Chrome Releases

For more details about the new features in the release, over our previous stable release 4.1, please see the Official Google Chrome blog.

Security Fixes:

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

• [7713] Medium Canonicalize URLs closer to the Safe Browsing specification. Credit to Brett Wilson of the Chromium development community.
• [16535] High Possible URL bar spoofing via unload event handlers. Credit to Michal Zalewski, Google Security Team.
• [30079] Medium Memory error in Safe Browsing interaction. Credit to Google Chrome Security Team (SkyLined).
• [39740] Medium Bypass of whitelist-mode plugin blocker. Credit to Darin Fisher of the Chromium development community.
• [41469] Medium Memory error with drag + drop. Credit to kuzzcc.
• [42228] High Incorrect execution of Javascript in the extension context. Credit to Andrey Kosyakov of the Chromium development community.

In addition, we fixed a range of minor issues such as non-exploitable crashes, hangs and other annoyances. Credit to Sumit Gwalani; Google Security Team, sirdarckcat; Google Security Team, Google Chrome Security Team (Inferno), Carlos Ghan, WHK; elhacker.net, x41, Aki Helin; OUSPG, Jordi Chancel, kuzzcc, Robert Swiecki; Google Security Team, Tavis Ormandy; Google Security Team and Florent; Skyrecon Systems.

Also, we would like to extend our thanks to the following people who helped find bugs so we could fix them before they ever affected the stable channel: Robert Swiecki; Google Security Team, Alexey Proskuryakov; Apple, Florian Rienhardt; BSI, and Ben Davis.

Anthony Laforge

Google Chrome