Google Chrome

Google Chrome 62.0.3202.94

Go to download
Overview Updates (5) Reviews (2) History Discussion
Google has released Version 39.0.2171.99 of the Chrome browser.

Stable Channel Update

The stable channel has been updated to 39.0.2171.99 for Windows, Mac and Linux. This release contains an update for Adobe Flash as well as a number of other fixes. A full list of changes is available in the log.

Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Alex Mineer
Google Chrome
Click to expand...
ref:
http://googlechromereleases.blogspot.co.uk/search/label/Stable updates
 
Google has released Version 40.0.2214.91 of the Chrome browser.

The Chrome team is delighted to announce the promotion of Chrome 40 to the stable channel for Windows, Mac and Linux. Chrome 40.0.2214.91 contains a number of fixes and improvements, including:
  • Updated info dialog for Chrome app on Windows and Linux.
  • A new clock behind/ahead error message.
A partial list of changes is available in the log.
Click to expand...
 
Google has released Version 40.0.2214.111 of the Chrome browser.

Stable Channel Update

The stable channel has been updated to 40.0.2214.111 for Windows, Mac and Linux. A full list of changes is available in the log.

Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed.

This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

  • [$TBD][447906] High CVE-2015-1209: Use-after-free in DOM. Credit to Maksymillian Motyl.
  • [$TBD][453979] High CVE-2015-1210: Cross-origin-bypass in V8 bindings. Credit to anonymous.
  • [$TBD][453982] High CVE-2015-1211: Privilege escalation using service workers. Credit to anonymous.
As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [455225] CVE-2015-1212: Various fixes from internal audits, fuzzing and other initiatives.
Many of the above bugs were detected using AddressSanitizer or MemorySanitizer.

Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Daniel Xie
Google Chrome
Click to expand...
 
Google has released Version 41.0.2272.76 of the Chrome browser.
Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 41 to the stable channel for Windows, Mac and Linux. Chrome 41.0.2272.76 contains a number of fixes and improvements, including:
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance
A list of changes is available in the log.

Security Fixes and Rewards


Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.


This update includes 51 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.


[$7500][456516] High CVE-2015-1212: Out-of-bounds write in media. Credit to anonymous.
[$5000][448423] High CVE-2015-1213: Out-of-bounds write in skia filters. Credit to cloudfuzzer.
[$5000][445810] High CVE-2015-1214: Out-of-bounds write in skia filters. Credit to cloudfuzzer.
[$5000][445809] High CVE-2015-1215: Out-of-bounds write in skia filters. Credit to cloudfuzzer.
[$4000][454954] High CVE-2015-1216: Use-after-free in v8 bindings. Credit to anonymous.
[$3000][456192] High CVE-2015-1217: Type confusion in v8 bindings. Credit to anonymous.
[$3000][456059] High CVE-2015-1218: Use-after-free in dom. Credit to cloudfuzzer.
[$3000][446164] High CVE-2015-1219: Integer overflow in webgl. Credit to Chen Zhang (demi6od) of NSFOCUS Security Team.
[$3000][437651] High CVE-2015-1220: Use-after-free in gif decoder. Credit to Aki Helin of OUSPG.
[$2500][455368] High CVE-2015-1221: Use-after-free in web databases. Credit to Collin Payne.
[$2500][448082] High CVE-2015-1222: Use-after-free in service workers. Credit to Collin Payne.
[$2000][454231] High CVE-2015-1223: Use-after-free in dom. Credit to Maksymillian Motyl.
[449610] High CVE-2015-1230: Type confusion in v8. Credit to Skylined working with HP’s Zero Day Initiative.
[$2000][449958] Medium CVE-2015-1224: Out-of-bounds read in vpxdecoder. Credit to Aki Helin of OUSPG.
[$1000][446033] Medium CVE-2015-1225: Out-of-bounds read in pdfium. Credit to cloudfuzzer.
[$1000][456841] Medium CVE-2015-1226: Validation issue in debugger. Credit to Rob Wu.
[$1000][450389] Medium CVE-2015-1227: Uninitialized value in blink. Credit to Christoph Diehl.
[$1000][444707] Medium CVE-2015-1228: Uninitialized value in rendering. Credit to miaubiz.
[$500][431504] Medium CVE-2015-1229: Cookie injection via proxies. Credit to iliwoy.


We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. The total value of additional rewards and their recipients will be updated here when all reports have gone through the reward panel.


As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [463349] CVE-2015-1231: Various fixes from internal audits, fuzzing and other initiatives.
  • Multiple vulnerabilities in V8 fixed at the tip of the 4.1 branch (currently 4.1.0.21).


Many of the above bugs were detected using AddressSanitizer or MemorySanitizer.


Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.


Penny MacNeil
Google Chrome
Click to expand...
 
Google has released Version 41.0.2272.118 of the Chrome browser.
Stable Channel Update

The stable channel has been updated to 41.0.2272.118 for Windows, Mac and Linux. A partial list of changes is available in the log.
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.
[$29633.7][469058] Critical CVE-2015-1233: A special thanks to Anonymous for a combination of V8, Gamepad and IPC bugs that can lead to remote code execution outside of the sandbox.
[468936] High CVE-2015-1234: Buffer overflow via race condition in GPU. Credit to lokihardt working with Pwn2Own and HP’s Zero Day Initiative.
Click to expand...
ref:
http://googlechromereleases.blogspot.co.uk/search/label/Stable updates
 
Google has released Version 42.0.2311.90 of the Chrome browser.
Stable Channel Update

The Chrome team is overjoyed to announce the promotion of Chrome 42 to the stable channel for Windows, Mac and Linux. Chrome 42.0.2311.90 contains a number of fixes and improvements, including:


A list of changes is available in the log.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 45 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

[$7500][456518] High CVE-2015-1235: Cross-origin-bypass in HTML parser. Credit to anonymous.
[$4000][313939] Medium CVE-2015-1236: Cross-origin-bypass in Blink. Credit to Amitay Dobo.
[$3000][461191] High CVE-2015-1237: Use-after-free in IPC. Credit to Khalil Zhani.
[$2000][445808] High CVE-2015-1238: Out-of-bounds write in Skia. Credit to cloudfuzzer.
[$1000][463599] Medium CVE-2015-1240: Out-of-bounds read in WebGL. Credit to w3bd3vil.
[$1000][418402] Medium CVE-2015-1241: Tap-Jacking. Credit to Phillip Moon and Matt Weston of Sandfield Information Systems.
[$500][460917] High CVE-2015-1242: Type confusion in V8. Credit to [email protected].
[$500][455215] Medium CVE-2015-1244: HSTS bypass in WebSockets. Credit to Mike Ruddy.
[$500][444957] Medium CVE-2015-1245: Use-after-free in PDFium. Credit to Khalil Zhani.
[$500][437399] Medium CVE-2015-1246: Out-of-bounds read in Blink. Credit to Atte Kettunen of OUSPG.
[$500][429838] Medium CVE-2015-1247: Scheme issues in OpenSearch. Credit to Jann Horn.
[$500][380663] Medium CVE-2015-1248: SafeBrowsing bypass. Credit to Vittorio Gambaletta (VittGam).

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. The total value of additionalrewards and their recipients will updated here when all reports have gone through the reward panel.
As usual, our ongoing internal security work was responsible for a wide range of fixes:
[476786] CVE-2015-1249: Various fixes from internal audits, fuzzing and other initiatives.
Multiple vulnerabilities in V8 fixed at the tip of the 4.2 branch (currently 4.2.77.14).
Many of the above bugs were detected using AddressSanitizer or MemorySanitizer.

Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Alex Mineer
Google Chrome
Click to expand...
 
Google has released Version 42.0.2311.135 of the Chrome browser.
Stable Channel Update

The stable channel has been updated to 42.0.2311.135 for Windows, Mac and Linux. A list of changes is available in the log.

Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.
Click to expand...
 
Google has released Version 42.0.2311.152 of the Chrome browser.
Stable Channel Update for Chrome OS

The Stable channel has been updated to 42.0.2311.153 (Platform version: 6812.88.0) for all devices, except the Toshiba Chromebook 2. Systems will be automatically updated over the next few days.

If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 horizontal bars in the upper right corner of the browser).

Matthew Yuan
Google Chrome
Click to expand...
 
Google has released Version 43.0.2357.65 of the Chrome browser.
Stable Channel Update

The Chrome team is happy to announce the promotion of Chrome 43 to the stable channel for Windows, Mac and Linux. Chrome 43.0.2357.65 contains a number of fixes and improvements. A list of changes is available in the log.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 37 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.


[$16337][474029] High CVE-2015-1252: Sandbox escape in Chrome. Credit to anonymous.
[$7500][464552] High CVE-2015-1253: Cross-origin bypass in DOM. Credit to anonymous.
[$3000][444927] High CVE-2015-1254: Cross-origin bypass in Editing. Credit to [email protected].
[$3000][473253] High CVE-2015-1255: Use-after-free in WebAudio. Credit to Khalil Zhani.
[$2000][478549] High CVE-2015-1256: Use-after-free in SVG. Credit to Atte Kettunen of OUSPG.
[481015] High CVE-2015-1251: Use-after-free in Speech. Credit to SkyLined working with HP's Zero Day Initiative
[$1500][468519] Medium CVE-2015-1257: Container-overflow in SVG. Credit to miaubiz.
[$1000][450939] Medium CVE-2015-1258: Negative-size parameter in Libvpx. Credit to cloudfuzzer
[$1000][468167] Medium CVE-2015-1259: Uninitialized value in PDFium. Credit to Atte Kettunen of OUSPG
[$1000][474370] Medium CVE-2015-1260: Use-after-free in WebRTC. Credit to Khalil Zhani.
[$500][466351] Medium CVE-2015-1261: URL bar spoofing. Credit to Juho Nurminen.
[$500][476647] Medium CVE-2015-1262: Uninitialized value in Blink. Credit to miaubiz.
[$500][479162] Low CVE-2015-1263: Insecure download of spellcheck dictionary. Credit to Mike Ruddy.
[$500][481015] Low CVE-2015-1264: Cross-site scripting in bookmarks. Credit to K0r3Ph1L.

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. The total value of additional rewards and their recipients will updated here when all reports have gone through the reward panel.


As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [489518] CVE-2015-1265: Various fixes from internal audits, fuzzing and other initiatives.
  • Multiple vulnerabilities in V8 fixed at the tip of the 4.3 branch (currently 4.3.61.21).

Many of the above bugs were detected using AddressSanitizer or MemorySanitizer.

Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.
Click to expand...
 
Google has released Version 43.0.2357.81 of the Chrome browser.
Stable Channel Update

The stable channel has been updated to 43.0.2357.81 for Windows, Mac and Linux. A partial list of changes is available in the log.

Key Fixes:
  • [490611] Fixed an issue where sometimes a blank page would print.
  • [478714] Icons not displaying properly on Linux
Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Anthony Laforge
Google Chrome
Click to expand...
 
Google has released Version 43.0.2357.124 of the Chrome browser.
Stable Channel Update

The stable channel has been updated to 43.0.2357.124 for Windows, Mac and Linux. A partial list of changes is available in the log.

Key Changes:
  • Updated Adobe Flash Player to 18.0.0.160

Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Anthony Laforge
Google Chrome
Click to expand...
 
Google has released Version 43.0.2357.130 of the Chrome browser
Chrome Stable Update

The stable channel has been updated to 43.0.2357.130 for Windows, Mac, and Linux. A partial list of changes is available in the log.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

Below, we highlight 4 fixes that were contributed by external researchers. Please see theChromium security page for more information.

[$5000][464922] High CVE-2015-1266: Scheme validation error in WebUI. Credit to anonymous.
[TBD][494640] High CVE-2015-1268: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
[TBD][497507] Medium CVE-2015-1267: Cross-origin bypass in Blink. Credit to anonymous.
[TBD][461481] Medium CVE-2015-1269: Normalization error in HSTS/HPKP preload list. Credit to Mike Ruddy.

Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Are you a project manager, with a technical background, who is passionate about Chrome and moving the web forward? We are hiring!

Anthony Laforge
Google Chrome
Click to expand...
 
Google has released Version 43.0.2357.134 of the Chrome browser.
Stable Channel Update

The stable channel has been updated to 43.0.2357.134 for Windows, Mac, and Linux. This release contains a critical update to Adobe Flash Player (18.0.0.209) and a fix for a full screen castingissue.

A partial list of changes is available in the log.

Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Are you a project manager, with a technical background, who is passionate about Chrome and moving the web forward? We are hiring!

Anthony Laforge
Google Chrome
Click to expand...
 
You must log in or register to reply here.

Similar threads

B
Chrome Cookied
Replies
2
Views
588
Neemobeer
Neemobeer
Fluo82
Specific app selection not possible...if with the same name!
Replies
2
Views
241
Fluo82
Fluo82
E
Windows 11 Adding 3rd -party installer files to custom Windows 11 ISO
Replies
3
Views
2K
Night Hawk
Night Hawk
S
Just Built A New Windows 11 PC - I'm suddenly getting messages from sites saying I am using an ad-blocker
Replies
1
Views
771
ChatGPT
ChatGPT
D
Need full Administrator authorization not local
Replies
2
Views
366
Neemobeer
Neemobeer
Back
Top