88337] Medium CVE-2011-2800: Leak of client-side redirect target. Credit to Juho Nurminen.
· [$1000] [88591] High CVE-2011-2802: v8 crash with const lookups. Credit to Christian Holler.
· [88827] Medium CVE-2011-2803: Out-of-bounds read in Skia paths. Credit to Google Chrome Security Team (Inferno).
· [$1000] [88846] High CVE-2011-2801: Use-after-free in frame loader. Credit to miaubiz.
· [$1000] [88889] High CVE-2011-2818: Use-after-free in display box rendering. Credit to Martin Barbella.
· [$500] [89142] High CVE-2011-2804: PDF crash with nested functions. Credit to Aki Helin of OUSPG.
· [$1500] [89520] High CVE-2011-2805: Cross-origin script injection. Credit to Sergey Glazunov.
· [$1500] [90222] High CVE-2011-2819: Cross-origin violation in base URI handling. Credit to Sergey Glazunov.
August 2nd, 2011· This release contains fixes for sync and stability.
July 29th, 2011· Updated V8 - 3.4.14.2
· [r94125] Unable to open PDF files (bug 90535)
· [r94303] net-internals completely broken (bug 90527)
July 27th, 2011All:
· Updated V8 - 3.4.13.0
· Implemented WebSocket HyBi 10 handshake and framing.
Windows:
· [r93676] Initialize the sandbox earlier in GPU process bringup, deferring any (84650)
· [r93991] GPU process broken on Windows in TOT Chromium builds and Canary
July 19th, 2011· Updated V8 - 3.4.12.1
July 13th, 2011· This releases contain an updated version of the Adobe Flash Player
July 12th, 2011· Updated V8 - 3.4.7.0
June 29th, 2011· [77493] Medium CVE-2011-2345: Out-of-bounds read in NPAPI string handling.
· [84355] High CVE-2011-2346: Use-after-free in SVG font handling.
· [85003] High CVE-2011-2347: Memory corruption in CSS parsing.
· [85102] High CVE-2011-2350: Lifetime and re-entrancy issues in the HTML parser.
· [85177] High CVE-2011-2348: Bad bounds check in v8.
· [85211] High CVE-2011-2351: Use-after-free with SVG use element.
· [85418] High CVE-2011-2349: Use-after-free in text selection.
June 28th, 2011· Updated V8 - 3.4.6.2
· Change the meaning of third-party cookie blocking to allow whitelists
June 21st, 2011· Updated V8 - 3.4.4.0
· Improved support for the textarea element with screen readers.
· Print workflow: Chrome Frame displays both Print Dialog and Print Preview (Issue: 86226)
· Crash when canceling print (Issue: 86229)
· Mouse back and forward buttons stopped working (Issue: 84836)
June 17th, 2011· Updated V8 - 3.4.3.0
· When installing items from the chrome webstore, we now always prompt with a native confirmation dialog.
· Fix for failing navigation with chrome://newtab showing.
· DNSSEC authenticated HTTPS supported.
· Intermittent connectivity issues with broken SSLv3 servers fixed.
June 16th, 2011· This release contains a number of stability fixes and the Flash update.
June 15th, 2011· This release contains an updated version of Adobe Flash
June 14th, 2011· Put hardware accelerated Canvas 2D back behind a flag
June 10th, 2011· This release contains a number of stability fixes
June 8th, 2011· This release contains a number of UI tweaks and stabilities fixes.
June 8th, 2011· Hardware accelerated 3D CSS
· New Safe Browsing protection against downloading malicious files
· Ability to delete Flash cookies from inside Chrome
· Launch Apps by name from the Omnibox
· Integrated Sync into new settings pages
· Improved screen reader support
· New warning when hitting Command-Q on Mac
· Removal of Google Gears
· Bug fixes"
· [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues in float handling.
· [75496] Medium CVE-2011-1809: Use-after-free in accessibility support.
· [75643] Low CVE-2011-1810: Visit history information leak in CSS.
· [76034] Low CVE-2011-1811: Browser crash with lots of form submissions.
· [77026] Medium CVE-2011-1812: Extensions permission bypass.
· [78516] High CVE-2011-1813: Stale pointer in extension framework.
· [79362] Medium CVE-2011-1814: Read from uninitialized pointer.
· [79862] Low CVE-2011-1815: Extension script injection into new tab page.
· [80358] Medium CVE-2011-1816: Use-after-free in developer tools.
· [81916] Medium CVE-2011-1817: Browser memory corruption in history deletion.
· [81949] High CVE-2011-1818: Use-after-free in image loader.
· [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages.
· [83275] High CVE-2011-2332: Same origin bypass in v8.
· [83743] High CVE-2011-2342: Same origin bypass in DOM.
June 7th, 2011· This release contains additional stability fixes.
June 6th, 2011· This release contains an updated version of Adobe Flash.
June 3rd, 2011· This release contains a small number of UI updates and performance fixes.
June 2nd, 2011· Print preview refinements
· IndexedDB+LevelDB made available in about:flags
· Canvas 2D moved out from behind a flag (on by default)
May 26th, 2011· This release contains a small number of UI updates and performance fixes.
May 25th, 2011Security fixes:
· [72189] Low CVE-2011-1801: Pop-up blocker bypass.
· [82546] High CVE-2011-1804: Stale pointer in floats rendering.
· [82873] Critical CVE-2011-1806: Memory corruption in GPU command buffer.
· [82903] Critical CVE-2011-1807: Out-of-bounds write in blob handling.
The following bugs were fixed:
· REGRESSION: selection extended by arrow keys flickers on LinkedIn.com. (Issue 83197).
· Have ConnectBackupJob try IPv4 first to hide potential long IPv6 connect timeout (Issue 81686).
· Mac plugin crashes are too low in stats (Issue 82172).
· Incorrect ACLs on the archived copy of setup.exe (Issue 82424)
May 24th, 2011· Updated V8 - 3.3.8.1
· Continued work on Print Preview
· Making progress on rel:preload
· Crash fixes
May 18th, 2011· Print preview work continues
· Omnibox string matching improvements
May 16th, 2011· [64046] High CVE-2011-1799: Bad casts in Chromium WebKit glue.
· [80608] High CVE-2011-1800: Integer overflows in SVG filters.
May 16th, 2011· This release contains a number of UI tweaks and performance fixes.
May 16th, 2011· Hardware accelerated 3D CSS
· New Safe Browsing protection against downloading malicious files
· Ability to delete Flash cookies from inside Chrome
· Launch Apps by name from the Omnibox
· Integrated Sync into new settings pages
· Improved screen reader support
· Removal of Google Gears
May 7th, 2011· This release contains an updated version of Flash.
May 7th, 2011The following bugs were fixed:
· After deleting bookmarks on the Bookmark managers, the bookmark bar doesn't display properly with existing bookmarks. (Issue 80580).
· About Google Chrome window shows unknown channel for 11.0.696.57 (Issue 80683).
· Chrome/Mac seems to clobber focus when uploading attachments to Gmail with the flash-based uploader (Issue 77172).
· Also included is an updated version of Flash Player 10.2.
May 6th, 2011· This release contains fixes for a number of UI, performance, and stability issues.
May 3rd, 2011· This release continues to address UI and performance issues, as well as a fix for non-Aero themes on Windows
April 29th, 2011· This release continues to address UI and performance issues, as well as updates the Sync preferences UI.
April 29th, 2011· REGRESSION: Windows painting issue while switching Chrome 11 window with overlapped app. (Issue 74604).
April 27th, 2011· [61502] High CVE-2011-1303: Stale pointer in floating object handling.
· [70538] Low CVE-2011-1304: Pop-up block bypass via plug-ins.
· [71586] Medium CVE-2011-1434: Lack of thread safety in MIME handling.
· [72523] Medium CVE-2011-1435: Bad extension with ‘tabs’ permission can capture local files.
· [73526] High CVE-2011-1437: Integer overflows in float rendering.
· [74653] High CVE-2011-1438: Same origin policy violation with blobs.
· [75186] High CVE-2011-1440: Use-after-free with tag and CSS.
· [75347] High CVE-2011-1441: Bad cast with floating select lists. Credit to [75801] High CVE-2011-1442: Corrupt node trees with mutation events. [76001] High CVE-2011-1443: Stale pointers in layering code.
· [76646] Medium CVE-2011-1445: Out-of-bounds read in SVG.
· [76666] [77507] [78031] High CVE-2011-1446: Possible URL bar spoofs with navigation errors and interrupted loads.
· [76966] High CVE-2011-1447: Stale pointer in drop-down list handling. [77130] High CVE-2011-1448: Stale pointer in height calculations.
· [77346] High CVE-2011-1449: Use-after-free in WebSockets.
· [77349] Low CVE-2011-1450: Dangling pointers in file dialogs.
· [77463] High CVE-2011-1451: Dangling pointers in DOM id map. [77786] Medium CVE-2011-1452: URL bar spoof with redirect and manual reload.
· [79199] High CVE-2011-1454: Use-after-free in DOM id handling.
· [79361] Medium CVE-2011-1455: Out-of-bounds read with multipart-encoded PDF.
· [79364] High CVE-2011-1456: Stale pointers with PDF forms.
April 27th, 2011· REGRESSION: left property broken with position:fixed elements in RTL documents. (Issue 80216).
· REGRESSION: Bottom of window Border is drawn 1 Pixel Higher than it should be (Issue 79640).
· REGRESSION: Chromium window goes beyond the screen for non-Aero themes (Issue 80391).
April 26th, 2011· This release continues to address UI and performance issues, as well as updates the Sync preferences UI.
April 23rd, 2011· This release fixes a regression with sync along with other bugs
April 21st, 2011· This release contains stability and performance fixes.
April 19th, 2011· Flash does not load until the tab gets activated. (Issue 71591).
· Going to settings from notification popup crashes Chrome (Issue 78938).
· Disable speech input for readonly and disabled input fields (Issue 58540 ).
· Renamed Blob.slice to Blob.webkitSlice and changed it to take start and end parameters. Also renamed BlobBuilder to WebKitBlobBuilder
April 15th, 2011· This release contains a new version of Adobe Flash which includes a fix for security vulnerability.
April 15th, 2011· Critical CVE-2011-1300: Off-by-three in GPU process.
· CVE-2011-1301: Use-after-free in the GPU process
· Critical CVE-2011-1302: Heap overflow in the GPU process
April 13th, 2011· This release contains updates focused on stability and UI tweaks
April 13th, 2011· Passwords sync: passwords sync commits after EVERY browser restart (Issue 78548).
· Autofill fails to fill forms (Issue 78509).
· a few known crashes (Issue 78688, Issue 68350, Issue 77665, Issue 74585, Issue 76092, Issue 77219 and Issue 77447).
· Redirect to my site without CFInstall.js (Issue 60018).
· Update Silverlight v3 version metadata (Issue 78005).
· Blocked plug-in dialog: make sure "Run this time" button is the first one (Issue 78120).
· Policy: Proxy configuration over policy does not work. (Issue 78016).
· Editing style adds the word "initial" for any property value that uses a paren (Issue 75302).
· Google Chrome Helper doesn't quit, killing it relaunches a new helper process (Issue 74983).
April 6th, 2011· Updated V8 - 3.2.6.0
· Spring cleaning in the code, lots of code cleanup and refactoring under the covers
· Continued work on tab multi-select
April 5th, 2011The following bugs were fixed:
· Duplicate desktop icon is created using First Run UI even if it's present (Issue 5073).
· FLACEncoder::Encode has mismatched free (Issue 77653).
· Switch from using Speex to FLAC for speech input requests (Issue 61677).
· Chrome hangs on form submit with lots of stored Autofill profiles (Issue 75862).
· Browser crash if tab is closed while page is being downloaded (Issue 76963).
April 1st, 2011· cloud print: Error running service on the headless machine (Issue 76991).
· sync: Not registering for NIGORI data types (Issue 76268).
· A known crash (Issue 76998 ).
· REGRESSION: img of extensions not displayed in chrome://extensions within an incognito window (Issue 74905).
· Cloud policy fetch loop upon POLICY_NOT_FOUND answer from the server (Issue 77232).
· Token fetcher doesn't correctly enter unmanaged state (Issue 77185).
· Memory Leak in ChromeFrame in the AutomationResourceMessageFilter::SetCookiesForUrl function (Issue 77421).
· REGRESSION: Arrows not showing up on tabstrip while dropping links (Issue 74764).
· Java: Direct users to the right download page (Issue 76634).
· add es-419, fr-Foo and en-Foo and zh_HK/zh_Hant_HK to Accept-Language list(Issue 62715).
March 29th, 2011· cloud print: Error running service on the headless machine (Issue 76991).
· sync: Not registering for NIGORI data types (Issue 76268).
· A known crash (Issue 76998 ).
· REGRESSION: img of extensions not displayed in chrome://extensions within an incognito window (Issue 74905).
· Cloud policy fetch loop upon POLICY_NOT_FOUND answer from the server (Issue 77232).
· Token fetcher doesn't correctly enter unmanaged state (Issue 77185).
· Memory Leak in ChromeFrame in the AutomationResourceMessageFilter::SetCookiesForUrl function (Issue 77421).
· REGRESSION: Arrows not showing up on tabstrip while dropping links (Issue 74764).
· Java: Direct users to the right download page (Issue 76634).
· add es-419, fr-Foo and en-Foo and zh_HK/zh_Hant_HK to Accept-Language list(Issue 62715).
March 25th, 2011· Updated V8 - 3.2.3.1
· Tab Multi-Select - The ability to select multiple tabs, using the ctrl key, and applying actions (e.g. reload) to them all.
March 25th, 2011· High CVE-2011-1291: Buffer error in base string handling.
· [73216] High CVE-2011-1292: Use-after-free in the frame loader. [73595] High CVE-2011-1293: Use-after-free in HTMLCollection.
· [74562] High CVE-2011-1294: Stale pointer in CSS handling.
· [74991] High CVE-2011-1295: DOM tree corruption with broken node parentage.
· [75170] High CVE-2011-1296: Stale pointer in SVG text handling.
March 22nd, 2011The following bugs were fixed:
· clicking on the labels of checkboxes / radio buttons closes content settings dialog box (Issue 76115).
· Unlock Keyring makes chrome unusable (Issue 72499 ).
· Sample extension for chrome.experimental.proxy API (Issue 62700 ).
· Several known crashes (Issue 76401 and Issue 75264 ).
March 18th, 2011The following bugs were fixed:
· about:gpu can still launch GPU process even though GPU is blocked by software rendering list (Issue 76115)
· REGRESSION: After crash, Restore infobar shows up everytime you open a link from external app (Issue 75654 )
· App context-menu doesn't disappear even after uninstalling the extension, causes crash when selected (Issue 75662)
· A known crash (Issue 74777)
· Fails SPDY-related check (Issue 77893)
March 18th, 2011· This release blacklists a small number of HTTPS certificates
March 16th, 2011· New York Times Chrome app crashes on the Chorme Dev Channel (Issue 75563).
· Sync login dlg is truncated (Issue 72490 ).
· Status bar / target URL not shown when hovering over links(Issue 75268).
· Several known crashes (Issues 75171 and 75443 and 75828).
· Bookmark focus is not lost when moved away from the bookmark bar (Issue 75367).
· Tooltips from browser tabs are persisting for too long (Issue 75334 ).
· Content settings updates don't reflect the current Incognito session(Issue 74466).
· NewTabPage is not updating when a new theme is applied (Issue 74311).
· fixed download requests in chrome frame which occur in response to top level POSTs (Issue 73985 ).
· Chrome locks up on form submit, constantly duplicating autofill settings to blame(Issue 74911).
March 16th, 2011· This release contains an updated version of the Adobe Flash player.
March 12th, 2011The following bugs were fixed:
· Can not select omnibox auto suggested entries by clicking at it (Issue 75366).
· Chromium not loading some plugins (Issue 75351).
· POST omits body after NTLM authentication (Issue 62687).
Known Issues:
· Crash when opening tab/startup @ SkBitmap::lockPixels (Issue 75531).
March 12th, 2011This release fixes the following security issue:
· [$1337] CVE-2011-1290 [75712] High Memory corruption in style handling.
March 9th, 2011· Updated V8 - 3.2.0.1
· New “cookies and other data” page in tabbed settings (Issue 64154).
March 9th, 2011· New version of V8 - Crankshaft - which greatly improves javascript performance
· New settings pages that open in a tab, rather than a dialog box
· Improved security with malware reporting and disabling outdated plugins by default
· Sandboxed Adobe Flash on Windows
· Password sync as part of Chrome Sync now enabled by default
· GPU Accelerated Video
· Background WebApps
· webNavigation extension API
Security fixes:
· [42765] Low Possible to navigate or close the top location in a sandboxed frame.
· [69187] Medium Cross-origin error message leak.
· [69628] High Memory corruption with counter nodes.
· [70027] High Stale node in box layout.
· [70336] Medium Cross-origin error message leak with workers.
· [70442] High Use after free with DOM URL handling
· [70877] High Same origin policy bypass in v8.
· [70885] [71167] Low Pop-up blocker bypasses.
· [71763] High Use-after-free in document script lifetime handling.
· [71788] High Out-of-bounds write in the OGG container.
· [72028] High Stale pointer in table painting.
· [73026] High Use of corrupt out-of-bounds structure in video code.
· [73066] High Crash with the DataView object.
· [73134] High Bad cast in text rendering.
· [73196] High Stale pointer in WebKit context code.
· [73716] Low Leak of heap address in XSLT.
· [73746] High Stale pointer with SVG cursors.
· [74030] High DOM tree corruption with attribute handling.
· [74662] High Corruption via re-entrancy of RegExp code.
· [74675] High Invalid memory access in v8.
March 4th, 2011· [Bug 74709] Clicking "Disable individual plug-ins" in Options causes crash
March 4th, 2011· This new build fixes the autofill related crash (Issue 74511).
March 4th, 2011· [Bug 74709] Clicking "Disable individual plug-ins" in Options causes crash
March 3rd, 2011· This release contains stability improvements and UI tweaks
March 2nd, 2011· This new build fixes the HTML5 issue (Issue 74451)
March 1st, 2011· Updated V8 - 3.1.6.1
· Accelerated compositing turned on by default (use --disable-accelerated-layers to disable).
· Fixed a bug affecting the bookmark manager and other extensions. (Issue 43448)
· FTP: fixed a compatibility issue. (Issue 72060)
· GPU acceleration and WebGL disabled for Windows XP
· Windows Restart Manager restores Chrome on update-triggered restarts. (Vista/2008+).
March 1st, 2011This release contains the following security fixes:
· [54262] High URL bar spoof.
· [63732] High Crash with javascript dialogs.
· [68263] High Stylesheet node stale pointer.
· [68741] High Stale pointer with key frame rule.
· [70078] High Crash with forms controls.
· [70244] High Crash in SVG rendering.
· [71114] High Stale node in table handling.
· [71115] High Stale pointer in table rendering.
· [71296] High Stale pointer in SVG animations.
· [71386] High Stale nodes in XHTML.
· [71388] High Crash in textarea handling.
· [71595] High Stale pointer in device orientation.
· [71717] Medium Out-of-bounds read in WebGL.
· [71855] High Integer overflow in textarea handling.
· [71960] Medium Out-of-bounds read in WebGL.
· [72214] High Accidental exposure of internal extension functions.
· [72437] High Use-after-free with blocked plug-ins.
· [73235] High Stale pointer in layout.
February 25th, 2011· This release contains stability improvements over the previous release.
February 24th, 2011· This release contains stability improvements and UI tweaks
February 18th, 2011· Updated V8 - 3.1.4.0
· Fixed the crash when loading tabbed options in some cases.
· Fixed a crash triggered when canceling a download. (Issue 70592)
· Fixed a crash triggered by form resubmissions. (Issue 70315)
· FTP: fixed a compatibility issue. (Issue 70394)
· XSS Auditor re-designed and enabled by default. It’s still experimental (and there are known bypasses), but we’re looking for feedback about false positives.
February 18th, 2011· New version of V8 - Crankshaft - which greatly improves javascript performance
· New settings pages that open in a tab, rather than a dialog box
· Improved security with malware reporting and disabling outdated plugins by default
· Password sync as part of Chrome Sync now enabled by default
· GPU Accelerated Video
· Background WebApps
· webNavigation extension API
February 11th, 2011· This release fixes a regression where IME clients could not attach to Flash (Issue 66605).
February 9th, 2011· Updated V8 - 3.0.12.12
· Update Flash - 10.2
· Many Crash fixes
· Background applications UI cleanup
· Additional settings UI cleanup
· Fix for differential installers not applying cleanly
· [r74051] Horizontal scroll should not move the options behind Settings. (Issue 71689)
· [r74060] No sound in extension with Chromium (Issue 57263)
February 9th, 2011· This release incorporates a new version of Flash (10.2), which is a security update
· High Stale pointer in animation event handling.
· [68120] High Use-after-free in SVG font faces.
· [69556] High Stale pointer with anonymous block handling.
· Medium Out-of-bounds read in plug-in handling.
· [70456] Medium Possible failure to terminate process on out-of-memory condition.
February 4th, 2011· Updated V8 - 3.0.12.8
· [73562] Removed icon from View Background Pages menu item in wrench menu. (Issue: 71489)
· [r73158] Fix crash on closing Download Manager (Issue: 71027)
· [r73207] Auto-scroll while drag and dropping apps on the New Tab Page (Issue: 70965)
· webNavigation extension API ready for testing (Issue: 60100)
February 4th, 2011· [55831] High Use-after-free in image loading.
· [59081] Low Apply some restrictions to cross-origin drag + drop.
· [62791] Low Browser crash with extension with missing key.
· [64051] High Crashing when printing in PDF event handler.
· [65669] Low Handle merging of autofill profiles more gracefully.
· [68244] Low Browser crash with bad volume setting.
· [69195] Critical Race condition in audio handling.
February 3rd, 2011· Flash player sandboxing has been re-enabled in this release.
February 1st, 2011· This build contains stability fixes and refinements to the new settings pages.
January 27th, 2011· This build primarily contains stability fixes from the previous dev channel release.
January 26th, 2011· This is primarily a stability/ minor bug fix release
January 21st, 2011· Updated V8 - 3.0.7.0
· Many polish changes and fixes for the new tabbed preferences dialog
· Several tweaks to Instant
· [r71435] Integrate about:sync with the new tabbed preference dialog (Issue: 69500)
· [r71519] Add “Save” and “Print” to the context menu of PDFs in frames (Issue: 50285)
January 19th, 2011· Due to stability issues Flash Player sandboxing has been put behind a flag for 9.0. Accelerated composting and WebGL will remain on. The remaining set of changes for this release constituted bug and stability fixes.
January 13th, 2011· [58053] Medium Browser crash in extensions notification handling. Credit to Eric Roman of the Chromium development community.
· [$1337] [65764] High Bad pointer handling in node iteration. Credit to Sergey Glazunov.
· [66334] High Crashes when printing multi-page PDFs. Credit to Google Chrome Security Team (Chris Evans).
· [$1000] [66560] High Stale pointer with CSS + canvas. Credit to Sergey Glazunov.
· [$500] [66748] High Stale pointer with CSS + cursors. Credit to Jan Tošovský.
· [67100] High Use after free in PDF page handling. Credit to Google Chrome Security Team (Chris Evans).
· [$1000] [67208] High Stack corruption after PDF out-of-memory condition. Credit to Jared Allar of CERT.
· [$1000] [67303] High Bad memory access with mismatched video frame sizes. Credit to Aki Helin of OUSPG; plus independent discovery by Google Chrome Security Team (SkyLined) and David Warren of CERT.
· [$500] [67363] High Stale pointer with SVG use element. Credited anonymously; plus indepdent discovery by miaubiz.
· [$1000] [67393] Medium Uninitialized pointer in the browser triggered by rogue extension. Credit to kuzzcc.
· [$1000] [68115] High Vorbis decoder buffer overflows. Credit to David Warren of CERT.
· [$1000] [68170] High Buffer overflow in PDF shading. Credit to Aki Helin of OUSPG.
· [$1000] [68178] High Bad cast in anchor handling. Credit to Sergey Glazunov.
· [$1000] [68181] High Bad cast in video handling. Credit to Sergey Glazunov.
· [$1000] [68439] High Stale rendering node after DOM node removal. Credit to Martin Barbella; plus independent discovery by Google Chrome Security Team (SkyLined).
· [$3133.7] [68666] Critical Stale pointer in speech handling. Credit to Sergey Glazunov.
January 12th, 2011· Updated V8 - 3.0.6.1
· Chrome no longer says "restart required" when there's no update (Issue 67478)
January 11th, 2011· Flash Player sandboxing has been restored for all platforms but XP as has accelerated composting and WebGL.
January 7th, 2011· Flash Player sandboxing has been restored, and accelerated composting and WebGL have been moved behind flags temporarily: --enable-accelerated-compositing and --enable-webgl respectively.
January 6th, 2011· Flash Player sandboxing has been temporarily moved behind a flag --enable-flash-sandbox.
December 17th, 2010All:
· Updated V8 - 3.0.2.1
· Updated WebKit - 534.15
Windows :
· Google Cloud Print sign-in interface is now out from behind a flag and can be found in Under the Hood (Issue 60092)
December 14th, 2010· [64-bit Linux only] [56449] High Bad validation for message deserialization on 64-bit builds. Credit to Lei Zhang of the Chromium development community.
· [60761] Medium Bad extension can cause browser crash in tab handling. Credit to kuzzcc.
· [63529] Low Browser crash with NULL pointer in web worker handling. Credit to Nathan Weizenbaum of Google.
· [$1000] [63866] Medium Out-of-bounds read in CSS parsing. Credit to Chris Rohlf.
· [$1000] [64959] High Stale pointers in cursor handling. Credit to Sławomir Błażek and Sergey Glazunov.
December 14th, 2010· This was primarily a crash fix release, in particular resolving a sync related crash issue (Issue: 57898).
December 13th, 2010· Primarily stability fixes and minor UI tweaks, no new features or functionality have been added.
December 3rd, 2010· [17655] Low Possible pop-up blocker bypass. Credit to Google Chrome Security Team (SkyLined).
· [55745] Medium Cross-origin video theft with canvas. Credit to Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR).
· [56237] Low Browser crash with HTML5 databases. Credit to Google Chrome Security Team (Inferno).
· [58319] Low Prevent excessive file dialogs, possibly leading to browser crash. Credit to Cezary Tomczak (gosu.pl).
· [$500] [59554] High Use after free in history handling. Credit to Stefan Troger.
· [Linux / Mac] [59817] Medium Make sure the “dangerous file types” list is uptodate with the Windows platforms. Credit to Billy Rios of the Google Security Team.
· [61701] Low Browser crash with HTTP proxy authentication. Credit to Mohammed Bouhlel.
· [61653] Medium Out-of-bounds read regression in WebM video support. Credit to Google Chrome Security Team (Chris Evans), based on earlier testcases from Mozilla and Microsoft (MSVR).
· [$1000] [62127] High Crash due to bad indexing with malformed video. Credit to miaubiz.
· [62168] Medium Possible browser memory corruption via malicious privileged extension. Credit to kuzzcc.
· [$1000] [62401] High Use after free with SVG animations. Credit to Sławomir Błażek.
· [$500] [63051] Medium Use after free in mouse dragging event handling. Credit to kuzzcc.
· [$1000] [63444] High Double free in XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
December 2nd, 2010· Ongoing work on IndexDB and GPU
· Tweaks/Fixes to Google Chrome Instant
· Extensions/Apps work
· Autofill related fixes
November 22nd, 2010· This release contains a number of stability and UI improvements
November 19th, 2010· GPU Related Fixes
· Crash Fixes
· Instant Fixes
· [r65953] Move click-to-play to about:flags. (Issue: 62091)
November 19th, 2010· This release contains a number of stability and UI improvements.
November 12th, 2010· This release contains a number of stability and UI improvements.
November 5th, 2010· This release contains a new version of Flash. The Dev channel for Mac has been updated to 9.0.572.0 which has a new version of Flash and fixes one of the top crashers (Issue: 61446)
November 5th, 2010· This release contains a number of bug fixes, as well as features like our new bundled PDF viewer, more sync services, and improved plug-in handling. This release also contains a new version of Flash.
November 4th, 2010· [51602] High Use-after-free in text editing. Credit to David Bloom of the Google Security Team, Google Chrome Security Team (Inferno) and Google Chrome Security Team (Cris Neckar).
· [$1000] [55257] High Memory corruption with enormous text area. Credit to wushi of team509.
· [$1000] [58657] High Bad cast with the SVG use element. Credit to the kuzzcc.
· [$1000] [58731] High Invalid memory read in XPath handling. Credit to Bui Quang Minh from Bkis (www.bkis.com).
· [$500] [58741] High Use-after-free in text control selections. Credit to “vkouchna”.
· [$1000] [Linux only] [59320] High Integer overflows in font handling. Credit to Aki Helin of OUSPG.
· [$1000] [60055] High Memory corruption in libvpx. Credit to Christoph Diehl.
· [$500] [60238] High Bad use of destroyed frame object. Credit to various developers, including “gundlach”.
· [$500] [60327] [60769] [61255] High Type confusions with event objects. Credit to “fam.lam” and Google Chrome Security Team (Inferno).
· [$1000] [60688] High Out-of-bounds array access in SVG handling. Credit to wushi of team509.
November 3rd, 2010Security :
· Require a user gesture when opening file choose dialog and make sure file choose dialog from invisible windows can not be displayed (Issue 58319)
Known Issues :
· REGRESSION: Windows media player for Firefox doesn't load - Issue 61603
· Regression:accelerated compositing slows down the whole machine - Issue 61520
· google.com/wave : "Page Unresponsive" dailog box appears - Issue 61533
· myspace.com : Cannot enter a character in Comments field - Issue 61513
October 30th, 2010· Various fixes for browser sign-in
· [r64308] Fix importing from Firefox on first run on Mac when it’s the default browser. (Issue 61112)
· Disable accelerated 2D canvas
October 27th, 2010· This release addresses a number of stability and polish issues found in the previous release.
October 22nd, 2010· about:labs moved to about:flags
· New Tab Page cleanup
· Various Chrome Frame fixes for non-en-US locales
October 20th, 2010· Hundreds of bug fixes
· An updated HTML5 parser
· File API
· Directory upload via input tag
October 13th, 2010· There were only a few minor fixes in this release, specifically around plugin loading and crashes.
October 13th, 2010· It contains a number of stability and other improvements. More details about the changes are available in the SVN revision log. If you find new issues, please let us know by filing a bug.
October 7th, 2010· Make it possible to completely hide sections in the NTP (hit close button that appears on hover of section header)
· Numerous stability fixes
October 2nd, 2010All:
· Fixed saving passwords containing non-ASCII characters (Issue 54065).
· Accelerated compositing and support for 3D CSS transforms enabled by default (Issue 54469)
· WebGL support enabled by default (Issue 54469)
· Regression fix: keep the download shelf visible when multiple sites are saved. (Issue 54149)
· Add a lab for the Page Info Bubble for Windows;
Windows:
· Fixed a problem with context menus where the presence of extension-added items prevented keyboard accelerators from working. (Issue: 54497
September 29th, 2010· This release focused on resolving minor bug fixes or crashes.
September 25th, 2010· This release focused on resolving minor bug fixes or crashes
September 23rd, 2010· This version contains a fix in V8 for direct loading of global function prototypes [V8 r5483].
September 18th, 2010· This version includes an updated version of the Flash Plugin with a fix for a security vulnerability.
· [$500] [55114] High Bad cast with malformed SVG. Credit to wushi of team 509.
· [55119] Critical Buffer mismanagement in the SPDY protocol. Credit to Ron Ten-Hove of Google.
· [$1000] [55350] High Cross-origin property pollution. Credit to Stefano Di Paola of MindedSecurity.
September 17th, 2010· This release focused on resolving minor bug fixes or crashes.
September 15th, 2010· [$500] [50250] High Use-after-free when using document APIs during parse. Credit to David Weston of Microsoft + Microsoft Vulnerability Research (MSVR) and wushi of team 509 (independent discoveries).
· [$1000] [50712] High Use-after-free in SVG styles. Credit to kuzzcc.
· [$500] [51252] High Use-after-free with nested SVG elements. Credit to kuzzcc.
· [Linux only] [51709] Low Possible browser assert in cursor handling. Credit to “magnusmorton”.
· [$500] [51919] High Race condition in console handling. Credit to kuzzcc.
· [53176] Low Unlikely browser crash in pop-up blocking. Credit to kuzzcc.
· [$500 x 2] [Mac only] [53361] Critical Fix bug 45400 properly on the Mac. Credit to Sergey Glazunov and “remy.saissy”.
· [$500] [53394] High Memory corruption in Geolocation. Credit to kuzzcc.
· [Linux only] [53930] High Memory corruption in Khmer handling. Credit to Google Chrome Security Team (Chris Evans).
· [54006] Low Failure to prompt for extension history access. Credit to “adriennefelt”.
September 9th, 2010· about:labs (Issue: 53399)
· Fewer wstrings in the bookmark code!
· Problems visiting http://localhost in various network configurations should be resolved (Issues: 42058, 49024, 32522).
September 8th, 2010· Failures when using autocomplete (issue 51727, 52940)
· Default search engine settings wiped out (issue 10913)
· Shift reload not working (issue 1906)
· Importing data from other browsers when chrome is set as default (bug 53655)
· Chrome can’t be made default browser when it already exists (bug 53656)
September 2nd, 2010· Updated UI
· Form Autofill
· Syncing of extensions and Autofill data
· Increased speed and stability
August 26th, 2010· [r56615] IP addresses typed into the omnibox now work when offline. (Issue: 39830)
August 21st, 2010· It contains additional stability fixes, UI updates, and an updated set of translations.
August 20th, 2010· [$1337] [45400] CriticalMemory corruption with file dialog. Credit to Sergey Glazunov.
· [$500] [49596] HighMemory corruption with SVGs. Credit to wushi of team509.
· [$500] [49628] HighBad cast with text editing. Credit to wushi of team509.
· [$1000] [49964] HighPossible address bar spoofing with history bug. Credit to Mike Taylor.
· [$2000] [50515] [51835] HighMemory corruption in MIME type handling. Credit to Sergey Glazunov.
· [$1337] [50553] CriticalCrash on shutdown due to notifications bug. Credit to Sergey Glazunov.
· [51146] MediumStop omnibox autosuggest if the user might be about to type a password. Credit to Robert Hansen.
· [$1000] [51654] HighMemory corruption with Ruby support. Credit to kuzzcc.
· [$1000] [51670] HighMemory corruption with Geolocation support. Credit to kuzzcc.
August 18th, 2010All:
· [r55669] Fixed some minor issues with css custom cursor rendering (Issue: 51709)
· Re-enable the link to disable individual plug-ins in a group. (Issue: 51597)
· [r55596] Fixed playback rate for WebM/VP8 on certain content. (Issue: 51014)
August 17th, 2010All :
· More UI Polish
· Stability Fixes
· [r55562] Re-enable the link to disable individual plug-ins in a group. (Issue: 51597)
August 14th, 2010· Late binding enabled for SSL sockets: High priority SSL requests are now always sent to the server first.
· Fixed focus problems with restoring from minimize (Issue 48917)
· Fixed Cannot add an address properly in the "AutoFill options" dialog box (Issue 50047)
· Several fixes and checks relating to syncing extensions (Issue 46516, Issue 49346, Issue 46516, Issue 49346, Issue 50567)
· Click-to-play is now behind the --enable-click-to-play command line switch.
· Fixed several issues with click-to-play (Issue 49686, Issue 49836)
August 12th, 2010· Updated UI
· Form Autofill
· Syncing of extensions and Autofill data
· Increased speed and stability
August 11th, 2010· This version contains an updated version of the Flash plugin.
August 7th, 2010· UI Updates
· Stability Fixes
· Launching Chrome after installing may not work correctly if other browsers are running and set as default
August 5th, 2010All Platforms :
· UI Updates
· Stability Fixes
· (Issue 49493) Fix some problems with SSL connections through HTTP proxies.
Windows:
· (Issue 49621) - some downloaded files are saved with double extension (ex: file.arj.arj)
July 31st, 2010· UI tweaks and clean up
· Additional stability fixes
July 29th, 2010· UI tweaks and clean up
· Additional stability fixes
July 27th, 2010Security fixes and rewards:
· Deployed workarounds for two critical vulnerabilities where the root cause lies in external components. Credit and $1337 to Marc Schoenefeld for enabling us to work around a Windows kernel bug [48283]. Credit and $1337 to Simon Berry-Byrne for enabling us to work around a glibc bug [48733].
· Memory contents disclosure in layout code. Credit to Michail Nikolaev.
· Issue with large canvases. Credit to sp3x of SecurityReason.com.
· Memory corruption in rendering code. Credit to Jose A. Vazquez.
· Memory corruption in SVG handling. Credit to Aki Helin of OUSPG.
· Avoid hostname truncation and incorrect eliding. Credit to Google Chrome Security Team (Inferno).
July 22nd, 2010· Chromium stops saving files for any large downloads
· Fix crash with SSL client auth
· Option clicking a link now saves a resource directly without triggering a “Save As...” dialog
July 16th, 2010· Late binding enabled for SSL sockets: High priority SSL requests are now always sent to the server first.
· The extension api “chrome.idle” has moved out of experimental and now has its own permission: “idle”.
· Fixed crash with SPNEGO authentication on intranet sites.
July 9th, 2010All:
· InfoBar should not be shown when the user first submits a form
. (Issue: 47426)
· AutoFill should continuously update profile data as the user submits forms with new data
AutoFill: Aggregate profile data. Remove the AutoFill InfoBar. Remove more remnants of shipping address and CVV. (Issue: 47423)
· When editing a field in a previously auto-filled form, only display unique suggestions
AutoFill: Remove duplicate suggestions when providing suggestions for a field (Issue: 47436)
· Enabling sync freezes Chromium
Remove NIGORI from the sync routing info. (Issue: 47766)
Windows :
· Chrome unable to start if other FFmpeg DLLs are present on the system (Issue: 35857)
July 5th, 2010· Consolidated menu is on by default
· Show preview images when dragging images.
· Printing from the built-in PDF plugin now prints vectors instead of pixels.
· Fix avutil-50.dll entry point not found error by limiting the DLL search path when loading FFmpeg binaries (Issue 35857)
June 25th, 2010· PDFs are now shown centered.
· [r50274] Ctrl-clicking links opens them to the right of the current tab again (Issue 46917)
June 25th, 2010· [38105] Medium XSS via application/json response (regression). Credit to Ben Davis for original discovery and Emanuele Gentili for regression discovery.
· [43322] Medium Memory error in video handling. Credit to Mark Dowd under contract to Google Chrome Security Team.
· [43967] High Subresource displayed in omnibox loading. Credit to Michal Zalewski of Google Security Team.
· [45267] High Memory error in video handling. Credit to Google Chrome Security Team (Cris Neckar).
· [$500] [46126] High Stale pointer in x509-user-cert response. Credit to Rodrigo Marcos of SECFORCE.
June 24th, 2010· The integrated flash player has been re-enabled by default.
June 18th, 2010· [r49492] Detach Reload from omnibox, combine with Stop, and eliminate Go. (Issue: 45745).
· [r49712] Implemented initial version of extension syncing. (Issue (with instructions on how to enable): 32413, but see 46742).
· The onChanged event is now working in the extensions experimental cookies API.
June 10th, 2010All:
· No preview is seen in empty form fields when Autofill profile is in focus. (Issue 38582)
Chrome Frame :
· Fixed sad-tab showing briefly during switch to Chrome Frame. Sometimes, navigating to a page in Chrome Frame within IE would display the sad tab page briefly until the navigation was initiated from IE.
June 9th, 2010· [15766] Medium Cross-origin keystroke redirection. Credit to Michal Zalewski of Google Security Team.
· [$2000] [39985] High Cross-origin bypass in DOM methods. Credit to Sergey Glazunov.
· [$500] [42723] High Memory error in table layout. Credit to wushi of team509.
· [Linux only] [43304] High Linux sandbox escape. Credit to Mark Dowd under contract to Google Chrome Security Team.
· [43307] High Bitmap stale pointer. Credit to Mark Dowd under contract to Google Chrome Security Team.
· [43315] High Memory corruption in DOM node normalization. Credit to Mark Dowd under contract to Google Chrome Security Team.
· [43487] High Memory corruption in text transforms. Credit to wushi of team509.
· [43902] Medium XSS in innerHTML property of textarea. Credit to sirdarckcat of Google Security Team.
· [44740] High Memory corruption in font handling. Credit: Apple.
· [44868] High Geolocation events fire after document deletion. Credit to Google Chrome Security Team (Justin Schuh).
· [44955] High Memory corruption in rendering of list markers. Credit: Apple.
June 4th, 2010· VP8/WebM support has been added
· Crash when changing networks or waking from sleep
May 26th, 2010· [7713] Medium Canonicalize URLs closer to the Safe Browsing specification. Credit to Brett Wilson of the Chromium development community.
· [16535] High Possible URL bar spoofing via unload event handlers. Credit to Michal Zalewski, Google Security Team.
· [30079] Medium Memory error in Safe Browsing interaction. Credit to Google Chrome Security Team (SkyLined).
· [39740] Medium Bypass of whitelist-mode plugin blocker. Credit to Darin Fisher of the Chromium development community.
· [41469] Medium Memory error with drag + drop. Credit to kuzzcc.
· [42228] High Incorrect execution of Javascript in the extension context. Credit to Andrey Kosyakov of the Chromium development community.
· In addition, we fixed a range of minor issues such as non-exploitable crashes, hangs and other annoyances. Credit to Sumit Gwalani; Google Security Team, sirdarckcat; Google Security Team, Google Chrome Security Team (Inferno), Carlos Ghan, WHK; elhacker.net, x41, Aki Helin; OUSPG, Jordi Chancel, kuzzcc, Robert Swiecki; Google Security Team, Tavis Ormandy; Google Security Team and Florent; Skyrecon Systems.
· Also, we would like to extend our thanks to the following people who helped find bugs so we could fix them before they ever affected the stable channel: Robert Swiecki; Google Security Team, Alexey Proskuryakov; Apple, Florian Rienhardt; BSI, and Ben Davis.
May 24th, 2010· A minor stability fix.
May 21st, 2010· Don't remember incognito zoom changes
May 21st, 2010· This release contains some minor crash and stability fixes, in addition, we have also temporarily put our internal version of Flash Player back behind a flag. We plan on re-enabling our internal version of Flash Player by default on the beta channel in the near future.
· We have also fixed a regression so that we no longer remember incognito zoom changes (Issue: 43107)
May 15th, 2010All:
· Don’t prepend scheme on copying an incomplete hostname. (Issue 43585)
Windows:
· Much better display/eliding of RTL and mixed-direction strings in the omnibox dropdown. (Issue 41716)
May 11th, 2010· In addition to crash and stability fixes, this release also includes a localization refresh of our strings
May 7th, 2010· The toolbar, omnibox and other UI changes reverted for Chrome 5 have been restored in this build.
· Fixed bug related to scheme stripping that could cause URLs of the form "http://ftp.foo.com" to be misnavigated, by not stripping the scheme in this case.
· Many bugs fixed relating to stripping "http://" and its interaction with the clipboard. Chrome should now prepend schemes onto the pasted text in a variety of situations.
May 5th, 2010· HTML5 Features: Geolocation, App Cache, web sockets, file drag-and-drop.
· Integrated Flash Player Plugin
· V8 performance improvements
· Preferences synchronization
· NaCl behind a flag
April 29th, 2010· this was a crash fix release
April 28th, 2010This release fixes the following issues:
· Google Chrome was not using the correct path for the Java plugin for Java Version 6 Update 20.
· 4.1.249.1059 was much slower on JavaScript benchmarks than 4.1.249.1045. (Issue 42158)
This release also fixes the following security issues:
· Please see the Chromium security pagefor more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
· [$1000] [40445] High Cross-origin bypass in Google URL (GURL). Credit: Jordi Chancel.
· [40487] High Memory corruption in HTML5 Media handling. Credit: David Bloom of Google Security Team.
· [$500] [42294] HighMemory corruption in font handling.Credit: wushi of team509.
April 23rd, 2010All:
· Disabled profile based Autofill (this will return in a future release)
· Various UI features related to the url bar/ omnibox have been removed from this release (e.g. http:// truncation, star icon, etc...)
· We are currently examining ways to address the usability issues that were raised and plan to reintroduce in a future release
· Various crash fixes
Windows:
· We have restored the shortcuts for the bookmarks bar and bookmarks manager (Ctrl+B and Ctrl+Shift+B respectively)
April 20th, 2010· [$500] [39443] High Type confusion error with forms. Credit: kuzzcc.
· [39698] High HTTP request error leading to possible XSRF. Credit: Meder Kydyraliev, Google Security Team.
· [40136] Medium Local file reference through developer tools. Credit: Robert Swiecki, Google Security Team; Tavis Ormandy, Google Security Team.
· [40137] Medium Cross-site scripting in chrome://net-internals. Credit: Robert Swiecki, Google Security Team; Tavis Ormandy, Google Security Team.
· [40138] High Cross-site scripting in chrome://downloads. Credit: Robert Swiecki, Google Security Team; Tavis Ormandy, Google Security Team.
· [40575] Medium Pages might load with privileges of the New Tab page.
· [$500] [40635] High Memory corruption in V8 bindings. Credit: kuzzcc; Google Chrome Security Team (SkyLined); Michal Zalewski, Google Security Team.
April 13th, 2010· Flash enabled by default
· Implement patterns for content setting exceptions.
· A nicer looking video scaling algorithm is now used
April 9th, 2010· Geolocation support (Issue 11246 and many others)
· Fixed bug where HTML5 audio/video elements stopped firing timeupdate events (Issue 25185)
· WebGL is running inside the sandbox under the --enable-webgl flag (i.e. this no longer requires the --no-sandbox flag to run). Browsing with the --no-sandbox is dangerous and we strongly recommend that you not do it.
· Changes to the Omnibox (e.g. the bookmark star has moved, icon changes, etc...)
April 7th, 2010· This update fixes issue 38220: some extensions cannot be installed.
April 2nd, 2010· Fixed a bug with incognito extensions like RSS Subscription.
· Will no longer automatically offer to translate in incognito mode.
· Fix file upload code to not hang the HTTP session when the file is unreadable.
March 31st, 2010This release fixes two issues:
· Fix to prevent crashes with the LastPass extension (Issue 38857)
· Add the option to disable 'Offer to translate pages that aren't in a language I read' in Options > Under the Hood
March 30th, 2010This release includes:
· An integrated Adobe Flash Player Plug-in. We're integrating Adobe Flash Player 10.1.51.95 (10.1 beta 3) with Google Chrome so that you don't have to install it or worry about keeping it up-to-date. See the blog post on the Chromium blog for more details.
· To use the bundled Flash Player plug-in, add --enable-internal-flash to your command line or shortcut for starting Google Chrome.
· A basic plug-in manager. The about:plugins page now lets you disable any plug-in from loading on all web pages. See the Known Issues section: this doesn't work in all cases yet if you already have Adobe Flash Player for Windows Firefox, Safari, or Opera installed.
Known Issues:
· On Windows, if you have Adobe Flash Player for Windows Firefox, Safari, or Opera installed, the Flash plug-in will still work in some cases even if you decline the license agreement (when using --enable-internal-flash) or disable the Flash plugin from about:plugins. We're working on it.
· If you disable (or enable) a plugin on about:plugins, your change does not take effect until you restart Google Chrome.
· There is no bundled Adobe Flash Player plug-in for 64-bit Linux.
March 27th, 2010· Tabbed bookmark manager (Issue 4890)
· Several Translate improvements
· Fixed several AutoFill features (Issues 38218, 38009, 38538, 38104, 38681)
· Fixed long timeout when navigating away from slow pages (Issue 11007)
· Updated libpng for CVE-2010-0205
March 27th, 2010Security issues fixed:
· Don't store non-text fields in the local Web Data database
March 24th, 2010· This release fixes an issue with some extensions not installing from the Google Chrome extensions gallery
March 20th, 2010· We have released Google Chrome 5.0.356.2 to the Dev channel on Windows and Mac to fix an issue where dragging anything with your mouse would freeze the tab. See issue 38414.
March 19th, 2010· All
· Form autofill enabled by default for new profiles. (Issue: 37466)
· Windows
· [r40376, r40570, r40955, r41171] Crash Fixes (Issues: 36280, 31723, 37674, 37698)
· Chrome Frame
· [r41754] Chrome frame should use "parentNode" instead of "parentElement" to get the DOM
· [r41595] Better integration with host (InternetExplorer) popup blocker. (Issue: 34823)
· Known Issues
· Cannot drag anything (text or images) in a content area. For example, dragging a thumbnail on the new tab page hangs the page. (Issues: 38414, 38556)
March 17th, 2010· Translate infobar.
· Privacy features: content settings (cookies, images, JavaScript, plug-ins, pop-ups).
· Disabling experimental new anti-reflected-XSS feature called "XSS Auditor". The feature is still experimental, and we're disabling it while we look into some serious performance issues in rare cases. Please see this post for more details about what the XSS Auditor is.
March 17th, 2010· A lot of improvements to the bookmark bar on the Mac.
· Note that there’s still an issue with folders with a lot of bookmarks. When you open the folder on the bookmarks bar, the list may extend below the bottom of the screen and you won’t be able to access the bookmarks at the bottom. A fix is coming soon. A workaround is to use the bookmark menu in the menu bar.
· A lot of improvements to the quality of form Autofill.
March 16th, 2010Release highlights:
· Cookies improvements [Issues 37571, 37350, 37922]
· Translate infobar [UMA, 37734]
March 12th, 2010· All: Form auto-fill is not enabled by default (Issue 37466) - Fixed on Trunk
· Windows: Browser crashes on quiting with Authentication dialog opened (Issue: 37698) - Fixed on Trunk
· Linux: Chromium Bookmark Sync Not Working (Issue: 36460)
March 11th, 2010This release fixes a few UI and installer issues:
· Installer [37410]
· UI [36879]
March 6th, 2010This release fixes a few UI and stability issues:
· Cookie Manager [34886, 35589, 36310]
· Translate infobar [36895, 36066]
· Pref improvements [36929]
March 5th, 2010All:
· Extension content scripts no longer run multiple times after fragment (ie #hash) navigations (Issue:35924)
Early version of Geolocation API now available with following caveats:
· To enable, run the browser with --enable-geolocation
· Wifi based location is only supported on Windows and Mac (not OSX 10.6 for now)
· Permissions are not persisted (will re-prompt every time) and associated UI is incomplete.
Known Issues:
· Google Chrome Crashes when trying to open Gmail offline (issue: 37035)
· Linux
· Chrome crashes when setting prompt for cookies/data (Issue: 37426)
· The "Show details" link on cookie/data prompt doesn't work (Issue: 37428)
March 2nd, 2010· This update has some new features that we wanted you to be able to try before Chrome 5 is ready, so we created Chrome 4.1.
· The new features are
· Automatic translation of web pages
· More content settings to let you control whether web sites can store cookies, load images, use plug-ins, run JavaScript or show pop-ups. You can find these new settings in under Options > Under the hood > Privacy.
February 26th, 2010· Update: Windows has been updated to 5.0.335.1 to resolve the crash related to dragging.
February 25th, 2010· All
· Support "cache-bypassing reload"; this is hooked to various accelerators on different platforms (e.g. shift-reload, ctrl-reload, etc.) (Issue 1906)
· [r38877, r39018, r39040, r39133, r39346, r39524] Fix numerous issues relating to new Content Settings functionality (Issues 34633, 34668, 35011, 35775, 36021)
· [r39285] Fix crash when alert() is called from extension popup (Issue 33698)
· [r39365] When a single tab is open, "Close other tabs" context menu option should be grayed out (Issue 35576)
· [r39381] Remove all infobars from a tab when its renderer crashes (Issue 36035)
· [r39412] Fix crash adding/deleting bookmark/folder when browser sync is on and the network is not available (Issue 36200)
· [r39670] Do not send extra blur and focus events if popup menu is showing (Issue 23499)
· [r39682] Fix crash when dragging bookmarks (Issue 36473)
· Windows
· [r39328, r39564] Fix issues relating to new Content Settings functionality (Issue 35118, 36079)
· [r39408] Fix a crash when installing an extension from incognito mode (Issue 36077)
· [r39461] Fix star button theming (Issue: 35028)
· [r39676] "Remove" and "remove all" buttons in cookie manager should not be enabled when nothing is selected (Issue 34886)
February 13th, 2010All:
· [r38242] Don't crash when a theme specifies a nonexistent image. (Issue: 31719)
Native Client:
· Platform-independent NPAPI extensions for 2D, 3D, and mouse/keyboard events are now available.
Extensions:
· [r38239] Don't crash when extensions use cookie. (Issue: 34649)
· [r38407] Preserve order of browser actions across extension autoupdate. (Issue: 33401)
· Implemented overflow and reordering of browser actions (this was actually in the last update, but missed the release notes)
· Known Issues
· All: Chrome doesn't show popup blocker bubble (Issue: 35594)
February 11th, 2010· [12303] [29914] Low DNS and fall-back behavior of proxies. Credit to Eric Roman of the Chromium development community and Christopher Eatinger.
· [31009] High Integer overflows in the v8 engine. Credit to Mark Dowd, under contract to Google Chrome Security Team.
· [31692] High Error processing tag. Credit to Google Chrome Security Team (SkyLined).
· [32309] Medium Leak of redirection target via href.
· [$500] [32718] Medium Domain confusion populating HTTP authentication dialog. Credit to Timothy D. Morgan of VSR (www.vsecurity.com).
· [32915] High Integer overflow deserializing sandbox message. Credit to Mark Dowd, under contract to Google Chrome Security Team.
February 6th, 2010· All
· [r37939] (Windows/Linux) Do not select a word by right-click on an editable field in a web page (Issue: 8841)
· [r37411] (Extensions) Adds a new experimental processes module to the extensions API. (Issue: 32303)
· Windows
· Integrated page level language translation.
· Added new privacy management tools, under "Options->Under the Hood->Content settings..." which all for better management of images, JavaScript, plugins, and popups.
· Known Issues
· Automatic translation does not work for Chinese language sites (Issue: 43803)
· Uninstall problem on Google Chrome and Chromium (Issue: 34652)
· Crashes following the installing of a current Beta/Stable release after an uninstall (Issues 34794, 34688).
· Multiple exceptions can occur, related to the Content Settings UI. (Issue: 34692)
· When "Ask me ..." is set, cookies are still set without asking. (Issue: 34693)
· Pop-up settings changed in bubble are not saved. (Issue: 34781)
January 30th, 2010· Windows
· [r37023] Use default downloads directory on Vista and Windows 7 (except where it is the desktop) (Issue: 13610)
· [r36938 and others] Start work on Content Settings window and sub-dialogs (Issue: 32719)
January 25th, 2010· Extensions
· Bookmark sync
· Enhanced developer tools
· HTML5: Notifications, Web Database, Local Storage, WebSockets, Ruby support
· v8 performance improvements
· Skia performance improvements
· Full ACID3 pass, due to re-enabled remote font support (with added defense against bugs in operating system font libraries)
· HTTP byte range support
· New security feature: "Strict Transport Security" support
· Experimental new anti-reflected-XSS feature called "XSS Auditor"
Security Fixes:
· Please see the Chromium security pagefor more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
· [3275] LowPop-up blocker bypass. Credit to Google Chrome Security Team (SkyLined).
· [9877] MediumCross-domain theft due to CSS design error. Credit to Chris Evans of the Google Security Team.
· [12523] MediumBrowser memory error with stale pop-up block menu. Credit to Jacob Balle and Carsten Eiram, Secunia Research.
· [20450] LowPrevent XHR to directories. Credit to the Chromium development community.
· [23693] LowEscape more characters in shortcuts. Credit to Michal Zalewski of the Google Security Team and, independently, Inferno of SecureThoughts.com.
· [8864] [24701] [24646] HighRenderer memory errors drawing on canvases. Credit to Michal Zalewski of the Google Security Team and Google Chrome Security Team (SkyLined).
· [28566] HighImage decoding memory error. Credit to Robert Swiecki of the Google Security Team.
· [29920] LowCorner case failure to strip Referer. Credit to the Chromium development community.
· [30666] HighCross-domain access error. Credit to Tokuji Akamine, Senior Consultant at Symantec Consulting Services.
· [31307] HighBitmap deserialization error. Credit to Mark Dowd, under contract to Google Chrome Security Team.
· [31517] LowBrowser crash with nested URL.
January 25th, 2010· Windows has been updated to 302.3 to fix the crashes related to issue 32648 on Windows XP.
January 23rd, 2010· [r36632] We now only use our own FTP parsing code; please file bugs if you encounter any problems while navigating FTP sites. (Issue: 25520)
January 22nd, 2010· [r36079] Updated UI translations.
· [r36694] A crash which occurred, on Windows XP, when the translation extension was installed. (Issue: 32648)
January 12th, 2010· The addition of internationalization support for extensions http://code.google.com/chrome/extensions/trunk/i18n.html.
· [r34858] Adds a right-click context menu for Browser Actions and Page Actions. (Issue: 29538)
· [r35233] Disables content scripts in Incognito mode. (Issue: 21392)
· [r35663] Preventsextension popups from being dismissed when the focus changes from a child window of the popup, as it is the case with select popups.(Issue: 28110)
· [r35681] Enforces minimum version from the extension manifest. (Issue: 24737)
January 6th, 2010· [r33999] Fixed an issue which caused html5 audio/video content to not load. (Issue: 25859)
· [r34122] Fixed a bug where content scripts would get run twice in some cases. (Issue: 29644)
December 17th, 2009· The Beta channel has been updated to 4.0.249.43 for Linux, Windows and Mac. It was cut at r34532. The release includes stability improvements for Linux and Linux, Windows and Mac.
· All platforms
· Fixed several common crashes
· Windows and Linux
· Fix bug 28795 - Added a notification says "xxx is synched." if you are already synced and click that button.
December 14th, 2009· r31694 fixes a crash while typing in the omnibox (issue 20511).
· r32474 fixes a crash while playing mp4 videos with odd sizes, such as 1366x768 (issue 27675).
December 12th, 2009· Initial implementation of the HTML5 sandbox attribute for iframes [WebKit@51577]
· [r33376] Copying an image from a web page and pasting into Gmail now works (Issue: 27708)
· Spellchecker moved to renderer. (Issue: 25677)
· [r33803] Fixed download dialog truncation in German locale. (Issue: 23178)
· [r33855] Fixed options panel truncation in various locales. (Issue: 24821)
· [r33793] Implement keyboard access between bookmarks and main toolbar. (issue 3510 issue 8329 issue 10942 issue 15228 issue 21211).
December 8th, 2009· In addition to introducing our first Beta versions on Mac and Linux, this update introduces Google Chrome extensions on Windows and Linux. This release is the same as 4.0.249.25 with a fix to make the HTML video tag work.
December 4th, 2009· All
· [r33602] Delete old version directories of installed extensions during garbage collection. (Issue: 28884)
· Win
· Fixes for two top crashes. (Issues: 28994 and 27068)
December 3rd, 2009· All
· [r33013] Disable --enable-user-scripts. (Issue: 27520)
· NOTE: You can now install user scripts by navigating to them. You will have to reinstall your current scripts (they aren't migrated).
· [r33086] Remove toolstrips API. (Issue: 24475)
· [r32875] Turn on HTML5 DBs by default.
· Known Issue
· [MAC] (Issue: 29121) If a user clicks "Set Up Automatic Updates for All Users" and later clicks "Update Now" from the About Box, an error 12 will be displayed. The product is updated successfully; restarting the browser will apply the update.
November 24th, 2009· Windows
· Make the char encoding indicator visible again on Windows (Issue: 26438).
· Extensions
· Extension popups shrink when their contents shrink. (Issue: 26471)
November 20th, 2009· All Platforms
· Fixed - Issue 27897: [Extension] Some extensions crash after installing 4.0.249.0
· Fixed - Issue 27900: [Extension] Reload on crash infobar causes more crashes
· Windows
· Fixed top windows crasher.(Issues: 27856, 28096)
· Fixed a crashing race condition in bookmark synchronization. (Issue: 2325)
· Make the character encoding indicator visible again on Windows. (Issue: 26438)
· Extensions
· Tab traversal in popups fixed on Windows, also a few other focus-related bugs. (Issues: 22654, 28086, 28087)
Known Issues:
· Issue 27902: [Extension] Extension link on new tab page doesn't work properly
November 17th, 2009· All Platforms
· [r31779] Introduced Timeline and Storage panels in Chrome's Developer
· Tools
· Windows
· Covered by All Platforms and Extensions.
· Extensions
· [r32008] Mostly fixes black flashing that happens during popup resize. (Issue: 25459)
· [r31996] Re-enable database storage for extensions. (Issue: 27216)
· [r31844] Fix a crash in ExtensionMessageService when a source renderer closed. (Issue: 27554)
· [r31840] Fix a crash in BrowserActionButton::OnImageLoaded. (Issue: 27167)
· [r31826] Fix a crash in ExtensionsService::ReloadExtension (Issue: 27199)
Known Issues:
· Issue 27897: [Extension] Some extensions crash after installing 4.0.249.0
· Issue 27900: [Extension] Reload on crash infobar causes more crashes
· Issue 27902: [Extension] Extension link on new tab page doesn't work properly
November 13th, 2009· All Platforms
· [r31412] Kiosk Mode implementation. (Issue: 23145– doesn't work on OS X yet)
· Windows
· Update covered by extensions and all platforms.
· Extensions
· [r31157] Don't reload extensions management page to refresh after install/uninstall/disable (Issue: 26163)
· [r31179] User scripts not installed depending on download settings (Issue: 26801)
· [r31204] Implement alert(), prompt(), and confirm() for extensions (Issue: 12126)
· [r31285] Installed extensions should not have the 'reload' option (Issue: 26901)
· [r31335] Make inspector for background page stay open across reloads (Issue: 25287)
· [r31365] Add an info bubble after extension installation (Issue: 21412)
· [r31540] Added a confirmation on extension uninstallation. (Issue: 27162)
Known Issues:
· Crash when closing a browser window when page action extensions are installed on Linux. (Issue: 25558)
· Crash when clicking on the "Reload" button on the extension crashed info bar (Issue: 27199).
· WebDatabase has been temporarily disabled.
November 13th, 2009Security Fix:
· CVE-2009-2816 Custom headers incorrectly sent for CORS OPTIONS request
· A malicious web site operator could set custom HTTP headers on cross-origin OPTIONS requests.
November 7th, 2009· The focus on this release has been feature polish, stability improvement, and extensions work.
· Extensions
Lots of work to polish and stabilize the browser and page action APIs:
· [r29556] Add badge text color API. Also change color APIs from ARGB to RGBA (breaking change, sorry!)(Issues: 24635, 24644, 25215)
· [r29152, r29785] Browser actions (buttons, popups) are now implemented. (Issue: 23882, 23897)
· [r29997] Add support for tab-specific state to browser actions. Also, fix the bug where only the first call to setIcon() works. (Issues: 24669,24472)
· [r30346] Constrain browser action popups to a min/max size. Also fix some glitches in popup sizing. (Issue 25214)
· [r30499] Use a better signature for the new page actions API (chrome.pageAction.* instead of chrome.pageActions.*). This is technically a breaking change, but hopefully not too many people had gotten around to using the new API yet. (Issue 25833)
· [r29665] Remove toolstrips on linux. They were causing lots of crashes and are going away soon anyway. (Issue 25106)
· [r29911] Add chrome.extension.sendRequest() -- a simpler way to do content script messaging. (Issue 23865)
· [r30341] Add new event chrome.tabs.onStatusChange. This makes the common case of wanting to know when tabs load much easier. (Issue 21729)
Other miscellaneous cleanup:
· [r29498] Correctly handle reloading in the task manager (Issue 18693)
· [r29555] Fix bug where content scripts did not always apply to first page load (Issue 11547)
· [r29714, r29922, r29935, r30219] Various cleanup for the extension management page (Issues 12119, 25509, 25471)
· [r30091] Improve install UI on mac (Issue 19654)
· [r30312] Filter out hidden files when loading and packing extensions (Issue 23004)
· [r30326] Copy chrome.extension.getTabContentses() to chrome.extension.getExtensionTabs(). Nobody liked the old name. (Issue 21433)
· [r30384] Use the puzzle piece as the default extension icon. (Issue 25906)
· [r30481] Hide the theme install bubble a little earlier. It was overlapping with the install dialog on linux. (Issue 26130)
Known Issues:
· [r26861] - Autocomplete/ select box values are not being correctly populated in Linux. As a work around you can use the up/down arrow keys to view the current selection.
· [r26600] - Task bar icon in Windows does not update/ display correctly.
November 5th, 2009The stable channel has been updated to 3.0.195.32, and includes the following security and stability fixes:
· Resolved a history issue that affected going back from queries in Google Maps. (Issue: 21353)
· Fixed issue with Adobe Acrobat Reader 9.2, where no content would be displayed. (Issue: 24883)
· Fixed an infinite loop in acc decoding. (Webkit Issue: 27239)
· Fixed a top crasher. (Issue: 22205)
· Fix issues where setInterval sometimes eating 100% CPU. (Issue: 25892)
Security Fixes:
· CVE-2009-XXXX User not warned for some file types that can execute JavaScript
· The user was not warned about certain possibly dangerous file types such as SVG, MHT and XML files. In some browsers, JavaScript can execute within these types of files. Because the JavaScript runs in the local context, it may be able to access local resources.
· More info: http://code.google.com/p/chromium/issues/detail?id=23979
· (This issue will be made public once a majority of users are up to date with the fix.)
· Severity: Medium
· Credit: Inferno of SecureThoughts.com
Mitigations:
· A victim would need to visit a page under an attacker's control.
· The victim would furthermore need to open a malicious file.
· CVE-2009-XXXX Possible memory corruption in the Gears plugin
· A malicious site could use the Gears SQL API to put SQL metadata into a bad state, which could cause a subsequent memory corruption. This may lead to a Gears plugin crash or possibly arbitrary code execution.
· More info: http://code.google.com/p/chromium/issues/detail?id=26179
· (This issue will be made public once a majority of users are up to date with the fix.)
· Severity: High
· Credit: This issue was found by the Google Chrome security team.
Mitigations:
· A victim would need to visit a page under an attacker's control.
· The victim would furthermore need to "click-through" the Gears dialog confirming that they trust the attacker's evil page.
November 3rd, 2009· The Beta Channel is being updated to 4.0.223.16 which is our first Beta release for 4.0. This release includes many bug fixes and for the first time Bookmark Sync is enabled. Extensions are disabled until the final API changes arrive. Please use the dev channel for the latest extension API.
October 24th, 2009· This release fixes a crash when running extensions like the Subscribe in Feed Reader sample.
· It also fixes a problem in Google Calendar where overlapping calendar items were invisible because they were being displayed with 0 width.
October 16th, 2009· Extensions
· [r28095] Extensions loaded "Load unpacked extension" (and --load-extension) will no longer change id's when they're reloaded (Issue: 21281)
· Browser Actions (windows only at the moment)
· [r28130, r28136] Can now set an image dynamically with an ImageData from a canvas. (Issue:23269)
· [r28115] Can close popups using window.close. (Issue: 23832)
· [r28187] Popups now have a bubble border. (Issue: 23833)
· some sample extensions converted to use browser actions. (gmail checker, buildbot, mappy)
· a number of other misc bug fixes.
· [r28135] Extension packing now works on Linux and Mac. (Issue: 20669)
October 13th, 2009· Fixed an issue where menu items for certain Indian languages were not properly visible. (Issue: 18042)
· Add support to blacklist the faux www.paypal.com certificate. (Issue:24038)
· Added NTLMv2 support on Windows. (Issue: 14206)
· FFmpeg files now properly have NX/DBCompat enabled. (Issue: 23189 - Will be made public once this release is fully deployed)
· V8 crash fix. (Issue: 22913)
October 8th, 2009· All
· Theme change should automatically update New Tab Page background again. [r27841] (Issue: 20392)
· Extensions
· More features for browser actions (still in progress, still Windows-only)
· badges [r27951] (Issue: 23268)
· popups [r27889] (Issue: 23596)
· Fix bug on Linux where directory cruft was accidentally created. (Issue: 23327)
· Known Issues
· Linux: Google Chrome fails to collect zombie processes from closed tabs. (Issue: 23778)
· Mac: Bookmark bar looks weird, and hurts you when you resize the window (hit cmd-shift-b twice after window resizing as workaround).
October 6th, 2009· The beta and stable channels have been updated to 195.25. This release includes only a single change that adds an image link to the new tab page which directs new users to the themes gallery.
October 3rd, 2009· All Platforms
· [r27300] Remove "Remove Item" from download item context menu. (Issue: 23078)
· [r26976] Omnibox now understands Zeroconf .local hosts. (Issue: 19957)
· Windows
· [r27445] Native Client is now built into the renderer but disabled by default. For info on how to enable please see this page.
· Extensions
· [r27599] Extensions menu item now in 'wrench' menu. (Issue 22883)
· [r27319] Introduce Browser Actions. (Issue 22099 and others) (still a work in progress)
· [r27163] Implemented extension packing on Linux.
· [r27290] Toolstrip dragging now restricted to extension shelf.
· [r27262] Themes and extensions now install if you have "ask for destination" option set in download options.
· [r27376] Content scripts can now see their own functions in setTimeout.
· [r27440] Fix crash when using non-extension iframe.
· [r27393] Some initial i18n API (still a work in progress). (Issue: 12131)
October 1st, 2009· CVE-2009-0689 dtoa() error parsing long floating point numbers
· The v8 engine uses a common dtoa() implementation to parse strings into floating point numbers. We have applied a patch to fix a recent bug in this component.
· Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.
· Credit: Original discovery by Maksymilian Arciemowicz of SecurityReason. The Google Chrome security team determined that Chrome was affected.
September 29th, 2009· A fix to two significant history related crashing bugs 16591 and 21377.
· A fix where PAC scripts would fail to parse if they ended with a comment and no new line 22864.
· Corrected an issue where tabs would flash,for a split second, if multiple tabs were opened at the same time 20831.
· Fixed an issue which prevented proper logins to CNET 22181.
September 25th, 2009· All Platforms
· [r26815] New-FTP: Requires re-authentication when navigating around. (Issue: 21184)
· [r26860] [DEPS] Move FTP LIST parsing code to the renderer process, limiting potential damage from security issues.
· Windows
· Issues with drop down select boxes fixed.
· [r26359] BiDi-language filenames now displayed correctly in download shelf. (Issue: 10860)
· Extensions
· [r26526] Fix crashy toolstrips. (Issues: 22070, 22135)
· [r26532] Audio and video tag doesn't work for extension resources. (Issue 22152)
· [r26685] Fix an issue where we do not initiate the extension install UI with certain combinations of HTTP headers.
· [r26556] Introduce chrome.tabs.executeScriptInTab() and chrome.tabs.insertCSSInTab(). (Issue: 12465)
· [r26706] Hide the mole handle by default. (Issue: 15494)
· [r26658] Remove the right-click devtools behavior. (Issue: 20634)
· [r26654] Add CSS classes to the document when switching between toolstrip and mole mode.
· --show-extensions-on-top works pretty well now (on windows). Try it out!
· Sync
· Sync library now built entirely from trunk.
September 23rd, 2009· It contains 2 fixes, the first resolves the issue which prevented large downloads and the second is a stability fix which should resolve a number of crashes
September 19th, 2009· All
· Fixed a bug that prevented some Dailymotion videos from playing. [r25220]
· Bug fixes in NewFTP. [r25624][r25729][r25750][r25771]
· Improved New Tab page load performance. [r25232]
· Win
· Ensure that tips change when the Chrome language changes. [r25834]
· Extensions
· Enable/disable extension button on chrome://extensions
· Update extensions now button to force autoupdate check on chrome://extensions
· chrome.window and chrome.tab APIs can now reference relative URLs inside an extension
September 15th, 2009Security Fixes:
· We would like to extend special thanks to Will Dormann of CERT for working with us to improve the security of the new audio and video codecs in this release.
· CVE-2009-XXXX Content-Type: application/rss+xml being rendered as active content
· Previously, we rendered RSS and Atom feeds as XML. Because most other browsers render these documents with dedicated feed previewers, some web sites do not sanitize their feeds for active content, such as
· JavaScript. In these cases, an attacker might be able to inject JavaScript into a target web site.
September 14th, 2009· A fix for issue 3380which caused the browser to lose focus in certain conditions after installing a theme.
· Fix About box truncation in some locales when a new version is available.
September 12th, 2009· This release includes better international support and stability/bug fixes for the New Tab page and themes support.
September 9th, 2009· More stability/ bug fixes pertaining to the New Tab page, the omnibox, video tag, and themes support.
September 5th, 2009· All Platforms
· [r24663] Closing the download shelf removes all completed and cancelled downloads from it. (Issue: 15712)
· [r24331] Fixes various audio/video events which were not firing. (Issues: 20152, 16768)
· [r24519] Saved passwords for proxy servers are now correctly labeled. (Issue: 12992)
· [r24384] Add single line of tips to New New Tab Page. (Issue: 19162)
· Extensions
Two breaking changes (see mailing list post for more information):
· [r24816] Enforce granular permissions
· [r24770] Modified several APIs to be more consistent
· [r24539] Polish the look of Linux extension shelf. (Issue: 16759)
· [r24599] Polish extension install UI.
· [r24864] Allow extension toolstrip to detach. (ctrl+alt+b)
· [r24871, r24877] Polish chrome://extensions/ page. Add convenience developer tools to load an extension and pack an extension.
August 29th, 2009· All Platforms
· [r23666, r23790, r23988] Fix some hangs/crashes. (Issue: 16512, 16871, 18217, 18521, 19710, 19860)
· [r23668] Fix hang with video and audio tags. (Issue: 19276)
· [r23670] When SafeBrowsing alerts for a page, don't allow that page to redirect until after the user has dealt with the alert. (Issue: 6442)
· [r23754, r23937] Prevent time/slider from jumping around during and after seeking in video and audio tag content. (Issue: 19396)
· [r23859] Reduce Omnibox flicker. (Issue: 18369)
· [r23965] Unicode text could sometimes produce garbled Omnibox dropdown entries. (Issue: 5490)
· [r23967] Fix problems with plugin z-order. (Issue: 15840)
· [r24033] Fix a crash on Windows and Linux. (Issue: 17569)
· [r24151] Fix regression (since Chrome 2.0.172.1) where some gzipped files (e.g. script) were not unzipped before evaluation, making them unusable. (Issue: 16430)
· [r24170] Faster startup with custom themes. (Issue: 18768)
· [r24179] Graphical errors with some themes. (Issue: 20139)
· [r24189] Problems with video/audio tag playback and looping at rates other than 1.0. (Issues: 19856, 19105)
· [r24192] Properly align cursors used for middle-mouse-autoscroll with the original click location. (Issue: 6173)
· Windows
· [r23915] During uninstall, if Chrome was the default browser, prompt user to choose a new default. (Issue: 14023)
· [r23849] Fix clicking/noise when playing video/audio tag content with 48 or 96 kHz audio. (Issue: 17940)
· [r24198] Remove "Clear browsing data" and "Import bookmarks & settings" from Tools menu since they are now available in the Options. (Issue: 20137)
August 26th, 2009· CVE-2009-2935 Unauthorized memory read from Javascript
· A flaw in the V8 Javascript engine might allow specially-crafted Javascript on a web page to read unauthorized memory, bypassing security checks. It is possible that this could lead to disclosing unauthorized data to an attacker or allow an attacker to run arbitrary code.
· More info: http://code.google.com/p/chromium/issues/detail?id=18639 (This issue will be made public once a majority of users are up to date with the fix.)
· Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.
· Credit: This issue was found by Mozilla Security.
Mitigations:
· A victim would need to visit a page under an attacker's control.
· Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.
· Security Fix: Treat weak signatures as invalid
· Google Chrome no longer connects to HTTPS (SSL) sites whose certificates are signed using MD2 or MD4 hashing algorithms. These algorithms are considered weak and might allow an attacker to spoof an invalid site as a valid HTTPS site.
· More info: http://code.google.com/p/chromium/issues/detail?id=18725 (This issue will be made public once a majority of users are up to date with the fix.)
· Severity: Medium. Further advances in attacks against weak hashing algorithms may eventually permit attacks to forge certificates.
· Credit: Dan Kaminsky, Director of Penetration Testing, IOActive Inc., Meredith Patterson and Len Sassaman. See their paper at http://www.ioactive.com/pdfs/PKILayerCake.pdf
· CVE-2009-2414 Stack consumption vulnerability in libxml2
· CVE-2009-2416 Multiple use-after-free vulnerabilities in libxml2
· Pages using XML can cause a Google Chrome tab process to crash. A malicious XML payload may be able to trigger a use-after-free condition. Other tabs are unaffected.
· Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.
· Credit: Original discovery by Rauli Kaksonen and Jukka Taimisto from the CROSS project at Codenomicon Ltd. The Google Chrome security team determined that Chrome was affected.
Mitigations:
· A victim would need to visit a page under an attacker's control.
· Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.
August 20th, 2009· All Platforms
· Bugs 16020, 16768, 17415, 17970, 17973, 18208, 18362, 18433, 18677, 18726, 18846, 19521: Many fixes for video and audio tags [r23037, r23038, r23067, r23255, r23274, r23455, r23471, r23598]
· Bugs 18471, 18720, 18722: Make more New Tab Page items themeable [r23081, r23205]
· Bugs 10706, 18697: Crash fixes [r23190, r23568]
· Bug 19200: Cannot enter HTTP auth credentials in Omnibox if password has an @ sign [r23403]
· Bug 9103: Import passwords from Firefox 3.1 and above [r23503]
· Bug 13065: Change Live Search to Bing (only for U.S. right now) [r23571]
· Bug 19353: Attempt to reduce memory footprint [r23584]
· Windows
· Bug 19222: Uninstalling Chrome for one user should not delete default browser entries for another user [r23496]
August 18th, 2009· This release contains all the fixes and changes from 3.0.197.11, plus one additional change: we've added bookmark synchronization!
· To start using the feature, start Chrome with the "--enable-sync" flag, and go to "Wrench"->"Sync my bookmarks..."
· For more details about bookmark synchronization go to: http://blog.chromium.org/
August 8th, 2009· Crash fixes
· Bug 2993: Fix tabs getting "stuck" to your mouse and dragged out when under system load [r22024].
· Bug 60: Make downloads removable from download shelf and download list [r22138].
· Bug 17697: Properly unescape past searches in the Omnibox dropdown [r22167].
· Bug 3641: Setting Chrome as default browser on multiple accounts in Vista should work [r22282].
· Tweaks for new New Tab Page [r22316], [r22320], [r22337], [r22388], [r22428].
· Bug 8037: Use jumplists on Windows 7 [r22375].
· Bug 9985, 18271: Fixes for proxy users [r22430].
· Rich text editors can now remove , and tags [Webkit r46286].
August 7th, 2009· fix some theme's related performance regressions.
August 1st, 2009· Cursor no longer flickers over the omnibox and other editable controls.
· Disconnecting a monitor and restarting Google Chrome no longer leaves windows off in space and impossible to access
July 31st, 2009· Cursor no longer flickers over the omnibox and other editable controls.
· Disconnecting a monitor and restarting Google Chrome no longer leaves windows off in space and impossible to access.
July 30th, 2009· This update contains some additional fixes to themes support, in addition to some crash fixes.
July 29th, 2009· Our brand new tab page
· Themes
· The video tag
July 24th, 2009· Updated V8 to 1.2.13.2 to improve stability and performance.
· Printing fixes and print selection for Windows.
· Initial support for the video tag.
· Updated look and feel of the url bar (aka the Omnibox).
· Improved our Developer Tools by adding the scripts and profiles tabs, plus support for docking the inspector into the main window.
In addition to some minor UI changes:
· Minor Tweaks renamed as "Personal Stuff" in the Options menu
· Browsing data options added to the Options menu, under Personal Stuff.
· Default download location and font/language settings moved from Minor Tweaks to the Under the hood tab
· Exceptions is a tab in the "Passwords and Exceptions" dialog, rather than a separate button in the Passwords section of the Options menu.
July 23rd, 2009· Form suggestions now shrink properly as the list of suggestions gets shorter. (Issue: 15334)
· Extensions can now auto-update. (Issue: 12117)
· Set the default minimum font size to 12 for Chinese and 10 for Japanese, Korean, Arabic and Thai. (Issues: 16868, 16875)
· Mac now supports drag and drop of URLs, plain text, and HTML into
· and out of the content area, as well as within text fields and the
· thumbnails on the new tab page. URLs can be dragged to and from other
· apps, the Finder/Desktop, and the Dock.
· (Mac) Fix for download shelf crash when clearing all downloads. (Issues: 15855, 15893)
· (Mac) First cut at infobars. Not pretty, just functional. (Issues: 15839, 14937, 14462, 16487)
· (Mac) Add JavaScript Console menu item to View > Developer submenu. (Issue: 16135)
· (Linux) Allow dragging a link from the web contents to the bookmark bar to get a named bookmark. (Issue: 16791)
· (Linux) Add additional hotkeys (Ctrl-Enter, Shift-F5, Shift+Scroll Wheel). (Issue: 16792)
· (Linux) Dockable developer tools.
July 16th, 2009· Fix: Solving captcha images broken at orkut.com. (Issue 15569)
· Make forward/backward navigation work even when redirection is involved. (Issue 9663, issue 10531)
· Fix: Daylight savings time not recognized for some CET locales. (Issue 12579)
· Fix a browser crash on closing a URL request. (Issue 8942)
· Update the V8 Javascript engine to version 1.1.10.14 to fix issues with regular expressions.
· Update Gears to the latest release, 0.5.25.0.
July 16th, 2009· Google Chrome 3.0.193.1 has been released to the Dev channel to fix a small set crashes related to: V8, autocomplete, tab dragging, and context menus (bugs 16276, 13500, 16280, 14594).
July 11th, 2009· Fixed issue 15199 where new windows are opened off screen, in certain conditions, for dual monitor users.
· Fixed issue 16052 where a tab would close if a new url was navigated to too quickly during a page load.
· Alerts/authentication windows are no longer wrapped by an OS window.
· Windowed plugins like Flash no longer hang after a print dialog is displayed.
· Updated V8 to 1.2.13.2 to fix some crashes
July 7th, 2009Highlights in this release:
· Animated GIFs fixed.
· Extensions changes, see Dev Channel Visible Changes post to the Chromium-Extensions mailing list.
· Printing fixes for Windows.
· Try out the New New Tab Page by using the command line switch --new-new-tab-page. Don't wait for the new new new tab page, get yours today!
· Linux now supports IME for non-roman script languages.
· Fixes for misbehaving proxy servers.
· "Save As" now available on Mac.
· More details are available in the release notes and the log of all revisions.
Known issues:
· Issue 15846: (Mac) Google docs : shortcut to save a document (Command+S) is not implemented
· Issue 15844: (Linux) Bookmarks bar context menus disabled on first open of bookmark manager
· Issue 15845: (Linux) Bookmarks that do not fit in the bookmarks bar cannot be accessed
· Issue 15848: Thumbnails on New Tab Page don't have spacing in between
June 25th, 2009Highlights in this release:
· Mostly bug and crash fixes.
· Linux: Fixed the browser crashing because of missing fonts. (Issue 13007)
Lots of progress filling in missing features on Mac and Linux. Random samples:
· Linux: HTTP authentication now works.
· Linux: Render the contents of tabs while dragging.
· Linux: You can import and export bookmarks.
· Mac: You can download more than one item in a tab.
· Mac: A (preliminary) download shelf at the bottom of the window shows your downloads.
· Mac: Added the Restore Closed Tabs item to the File menu.
· The --enable-monitor-profile flag converts web pages from sRGB to your current default monitor profile. It does not handle embedded color profiles in images. (Issue 4938)
· The 'Print selection' option on the Print dialog works on Windows. (Issue 1682)
Known issues:
· You cannot drag bookmarklets (javascript: URLs) to the bookmarks bar. (Issue 12290)
· When you install an extension, two separate toolstrips appear. The problem will go away when you restart the browser. (Issue 14941)
June 23rd, 2009· Google Chrome 2.0.172.33 has been released to the Stable and Beta channels. This release fixes a critical security issue and two other networking bugs.
· CVE-2009-2121: Buffer overflow processing HTTP responses
· Google Chrome is vulnerable to a buffer overflow in handling certain responses from HTTP servers. A specially crafted response from a server could crash the browser and possibly allow an attacker to run arbitrary code.
· More info: http://code.google.com/p/chromium/issues/detail?id=14508 (This issue will be made public once a majority of users are up to date with the fix.)
· Severity: Critical. An attacker might be able to run code with the privileges of the logged on user.
· Credit: This issue was found by the Google Chrome security team.
· Other issues
This release also fixes two other network issues:
· - NTLM authentication to Squid proxies fails when trying to connect to HTTPS sites (Issue 8771)
· - Browser crash when loading some HTTPS sites (Issue 13226)
June 18th, 2009· Lots of crash fixes and code stabilization.
· All extensions now require signing, all unsigned extensions have been disallowed.
· Extensions are, at least for the moment, disabled in incognito mode.
· Fixed a session history bug which prevented proper backward and forward operation for certain sites.
June 12th, 2009· Yesterday's Dev Channel update (3.0.187.0) for Windows had a critical bug which crashes the browser when you use the wrench or page menus. This release fixes that issue.
· If you already have 3.0.187.0 you cannot get to About Google Chrome to force an update. You have a couple of choices to get the update.
· Wait. If you wait about 5 hours Google Chrome will check for an update and install it for you.
· Uninstall Google Chrome and reinstall from http://www.google.com/chrome/eula.html?extra=devchannel
· The Mac and Linux builds were not affected by this bug so they are not being updated.
· We apologize for the problem and we are making changes to our process to try and avoid issues like this in the future. The dev channel is always going to be a little risky but we agree that major features like this should not go out broken.
June 11th, 2009· Linux: Import passwords from Firefox. (Issue: 11191)
· On Mac use Keychain for passwords. (Issue: 11745)
· Fix regression where Omnibox would drop characters during rapid typing. (Issue: 13428)
· The web inspector is now working again. (Issue 13411)
· Fix browser hang due to plugin deadlock. (Issue: 12624)
· --enable-user-scripts is working again. (Issue 13290)
· Clicking an extension toolstrip no longer selects the first tab. (Issue 13547)
· Extension buttons now show after install (Issue 13609)
· Increase the maximum number of cookies to 3000. This matches Firefox. (Issue: 8850)
· When the contents don't have title, use URL for the name of bookmark entry. (Issue: 5965)
· Move download shelf from per-tab to per-window. (Issue: 9025)
· Improved support for Squid proxies. (Issue: 8771)
· Fixes a flash plugin hang on Google Finance ticker symbols in a background tab. (Issue: 12993)
June 10th, 2009· Google Chrome's Stable channel has been updated to version 2.0.172.31 to fix two security issues in WebKit.
· CVE-2009-1690 Memory corruption
· A memory corruption issue exists in WebKit's handling of recursion in certain DOM event handlers. Visiting a maliciously crafted website may lead to a tab crash or arbitrary code execution in the Google Chrome sandbox. This update addresses the issue through improved memory management.
· Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.
Mitigations:
· A victim would need to visit a page under an attacker's control.
· Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.
· CVE-2009-1718 Drag and drop information leak
· An issue exists in WebKit's handling of drag events. This may lead to the disclosure of sensitive information when content is dragged over a maliciously crafted web page. This update addresses the issue through improved handling of drag events.
· Severity: Medium. An attacker might be able to read data belonging to another web site, if a user can be convinced to select and drag data on an attacker-controlled site.
June 4th, 2009Highlights for this release:
· Fixed issue where non-media types such as text would display a media player. (Issue: 12777)
· New Downloads page shows the remaining time left for downloads. (Issue: 9607)
· Various fixes for right-to-left langugages
· Multiple crash and usability fixes.
Known Issue:
· Google Chrome crashes on Windows XP when you click the "Reset to default theme" button (Issue 13075).
May 29th, 2009· The small font issue affecting most non-English languages has been fixed
May 28th, 2009Highlights for this release:
· Google Chrome now supports the video tag.
· --auto-spell-correct flag will fix common typos like "teh" for "the" in the blink of an eye.
· Various bits of UI clean-up (toolbar and dangerous download bar paint issues).
· Multiple crash fixes.
Known Issue:
· The font in the browser's user interface is very small in most non-English languages. This will be fixed in the next Dev channel update. (Issue 12309).
Version Changes:
· WebKit - 531.0
· V8 - 1.2.5.1
· Gears - 0.5.21.0
May 22nd, 2009· Google Chrome 2.0.172.30 has been released to the Beta channel. The changes in this release since 172.27 are
· complete translations in all languages
· an experimental change in the V8 JavaScript engine that might improve page load times for pages with a lot of JavaScript.
· a fix for a crash when using the French spell check dictionary (Issue 8551)
· a fix for a crash when visiting a site with more than 50 feed links (Issue 12075)
May 22nd, 2009· We're promoting 2.0.172 from Beta to the Stable channel today.
· We've made a lot of changes to stuff you never see, such as a newer version of WebKit for rendering web pages, a new network stack, and improvements to speed up the V8 Javascript engine.
· There are some new features like removing Most Visited sites from the New Tab page, form autofill, and full screen mode.
· We're also proud to announce that Google Chrome is now available in 50 languages. We added Bengali, Gujarati, Kannada, Malayalam, Marathi, Oriya (on Windows Vista only), Tamil, and Telugu in this release.
May 21st, 2009Version Changes:
· WebKit - 530.11
· V8 - 1.2.4.1
· Gears - 0.5.21.0
Changes:
· Fixed a common crash when using a French spell-check dictionary. (Issue: 8551)
· Fixed a regression where maximizing Chrome turned the tab-background black. (Issue: 11695)
· Improved remote desktop (RDP) performance by using the standard dotted rectangle when moving a tab out. (Issue: 805)
· The command line debugger has been replaced by a graphical debugger using the WebKit inspector scripts tab to debug JavaScript running in V8.
· It is now possible to set proxy setting from the command-line. See the issue for more information. (Issue: 266)
May 15th, 2009· Google Chrome 2.0.172.27 has been released to the Beta channel. This release adds translations for all new features in all supported languages. We've made a number of fixes to improve reliability and updated the version of Gears to 0.5.19.0.
May 13th, 2009Visible changes:
· [r14827] Support PgUp/PgDn in Omnibox for "first entry/last entry." (Issue: 6857)
· [r15115] Tell the user if Chrome is not the default browser. (Issue: 9049)
· [r15702] You can choose to allow pop-ups from a site. (Issue: 11440)
Other changes of note:
· [r14891] Fix for crashing when zoomed into street level on maps.yahoo.com (Issue: 2044)
· [r14731] Patch from Mohamed Mansour for systems without an installed printer. (Issue: 6835)
· [r15020] Stop the location bar from flashing white when navigating from one HTTPS site to another. (Issue: 11157)
· [r15214] Fix for common issues around opening a new window. (Issues: 6377, 6192, 835)
· Lots of work around Extensions. (See r15417, r15271, r15310)
May 8th, 2009· Google Chrome's Stable channel has been updated to version 1.0.154.65 to fix a crash during startup for a small percentage of users.
May 6th, 2009· Google Chrome's Stable channel has been updated to version 1.0.154.64 to fix two security issues discovered by internal Google testing.
· This release also contains
· A new notification at startup that makes it easier to set Google Chrome as the default browser. If you don't want Google Chrome to be the default browser, you can click 'Don't ask again'.
· A new version of Gears (0.5.16.0)
· Security Fixes
· CVE-2009-1441: Input validation error in the browser process.
· A failure to properly validate input from a renderer (tab) process could allow an attacker to crash the browser and possibly run arbitrary code with the privileges of the logged on user. To exploit this vulnerability, an attacker would need to be able to run arbitrary code inside the renderer process.
· Severity: Critical. An attacker might be able to run code with the privileges of the logged on user.
· Mitigation: An attacker would need to be able to run arbitrary code in the renderer process.
· CVE-2009-1442: Integer overflow in Skia 2D graphics.
· A failure to check the result of integer multiplication when computing image sizes could allow a specially-crafted image or canvas to cause a tab to crash and it might be possible for an attacker to execute arbitrary code inside the (sandboxed) renderer process.
· Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.
Mitigations:
· A victim would need to visit a page under an attacker's control.
· Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.
April 30th, 2009It includes a number of fixes and a couple UI tweaks. For example, if you have searched from wikipedia.org in the past, start typing wikipedia.org in the omnibox, press the Tab key then a search term and suggestions and past searches will appear for Wikipedia. Other fixes include:
· [r14196] Scrollbars, Home/End work again in Gmail (Issue: 10009)
· [r14377] Flash (and other plugins) can be installed without restarting the browser. (Issue: 10574)
· [r14137] Fix hang seen in plugin process, including the new O3D plugin. (Issue: 10711)
· [r13934] On some sites text disappears or is never drawn. For example, on Google Calendar, the titles for all day events do not display. (Issue: 9904)
April 17th, 2009· [r13177] The bookmarks title in the bubble is now left justified - credit: m0 (Issue: 9393)
· [r13217] Fixed a crash which occurred when Chrome failed to find the default font. (Issue: 9654)
· [r13273] Chrome now temporarily disables a download item on the download-shelf when the file is opened. This prevents multiple clicks and shows that an action has been taken. (Issue: 7264)
· [r13285] Added a "clear all downloads" link to downloads page.(Issue: 9033)
· [r13340] Entering Kangi characters into the address bar no longer crashes Chrome (e.g. "--@ シ").(Issue: 9760)
· [r13348] Added "Undo Tab Close" and "New Tab" to the context menu on the tab bar. (Issue: 2144)
· [r13388] Corrected a regession where the suggestions from the address bar auto-complete were not correct for non-Latin languages. (Issue: 9859)
· [r13389] PageUp, PageDown and Up and Down arrow keys will now scroll the page when the Find bar is on screen. (Issue: 7079)
· [r13453] Chrome now displays a confirmation box when closing a tab with an in-progress download. (Issue: 1028)
· [r13515] Closing Chrome while a download is in progress no longer causes a crash. (Issue: 9959)
· [r13520] It is no longer possible to cut or copy from a password text-field. (Issue: 9425)
· [r13533] Fixed an issue where a maximized window was the wrong size after unlock. (Issue: 8873)
· [r13536] SVG images with .svgz extension are now properly displayed. (Issue: 9737)
· [r13550] Fixed regression where favicon of History and Downloads page was missing. (Issue: 9805)
· [r13551] Chrome now supports favicons that are provided as encoded data in html. (Issue: 9881)
· [r13555] [r13610] Corrects an error where the "Install plug-in" info bar would not show up. (Issue: 8584)
· [r13588] Ctrl+Shift+Arrow allows change in text direction in RTL UIs. Also now support Ctrl+Shift text alignment based on which side of the keyboard those keys are pressed.(Issues: 9762, 9763)
· [r13609] Fixed a regression where mouse wheel scrolling would close the bookmarks menu. (Issue: 9752)
· [r13611] Initial check-in to remove thumbnails from the New Tab Page (feature still in development). (Issue: 685)
· [r13636] The title of a JavaScript dialog box used to contains "Alert" regardless of how it's made: whether by alert(), prompt(), or confirm(). Now it only displays "Alert" for alert() calls.(Issue: 2359)
· [WebKit r29160] Fixed issue where the Google Calendar Widget would not load schedule content.(Issue: 8935)
January 14th, 2009· [r7615]Fixes a crash related to tab dragging (Issue: 5819)
· [r7616]Add a terminating NULL to the text read from the edit control. (Issue: 6053)
· [r7620]Enables restoring of keyboard focus to the the toolbar button that last had focus, before focus was lost (e.g to a dialog, another window, etc). Setting focus using the toolbar focus keyboard shortcut will still reset focus to the first enabled, visible button (starting at the Back button). (Issue: 5750)
· [r7644]In some cases (related to window.open() with no contents, see bug for more details) we may get notified of SSL error or mixed-contents without a NavigationEntry. (Issue: 3845)
· [r7664]If the URL text has no scheme, and starts with ftp., then default the scheme to ftp (Issue: 565)
· [r7669]Fixes an issue where Chrome hangs "Waiting for cache" (Issue: 4769)
· [r7703]Attempt to fix an issue related to SSL navigation. (Issue: 5800)
· [r7705]Fix for auto-detection of encoding (Issue: 3702)
· [r7724]Add debug menu to Linux test_shell: (Issues: 6050, 5122)
· [r7747]Fixup and verify URLs from the server before adding them to the autocomplete dropdown. (Issue: 5806)
· [r7792]Make sure that the active tab contents is destroyed when navigating back from the tab contents to the downloads page. Which fixes an issue w/ Flash not being signaled to cleanup (Issue: 5828)
· [r7798]Add support for custom cursors set by windowless plugins. (Issue: 3800)
· [r7822]Prevent overwrite pre-filled values when autofilling a form. (Issue: 6197)
· [r7823]Fixes issue where auto-complete popups would linger on the screen. (Issues: 5830, 3844)
· [r7873]Updating user dictionaries for 19 languages (Issue: 2837)
· [r7882]Measure how often the users are encountering MD5 (Issue: 6102)
November 25th, 2008· Bookmark manager with import/export
· Privacy section in Options
· New blocked pop-up notification
· This release fixes an issue with downloaded HTML files being able to read other files on your computer and send them to sites on the Internet. We now prevent local files from connecting to the network with XMLHttpRequest() and also prompt you to confirm a
Find us on Google+
