Chrome Releases: May 2009

Dev update: Larger fonts

Thursday, May 28, 2009

Google Chrome 3.0.182.3 has been released to the Dev channel.
The people have spoken. The small font issue affecting most non-English languages has been fixed (issue 12309).
Mark LarsonGoogle Chrome Program Manager

Dev Channel Release 3.0.182.2

Wednesday, May 27, 2009

Google Chrome 3.0.182.2 has been released to the Dev channel.

Highlights for this release:

Google Chrome now supports the video tag.
--auto-spell-correct flag will fix common typos like "teh" for "the" in the blink of an eye.
Various bits of UI clean-up (toolbar and dangerous download bar paint issues).
Multiple crash fixes.

Known Issue:

The font in the browser's user interface is very small in most non-English languages. This will be fixed in the next Dev channel update. (Issue 12309).

Version Changes:

WebKit - 531.0
V8 - 1.2.5.1
Gears - 0.5.21.0

The release notes are available as well as a detailed list of all revisions.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry.

Anthony Laforge
Technical Program Manager

[Edits: Google chrome now supports the video tag. Also adding a note about the known issue with small fonts. --mal, 27 May 2009]
Google Chrome 3.0.182.2 has been released to the Dev channel.
Highlights for this release:

Google Chrome now supports the video tag.
--auto-spell-correct flag will fix common typos like "teh" for "the" in the blink of an eye.
Various bits of UI clean-up (toolbar and dangerous download bar paint issues).
Multiple crash fixes.

Known Issue:

The font in the browser's user interface is very small in most non-English languages. This will be fixed in the next Dev channel update. (Issue 12309).

Version Changes:

WebKit - 531.0
V8 - 1.2.5.1
Gears - 0.5.21.0

Anthony Laforge
Technical Program Manager

Beta update: V8 experiment

Friday, May 22, 2009

complete translations in all languages
an experimental change in the V8 JavaScript engine that might improve page load times for pages with a lot of JavaScript.
a fix for a crash when using the French spell check dictionary (Issue 8551)
a fix for a crash when visiting a site with more than 50 feed links (Issue 12075)

You can join the Beta channel by downloading the Google Chrome Beta channer installer.

--Mark Larson

Google Chrome Program Manager

Google Chrome 2.0.172.30 has been released to the Beta channel. The changes in this release since 172.27 are

complete translations in all languages
an experimental change in the V8 JavaScript engine that might improve page load times for pages with a lot of JavaScript.
a fix for a crash when using the French spell check dictionary (Issue 8551)
a fix for a crash when visiting a site with more than 50 feed links (Issue 12075)

You can join the Beta channel by downloading the Google Chrome Beta channer installer.

--Mark Larson

Google Chrome Program Manager

Stable Update: Google Chrome 2.0.172.28

Thursday, May 21, 2009

We've made a lot of changes to stuff you never see, such as a newer version of WebKit for rendering web pages, a new network stack, and improvements to speed up the V8 Javascript engine.

There are some new features like removing Most Visited sites from the New Tab page, form autofill, and full screen mode.

We're also proud to announce that Google Chrome is now available in 50 languages. We added Bengali, Gujarati, Kannada, Malayalam, Marathi, Oriya (on Windows Vista only), Tamil, and Telugu in this release.

You can read more about it here.

--Mark Larson

Google Chrome Program Manager

We're promoting 2.0.172 from Beta to the Stable channel today.
We've made a lot of changes to stuff you never see, such as a newer version of WebKit for rendering web pages, a new network stack, and improvements to speed up the V8 Javascript engine.
There are some new features like removing Most Visited sites from the New Tab page, form autofill, and full screen mode.
We're also proud to announce that Google Chrome is now available in 50 languages. We added Bengali, Gujarati, Kannada, Malayalam, Marathi, Oriya (on Windows Vista only), Tamil, and Telugu in this release.
You can read more about it here.
--Mark LarsonGoogle Chrome Program Manager

Dev Channel Update: 2.0.181.1

Wednesday, May 20, 2009

Version Changes:

WebKit - 530.11
V8 - 1.2.4.1
Gears - 0.5.21.0

Changes:

Fixed a common crash when using a French spell-check dictionary. (Issue: 8551)
Fixed a regression where maximizing Chrome turned the tab-background black. (Issue: 11695)
Improved remote desktop (RDP) performance by using the standard dotted rectangle when moving a tab out. (Issue: 805)
The command line debugger has been replaced by a graphical debugger using the WebKit inspector scripts tab to debug JavaScript running in V8.
It is now possible to set proxy setting from the command-line. See the issue for more information. (Issue: 266)

Jonathan Conradt

Engineering Program Manager

Google Chrome has been updated to 2.0.181.1 on the dev channel. This release contains many localization, crash, and ui behavior fixes.

Version Changes:

WebKit - 530.11
V8 - 1.2.4.1
Gears - 0.5.21.0

Changes:

Fixed a common crash when using a French spell-check dictionary. (Issue: 8551)
Fixed a regression where maximizing Chrome turned the tab-background black. (Issue: 11695)
Improved remote desktop (RDP) performance by using the standard dotted rectangle when moving a tab out. (Issue: 805)
The command line debugger has been replaced by a graphical debugger using the WebKit inspector scripts tab to debug JavaScript running in V8.
It is now possible to set proxy setting from the command-line. See the issue for more information. (Issue: 266)

Beta Update: Bug fixes and translations

Thursday, May 14, 2009

You can install the current Beta channel release from http://www.google.com/intl/en/landing/chrome/beta/.

Please report bugs at http://code.google.com/p/chromium/issues/list.

Mark Larson

Google Chrome Program Manager

Google Chrome 2.0.172.27 has been released to the Beta channel. This release adds translations for all new features in all supported languages. We've made a number of fixes to improve reliability and updated the version of Gears to 0.5.19.0.

You can install the current Beta channel release from http://www.google.com/intl/en/landing/chrome/beta/.

Please report bugs at http://code.google.com/p/chromium/issues/list.

Mark LarsonGoogle Chrome Program Manager

Dev Channel Updated with Bug Fixes

Tuesday, May 12, 2009

WebKit

530.9

1.2.2.1

[r14827] Support PgUp/PgDn in Omnibox for "first entry/last entry." (Issue: 6857)

[r15115] Tell the user if Chrome is not the default browser. (Issue: 9049)

[r15702] You can choose to allow pop-ups from a site. (Issue: 11440)

[r14891] Fix for crashing when zoomed into street level on maps.yahoo.com (Issue: 2044)

[r14731] Patch from Mohamed Mansour for systems without an installed printer. (Issue: 6835)

[r15020] Stop the location bar from flashing white when navigating from one HTTPS site to another. (Issue: 11157)

[r15214] Fix for common issues around opening a new window. (Issues: 6377, 6192, 835)

Lots of work around Extensions. (See r15417, r15271, r15310)

release noteslist of all revisionshttp://dev.chromium.org/getting-involved/dev-channelhttp://code.google.com/p/chromium/issues/entryGoogle Chrome Program Manager

No Dev update this week

Friday, May 8, 2009

We were not able to issue a Dev channel release this week. Our test team did a great job in qualifying two Stable udpates and a Beta update this week, and we just didn't have the test capacity to push a Dev channel release.

We'll get an update out early next week. Stay tuned for some exciting new features we hope to land in the Dev channel.

Mark Larson
Google Chrome Program Manager

[Edit, 11 May 2009: Change 'bandwidth' to 'test capacity'. Sometimes the colloquial jargon we use at work translates imprecisely for a public audience.]

We were not able to issue a Dev channel release this week. Our test team did a great job in qualifying two Stable udpates and a Beta update this week, and we just didn't have the test capacity to push a Dev channel release.
We'll get an update out early next week. Stay tuned for some exciting new features we hope to land in the Dev channel.
Mark LarsonGoogle Chrome Program Manager

Beta Update

Friday, May 8, 2009

Some highlights for this release:

Lots of UI tweaks, bug, and stability fixes!
Added the ability to remove most visited thumbnails from the New Tab page. (Issue: 685)
Autocomplete now pulls suggestions from search engines that support the functionality, and retains a history of those searches. For example, if you have searched from wikipedia.org in the past, start typing wikipedia.org in the omnibox, press the Tab key then a search term and suggestions and past searches will appear for Wikipedia. (Issue: 3636)
Added a confirmation box when closing the browser with in progress downloads. (Issue: 1028)
Added "Reopen closed tab" and create "New Tab" to the context menu on the tab bar. (Issue: 2144)

Please report bugs at http://code.google.com/p/chromium/issues/list.

A detailed list of changes in this release is in the release notes.

Anthony Laforge, PMP

Google Chrome

Google Chrome's Beta channel has been updated to 2.0.172.23. This release includes about 200 changes pulled in from the releases subsequent to 2.0.172.2.
Some highlights for this release:

Lots of UI tweaks, bug, and stability fixes!
Added the ability to remove most visited thumbnails from the New Tab page. (Issue: 685)
Autocomplete now pulls suggestions from search engines that support the functionality, and retains a history of those searches. For example, if you have searched from wikipedia.org in the past, start typing wikipedia.org in the omnibox, press the Tab key then a search term and suggestions and past searches will appear for Wikipedia. (Issue: 3636)
Added a confirmation box when closing the browser with in progress downloads. (Issue: 1028)
Added "Reopen closed tab" and create "New Tab" to the context menu on the tab bar. (Issue: 2144)

Please report bugs at http://code.google.com/p/chromium/issues/list.
A detailed list of changes in this release is in the release notes.

Anthony Laforge, PMPGoogle Chrome

Stable Update: Bug fix

Thursday, May 7, 2009

Google Chrome's Stable channel has been updated to version 1.0.154.65 to fix a crash during startup for a small percentage of users.

CVE-2009-0945 Denial of service in SVG

A memory corruption issue exists in WebKit's handling of SVGList objects. Visiting a maliciously crafted website may lead to arbitrary code execution. The arbitrary code would be limited by the Google Chrome sandbox.

More info: http://code.google.com/p/chromium/issues/detail?id=9019

Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.

Mitigations:

A victim would need to visit a page under an attacker's control.
Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.

Mark Larson

Google Chrome Program Manager

Edit 13 May 2009: Disclosing that this release contains the fix for CVE-2009-0945, an issue in WebKit code that also affects Apple's Safari web browser. We did not want to disclose this until Apple's fix for Safari users was released.

Google Chrome's Stable channel has been updated to version 1.0.154.65 to fix a crash during startup for a small percentage of users.

CVE-2009-0945 Denial of service in SVG

More info: http://code.google.com/p/chromium/issues/detail?id=9019

Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.

Mitigations:

A victim would need to visit a page under an attacker's control.
Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.

Mark Larson

Google Chrome Program Manager

Stable Update: Security Fix

Tuesday, May 5, 2009

This release also contains

A new notification at startup that makes it easier to set Google Chrome as the default browser. If you don't want Google Chrome to be the default browser, you can click 'Don't ask again'.
A new version of Gears (0.5.16.0)

Security Fixes

CVE-2009-1441: Input validation error in the browser process.

A failure to properly validate input from a renderer (tab) process could allow an attacker to crash the browser and possibly run arbitrary code with the privileges of the logged on user. To exploit this vulnerability, an attacker would need to be able to run arbitrary code inside the renderer process.

More info: http://code.google.com/p/chromium/issues/detail?id=10869

Severity: Critical. An attacker might be able to run code with the privileges of the logged on user.

Mitigation: An attacker would need to be able to run arbitrary code in the renderer process.

CVE-2009-1442: Integer overflow in Skia 2D graphics.

A failure to check the result of integer multiplication when computing image sizes could allow a specially-crafted image or canvas to cause a tab to crash and it might be possible for an attacker to execute arbitrary code inside the (sandboxed) renderer process.

More info: http://code.google.com/p/chromium/issues/detail?id=10736

Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.

Mitigations:

A victim would need to visit a page under an attacker's control.
Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.

Mark Larson

Google Chrome Program Manager

Google Chrome's Stable channel has been updated to version 1.0.154.64 to fix two security issues discovered by internal Google testing.
This release also contains

A new notification at startup that makes it easier to set Google Chrome as the default browser. If you don't want Google Chrome to be the default browser, you can click 'Don't ask again'.

A new version of Gears (0.5.16.0)

Security Fixes
CVE-2009-1441: Input validation error in the browser process.A failure to properly validate input from a renderer (tab) process could allow an attacker to crash the browser and possibly run arbitrary code with the privileges of the logged on user. To exploit this vulnerability, an attacker would need to be able to run arbitrary code inside the renderer process.
More info: http://code.google.com/p/chromium/issues/detail?id=10869
Severity: Critical. An attacker might be able to run code with the privileges of the logged on user.
Mitigation: An attacker would need to be able to run arbitrary code in the renderer process.

CVE-2009-1442: Integer overflow in Skia 2D graphics.A failure to check the result of integer multiplication when computing image sizes could allow a specially-crafted image or canvas to cause a tab to crash and it might be possible for an attacker to execute arbitrary code inside the (sandboxed) renderer process.
More info: http://code.google.com/p/chromium/issues/detail?id=10736
Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.
Mitigations:

A victim would need to visit a page under an attacker's control.

Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.

Mark LarsonGoogle Chrome Program Manager

Chrome Releases

Dev update: Larger fonts

Dev Channel Release 3.0.182.2

Beta update: V8 experiment

Stable Update: Google Chrome 2.0.172.28

Dev Channel Update: 2.0.181.1

Beta Update: Bug fixes and translations

Dev Channel Updated with Bug Fixes

No Dev update this week

Beta Update

Stable Update: Bug fix

Stable Update: Security Fix

Labels

Archive