Stable Channel Update
Thursday, February 20, 2014
The Stable Channel has been updated to 33.0.1750.117 for Windows, Mac, and Linux.
Security Fixes and Rewards
This update includes 28 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.
[$2000][334897] High CVE-2013-6652: Issue with relative paths in Windows sandbox named pipe policy. Credit to tyranid.
[$1000][331790] High CVE-2013-6653: Use-after-free related to web contents. Credit to Khalil Zhani.
[$3000][333176] High CVE-2013-6654: Bad cast in SVG. Credit to TheShow3511.
[$3000][293534] High CVE-2013-6655: Use-after-free in layout. Credit to cloudfuzzer.
[$500][331725] High CVE-2013-6656: Information leak in XSS auditor. Credit to NeexEmil.
[$1000][331060] Medium CVE-2013-6657: Information leak in XSS auditor. Credit to NeexEmil.
[$2000][322891] Medium CVE-2013-6658: Use-after-free in layout. Credit to cloudfuzzer.
[$1000][306959] Medium CVE-2013-6659: Issue with certificates validation in TLS handshake. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco, Inria Paris.
[332579] Low CVE-2013-6660: Information leak in drag and drop. Credit to bishopjeffreys.
Security Fixes and Rewards
This update includes 28 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.
[$2000][334897] High CVE-2013-6652: Issue with relative paths in Windows sandbox named pipe policy. Credit to tyranid.
[$1000][331790] High CVE-2013-6653: Use-after-free related to web contents. Credit to Khalil Zhani.
[$3000][333176] High CVE-2013-6654: Bad cast in SVG. Credit to TheShow3511.
[$3000][293534] High CVE-2013-6655: Use-after-free in layout. Credit to cloudfuzzer.
[$500][331725] High CVE-2013-6656: Information leak in XSS auditor. Credit to NeexEmil.
[$1000][331060] Medium CVE-2013-6657: Information leak in XSS auditor. Credit to NeexEmil.
[$2000][322891] Medium CVE-2013-6658: Use-after-free in layout. Credit to cloudfuzzer.
[$1000][306959] Medium CVE-2013-6659: Issue with certificates validation in TLS handshake. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco, Inria Paris.
[332579] Low CVE-2013-6660: Information leak in drag and drop. Credit to bishopjeffreys.
As usual, our ongoing internal security work responsible for a wide range of fixes:
- [344876] Low-High CVE-2013-6661: Various fixes from internal audits, fuzzing and other initiatives. Of these, seven are fixes for issues that could have allowed for sandbox escapes from compromised renderers.
Many of the above bugs were detected using AddressSanitizer.
General Announcements
Google Chrome Frame has been retired, please read our June 2013 Chromium blog post for additional details and background.
Google Chrome Frame has been retired, please read our June 2013 Chromium blog post for additional details and background.
This release fixes a number of crashes and other bugs. A full list of changes is available in the SVN log. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome
Google Chrome