Stable Channel Update
Tuesday, August 20, 2013
The Chrome team is excited to announce the promotion of Chrome 29 to the Stable channel for Windows, Mac, Linux and Chrome Frame. Chrome 29.0.1547.57 contains a number of fixes and improvements, including:
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. This commonly occurs if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 25 security fixes. Below, we highlight some fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.
Jason Kersey
Google Chrome
- Improved Omnibox suggestions based on the recency of sites you have visited
- Ability to reset your profile back to its original state
- Many new apps and extensions APIs
- Lots of stability and performance improvements
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. This commonly occurs if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 25 security fixes. Below, we highlight some fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.
- [$1337] [181617] High CVE-2013-2900: Incomplete path sanitization in file handling. Credit to Krystian Bigaj.
- [$500] [254159] Low CVE-2013-2905: Information leak via overly broad permissions on shared memory files. Credit to Christian Jaeger.
- [$1337] [257363] High CVE-2013-2901: Integer overflow in ANGLE. Credit to Alex Chapman.
- [$1000] [260105] High CVE-2013-2902: Use after free in XSLT. Credit to cloudfuzzer.
- [$1000] [260156] High CVE-2013-2903: Use after free in media element. Credit to cloudfuzzer.
- [$1000] [260428] High CVE-2013-2904: Use after free in document parsing. Credit to cloudfuzzer.
- [274602] CVE-2013-2887: Various fixes from internal audits, fuzzing and other initiatives (Chrome 29).
Jason Kersey
Google Chrome