Google Chrome 25 - Released

[Earth]

What's new to Chrome 21? - Read blog post

Want to try Google Chrome? - Download

Quote:* Contains a number of new features including a new API for high-quality video and audio communication.
* Security fixes
- Missing re-prompt to user upon excessive downloads.
- Overly broad file access granted after drag+drop.
- Off-by-one read in GIF decoder.
- Various lower severity issues in the PDF viewer.
- Integer overflows in PDF viewer.
- Use-after-free with bad object linkage in PDF.
- webRequest can interfere with the Chrome Web Store.
- Leak of pointer values to WebUI renderers.
- Use-after-free in PDF viewer.
- Out-of-bounds writes in PDF viewer.
- Use-after-free in CSS DOM.
- Buffer overflow in WebP decoder.
- Out-of-bounds access when clicking in date picker.

Google Chrome on FileHippo

[Earth]

What's new to Chrome 22? - Read blog post

Want to try Google Chrome? - Download

Quote:* Mouse Lock API availability for Javascript
* Additional Windows 8 enhancements
* Continued polish for users of HiDPI/Retina screens
* Security fixes
- Windows kernel memory corruption.
- UXSS in frame handling.
- UXSS in v8 bindings.
- DOM tree corruption with plug-ins.
- Buffer overflow in SSE2 optimizations.
- Out-of-bounds write in Skia.
- Use-after-free in onclick handling.
- Use-after-free in SVG text references.
- Crash in graphics context handling.
- Integer overflow in WebGL.
- Browser crash with extensions and modal dialogs.
- DOM topology corruption.
- Out-of-bounds read in Skia.
- Out-of-bounds write in Skia.
- Various lower severity issues in the PDF viewer.
- Use-after-free in plug-in handling.
- Race condition in plug-in paint buffer.
- Wild pointer in OGG container handling.
- Possible double free on exit.
- Use-after-free in PDF viewer.
- Address leak over IPC.
- Pop-up block bypass.
- Double free in XSL transforms.
- Out-of-bounds writes in PDF viewer.

Google Chrome on FileHippo

[Littlebits]

(09-26-2012 08:44 PM)Earth wrote:  What's new to Chrome 22? - Read blog post

Want to try Google Chrome? - Download

Quote:* Mouse Lock API availability for Javascript
* Additional Windows 8 enhancements
* Continued polish for users of HiDPI/Retina screens
* Security fixes
- Windows kernel memory corruption.
- UXSS in frame handling.
- UXSS in v8 bindings.
- DOM tree corruption with plug-ins.
- Buffer overflow in SSE2 optimizations.
- Out-of-bounds write in Skia.
- Use-after-free in onclick handling.
- Use-after-free in SVG text references.
- Crash in graphics context handling.
- Integer overflow in WebGL.
- Browser crash with extensions and modal dialogs.
- DOM topology corruption.
- Out-of-bounds read in Skia.
- Out-of-bounds write in Skia.
- Various lower severity issues in the PDF viewer.
- Use-after-free in plug-in handling.
- Race condition in plug-in paint buffer.
- Wild pointer in OGG container handling.
- Possible double free on exit.
- Use-after-free in PDF viewer.
- Address leak over IPC.
- Pop-up block bypass.
- Double free in XSL transforms.
- Out-of-bounds writes in PDF viewer.

Google Chrome on FileHippo

They didn't mention that the "About" has been moved to the Chrome settings with a new update feature.



Thanks.

[Earth]

Google Chrome 23 Changelog - FileHippo.com

Anyone notice the Website Permissions UI? What do you make of it? Does it make browsing permissions much more easier?



.: discovered (via insanitybit)

[Umbra Polaris]

yes, but i rarely used it ^^

[james.salazar2010]

may i ask if google chrome does have extension that restrict or limit downloading?

[Littlebits]

The Chrome team is excited to announce the promotion of Chrome 25 to the Stable Channel. Chrome 25.0.1364.97 for Windows and Linux, and 25.0.1364.99 for Mac contain a number of new items including:

Improvements in managing and securing your extensions
Better support for HTML5 time/date inputs
JavaScript Web Speech API support
Better WebGL error handling
And lots of other features for developers

Security fixes and rewards:

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

[$1000] [172243] High CVE-2013-0879: Memory corruption with web audio node. Credit to Atte Kettunen of OUSPG.
[$1000] [171951] High CVE-2013-0880: Use-after-free in database handling. Credit to Chamal de Silva.
[$500] [167069] Medium CVE-2013-0881: Bad read in Matroska handling. Credit to Atte Kettunen of OUSPG.
[$500] [165432] High CVE-2013-0882: Bad memory access with excessive SVG parameters. Credit to Renata Hodovan.
[$500] [142169] Medium CVE-2013-0883: Bad read in Skia. Credit to Atte Kettunen of OUSPG.
[172984] Low CVE-2013-0884: Inappropriate load of NaCl. Credit to Google Chrome Security Team (Chris Evans).
[172369] Medium CVE-2013-0885: Too many API permissions granted to web store.
[Mac only] [171569] Medium CVE-2013-0886: Incorrect NaCl signal handling. Credit to Mark Seaborn of the Chromium development community.
[171065] [170836] Low CVE-2013-0887: Developer tools process has too many permissions and places too much trust in the connected server.
[170666] Medium CVE-2013-0888: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno).
[170569] Low CVE-2013-0889: Tighten user gesture check for dangerous file downloads.
[169973] [169966] High CVE-2013-0890: Memory safety issues across the IPC layer. Credit to Google Chrome Security Team (Chris Evans).
[169685] High CVE-2013-0891: Integer overflow in blob handling. Credit to Google Chrome Security Team (Jüri Aedla).
[169295] [168710] [166493] [165836] [165747] [164958] [164946] Medium CVE-2013-0892: Lower severity issues across the IPC layer. Credit to Google Chrome Security Team (Chris Evans).
[168570] Medium CVE-2013-0893: Race condition in media handling. Credit to Andrew Scherkus of the Chromium development community.
[168473] High CVE-2013-0894: Buffer overflow in vorbis decoding. Credit to Google Chrome Security Team (Inferno).
[Linux / Mac] [167840] High CVE-2013-0895: Incorrect path handling in file copying. Credit to Google Chrome Security Team (Jüri Aedla).
[166708] High CVE-2013-0896: Memory management issues in plug-in message handling. Credit to Google Chrome Security Team (Cris Neckar).
[165537] Low CVE-2013-0897: Off-by-one read in PDF. Credit to Mateusz Jurczyk, with contributions by Gynvael Coldwind, both from Google Security Team.
[164643] High CVE-2013-0898: Use-after-free in URL handling. Credit to Alexander Potapenko of the Chromium development community.
[160480] Low CVE-2013-0899: Integer overflow in Opus handling. Credit to Google Chrome Security Team (Jüri Aedla).
[152442] Medium CVE-2013-0900: Race condition in ICU. Credit to Google Chrome Security Team (Inferno).

http://googlechromereleases.blogspot.com...te_21.html

Enjoy!!

[House_maniac]

(02-22-2013 02:26 AM)Littlebits wrote:  The Chrome team is excited to announce the promotion of Chrome 25 to the Stable Channel. Chrome 25.0.1364.97 for Windows and Linux, and 25.0.1364.99 for Mac contain a number of new items including:

Improvements in managing and securing your extensions
Better support for HTML5 time/date inputs
JavaScript Web Speech API support
Better WebGL error handling
And lots of other features for developers

http://googlechromereleases.blogspot.com...te_21.html

Enjoy!!

thanks

[Earth]

Thanks for the update.

However, I'm disappointed that the "disable" from the right-click menu of the extension has gone. It's inconvenient that I have to manage them from the extension page.