Google Chrome 14.0.835.163 has been released to the Stable channel

Google Chrome Stable Update
Google Chrome 14.0.835.163 has been released to the Stable channel for Windows, Mac, Linux, and Chrome Frame. This vesion is the first stable release of the Google Chrome major version 14.0. This release contains a number of new features and updates, as well as the security fixes listed in What's new in Google Chrome 14.0.835.163 Stable section.

Overview
Google Chrome is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier. It has one box for everything: Type in the address bar and get suggestions for both search and web pages. Will give you thumbnails of your top sites, access your favorite pages instantly with lightning speed from any new tab. Desktop shortcuts allow you to launch your favorite Web apps straight from your desktop.

Download Google Chrome
To install Google Chrome 14.0.835.163 Stable please visit http://www.google.com/chrome web site.

What's new in Google Chrome 14.0.835.163 Stable
Chrome 14.0.835.163 contains a number of new features and updates, including:
  • Initial release of Native Client
  • Web Audio API
  • Additional Mac OS X Lion feature support
  • Sync Encryption for all data
  • Print Preview on Mac
  • Experimental Web Request extension API
  • Experimental Content Settings extension API

Security fixes and rewards:
  • [49377] CVE-2011-2835: Race condition in the certificate cache. Credit to Ryan Sleevi of the Chromium development community. (High)
  • [51464] CVE-2011-2836: Infobar the Windows Media Player plug-in to avoid click-free access to the system Flash. Credit to electronixtar. (Low)
  • [Linux only][57908] CVE-2011-2837: Use PIC / pie compiler flags. Credit to wbrana. (Low)
  • [75070] CVE-2011-2838: Treat MIME type more authoritatively when loading plug-ins. Credit to Michal Zalewski of the Google Security Team. (Low)
  • [76771] CVE-2011-2839: Crash in v8 script object wrappers. Credit to Kostya Serebryany of the Chromium development community. (High)
  • [78427][83031] CVE-2011-2840: Possible URL bar spoofs with unusual user interaction. Credit to kuzzcc. (Low)
  • [78639] CVE-2011-2841: Garbage collection error in PDF. Credit to Mario Gomes. [$500] (High)
  • [Mac only][80680] CVE-2011-2842: Insecure lock file handling in the Mac installer. Credit to Aaron Sigel of vtty.com. (Low)
  • [82438] CVE-2011-2843: Out-of-bounds read with media buffers. Credit to Kostya Serebryany of the Chromium development community. (Medium)
  • [85041] CVE-2011-2844: Out-of-bounds read with mp3 files. Credit to Mario Gomes. (Medium)
  • [89219] CVE-2011-2846: Use-after-free in unload event handling. Credit to Arthur Gerkis. [$1000] (High)
  • [89330] CVE-2011-2847: Use-after-free in document loader. Credit to miaubiz. [$1000] (High)
  • [89564] CVE-2011-2848: URL bar spoof with forward button. Credit to Jordi Chancel. [$500] (Medium)
  • [89795] CVE-2011-2849: Browser NULL pointer crash with WebSockets. Credit to Arthur Gerkis. (Low)
  • [89991] CVE-2011-3234: Out-of-bounds read in box handling. Credit to miaubiz. [$500] (Medium)
  • [90134] (Medium) CVE-2011-2850: Out-of-bounds read with Khmer characters. Credit to miaubiz.
  • [90173] CVE-2011-2851: Out-of-bounds read in video handling. Credit to Google Chrome Security Team (Inferno). (Medium)
  • [91120] CVE-2011-2852: Off-by-one in v8. Credit to Christian Holler. [$500] (High)
  • [91197] CVE-2011-2853: Use-after-free in plug-in handling. Credit to Google Chrome Security Team (SkyLined). (High)
  • [92651][94800] CVE-2011-2854: Use-after-free in ruby / table style handing. Credit to Sławomir Błażek, and independent later discoveries by miaubiz and Google Chrome Security Team (Inferno). [$1000] (High)
  • [92959] CVE-2011-2855: Stale node in stylesheet handling. Credit to Arthur Gerkis. [$1000] (High)
  • [93416] CVE-2011-2856: Cross-origin bypass in v8. Credit to Daniel Divricean. [$2000] (High)
  • [93420] CVE-2011-2857: Use-after-free in focus controller. Credit to miaubiz. [$1000] (High)
  • [93472] CVE-2011-2834: Double free in libxml XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences. [$1000] (High)
  • [93497] CVE-2011-2859: Incorrect permissions assigned to non-gallery pages. Credit to Bernhard ‘Bruhns’ Brehm of Recurity Labs. (Medium)
  • [93587] CVE-2011-2860: Use-after-free in table style handling. Credit to miaubiz. [$1000] (High)
  • [93596] CVE-2011-2861: Bad string read in PDF. Credit to Aki Helin of OUSPG. (Medium)
  • [93906] CVE-2011-2862: Unintended access to v8 built-in objects. Credit to Sergey Glazunov. [$2337] (High)
  • [95563] CVE-2011-2864: Out-of-bounds read with Tibetan characters. Credit to Google Chrome Security Team (Inferno). (Medium)
  • [95625] CVE-2011-2858: Out-of-bounds read with triangle arrays. Credit to Google Chrome Security Team (Inferno). (Medium)
  • [95917] CVE-2011-2874: Failure to pin a self-signed cert for a session. Credit to Nishant Yadant of VMware and Craig Chamberlain (@randomuserid). (Low)
  • [95920] CVE-2011-2875: Type confusion in v8 object sealing. Credit to Christian Holler. [$1000] (High)

Source: Google Chrome Releases

No comments: