Google Chrome 21.0.1180.60 Stable adds getUserMedia API support

Google Chrome Stable Update
Google Chrome 21.0.1180.60 has been updated to the Stable channel for Windows and Chrome Frame, 21.0.1180.57 for Mac and Linux. This release includes the getUserMedia API, which lets you grant web apps access to your camera and microphone without a plug-in. The getUserMedia API is the first step in WebRTC, a new real-time communications standard which aims to allow high-quality video and audio communication on the web.

The getUserMedia API also allows web apps to create awesome new experiences like Webcam Toy and Magic Xylophone. In Chrome Web Lab, if you're on the latest version of Chrome, the Sketchbots experiment uses getUserMedia to let you take a picture of your face, which is then converted to a line drawing and sent to a robot in the Science Museum in London. The robot then draws out your portrait in a patch of sand, which you can watch live on YouTube and visitors can watch in person at the museum. It’s just about as crazy as it sounds, and twice as cool.

Google Chrome 21 Stable also includes deeper Google Cloud Print integration, expanded support for gamepads, and support for high-resolution Mac Retina screens.

In addition, Google Chrome 21 Stable address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

Install Google Chrome Stable
To install Google Chrome 21.0.1180.60 Stable please visit http://www.google.com/chrome website.

Google Chrome 21.0.1180.60 Stable

Note: If you’re running the Release Preview of Windows 8, you’ll be able to try Chrome in Metro mode by setting it as your default browser.

Google Chrome 21.0.1180.60 Stable Metro Mode

What's new in Google Chrome 21.0.1180.60 Stable (July 31th, 2012)
Google Chrome 21.0.1180.60 contains a number of new features and updates, including:
  • Updated JavaScript engine V8 - 3.11.10.17
  • Includes two new APIs: the getUserMedia API and the Gamepad Javascript API.
  • New and improved printing experience for Google Cloud Print.
  • A new version of Adobe Flash Player. (11.3.31.222)

Security fixes and rewards:
  • [Linux only] [125225] CVE-2012-2846: Cross-process interference in renderers. Credit to Google Chrome Security Team (Julien Tinnes). Medium)
  • [127522] CVE-2012-2847: Missing re-prompt to user upon excessive downloads. Credit to Matt Austin of Aspect Security. (Low)
  • [127525] CVE-2012-2848: Overly broad file access granted after drag+drop. Credit to Matt Austin of Aspect Security. Medium)
  • [128163] CVE-2012-2849: Off-by-one read in GIF decoder. Credit to Atte Kettunen of OUSPG. (Low)
  • [130251] [130592] [130611] [131068] [131237] [131252] [131621] [131690] [132860] CVE-2012-2850: Various lower severity issues in the PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team. Medium)
  • [132585] [132694] [132861] CVE-2012-2851: Integer overflows in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team. (High)
  • [134028] CVE-2012-2852: Use-after-free with bad object linkage in PDF. Credit to Alexey Samsonov of Google. (High)
  • [134101] CVE-2012-2853: webRequest can interfere with the Chrome Web Store. Credit to Trev of Adblock. Medium)
  • [134519] CVE-2012-2854: Leak of pointer values to WebUI renderers. Credit to Nasko Oskov of the Chromium development community. (Low)
  • [134888] CVE-2012-2855: Use-after-free in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team. (High)
  • [134954] [135264] CVE-2012-2856: Out-of-bounds writes in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team. (High)
  • [$1000] [136235] CVE-2012-2857: Use-after-free in CSS DOM. Credit to Arthur Gerkis. (High)
  • [$1000] [136894] CVE-2012-2858: Buffer overflow in WebP decoder. Credit to Jüri Aedla. (High)
  • [Linux only] [137541] CVE-2012-2859: Crash in tab handling. Credit to Jeff Roberts of Google Security Team. (Critical)
  • [137671] CVE-2012-2860: Out-of-bounds access when clicking in date picker. Credit to Chamal de Silva. Medium)

Note: Many of the above bugs were detected using AddressSanitizer.

Source: Google Chrome Releases

No comments: