Chrome Releases: July 2013

- Ambarish Kenghe, Chromecast Product Manager

Today, we are pushing a bug fix update to Chromecast devices to improve performance, reliability and security. The update will roll out over the next few days and will happen automatically; users do not need to take any action.
- Ambarish Kenghe, Chromecast Product Manager

Release Highlights:

Chrome security fixes - please view the Chrome release announcement for details.
Crash fixes related to suspend/resume on Samsung Chromebook
Keyboard backlight now turns off properly when watching fullscreen video on Chromebook Pixel (257827)
Pepper Flash updated to 11.8.800.94-r10

If you find new issues, please let us know by visiting our help site or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 horizontal bars in the upper right corner of the browser).

Danielle Drew

Google Chrome

The Stable channel has been updated to 28.0.1500.95 for all Chrome OS devices (Platform version: 4100.86.0 for all devices). This build contains a number of stability and security improvements.
Release Highlights:

Chrome security fixes - please view the Chrome release announcement for details.

Crash fixes related to suspend/resume on Samsung Chromebook

Keyboard backlight now turns off properly when watching fullscreen video on Chromebook Pixel (257827)

Pepper Flash updated to 11.8.800.94-r10

This update includes 11 security fixes. Below, we highlight some fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.

[$500] [257748] Medium CVE-2013-2881: Origin bypass in frame handling. Credit to Karthik Bhargavan.

[$1000] [260106] High CVE-2013-2882: Type confusion in V8. Credit to Cloudfuzzer.

[$1000] [260165] High CVE-2013-2883: Use-after-free in MutationObserver. Credit to Cloudfuzzer.

[248950] High CVE-2013-2884: Use-after-free in DOM. Credit to Ivan Fratric of Google Security Team.

[249640] [257353] High CVE-2013-2885: Use-after-free in input handling. Credit to Ivan Fratric of Google Security Team.

In addition, our ongoing internal security work was as usual responsible for a wide range of fixes:

[261701] High CVE-2013-2886: Various fixes from internal audits, fuzzing and other initiatives.

Full details about what changes are in this build are available in the SVN revision log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Anthony Laforge

Google Chrome Team

The Stable channel has been updated to 28.0.1500.95 for Chrome Frame, Linux, Mac, and Windows.

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. This commonly occurs if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 11 security fixes. Below, we highlight some fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.
[$500] [257748] Medium CVE-2013-2881: Origin bypass in frame handling. Credit to Karthik Bhargavan. [$1000] [260106] High CVE-2013-2882: Type confusion in V8. Credit to Cloudfuzzer. [$1000] [260165] High CVE-2013-2883: Use-after-free in MutationObserver. Credit to Cloudfuzzer. [248950] High CVE-2013-2884: Use-after-free in DOM. Credit to Ivan Fratric of Google Security Team. [249640] [257353] High CVE-2013-2885: Use-after-free in input handling. Credit to Ivan Fratric of Google Security Team.
In addition, our ongoing internal security work was as usual responsible for a wide range of fixes:

[261701] High CVE-2013-2886: Various fixes from internal audits, fuzzing and other initiatives.

Release Highlights:

Numerous crash fixes and performance improvements.
Speed improvements for the Files app, along with support for files that are Shared with me and Recent on Google Drive.
Monitor Rotation and Scaling - you can scale your UI smaller and rotate the screen on all Chromebooks.
Notification pop-up message appears when screenshots are taken. Clicking on the notification will bring you right to the screenshot.
Replaced the Japanese IME with a NaCl extension version downloads a better language model upon actual usage.
Added transliteration IMEs for Indic languages from Google Input Tools.
Touch link highlighting on Chromebook Pixel - we now provide feedback on which link you click or button you press.
Updated Chrome Office Viewer (Beta) extension
Pepper Flash updated to 11.8.800.94

Known issues:

On Acer C7 Chromebooks, docked mode has been disabled when connecting to an external monitor.

Danielle Drew

Google Chrome

The Stable channel has been updated to 28.0.1500.68 for all Chrome OS devices (Platform version: 4100.68.0 for all devices except Cr-48, which was updated to 4100.78.0). This build contains a number of feature enhancements, bug fixes and security improvements. Machines will be receiving updates over the next several days.
Release Highlights:

Numerous crash fixes and performance improvements.

Speed improvements for the Files app, along with support for files that are Shared with me and Recent on Google Drive.

Monitor Rotation and Scaling - you can scale your UI smaller and rotate the screen on all Chromebooks.

Notification pop-up message appears when screenshots are taken. Clicking on the notification will bring you right to the screenshot.

Replaced the Japanese IME with a NaCl extension version downloads a better language model upon actual usage.

Added transliteration IMEs for Indic languages from Google Input Tools.

Touch link highlighting on Chromebook Pixel - we now provide feedback on which link you click or button you press.

Updated Chrome Office Viewer (Beta) extension

Pepper Flash updated to 11.8.800.94

Known issues:

On Acer C7 Chromebooks, docked mode has been disabled when connecting to an external monitor.

Some highlights of these changes are:

Pepper Flash updated to 11.8.800.94
Fix to address the battery charging notification being displayed indefinitely in some situations.

Danielle Drew
Google Chrome

The Beta channel has been updated to 28.0.1500.68 (Platform version: 4100.68.0 for all platforms except Cr-48, which has 4100.78.0) for all Chrome OS devices. This build contains a number of stability enhancements.
Some highlights of these changes are:

Pepper Flash updated to 11.8.800.94
Fix to address the battery charging notification being displayed indefinitely in some situations.

Danielle Drew
Google Chrome

Please see the Chromium security page for more information. (Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.)

This automatic update includes security fixes. We’d like to highlight the following fixes for various reasons (crediting external researchers, issuing rewards, or highlighting particularly interesting issues):

[$21,500] A special reward for Andrey Labunets for his combination of CVE-2013-2879 and CVE-2013-2868 along with some (since fixed) server-side bugs.

[252216] Low CVE-2013-2867: Block pop-unders in various scenarios.
[252062] High CVE-2013-2879: Confusion setting up sign-in and sync. Credit to Andrey Labunets.
[252034] Medium CVE-2013-2868: Incorrect sync of NPAPI extension component. Credit to Andrey Labunets.
[245153] Medium CVE-2013-2869: Out-of-bounds read in JPEG2000 handling. Credit to Felix Groebert of Google Security Team.
[$6267.4] [244746] [242762] Critical CVE-2013-2870: Use-after-free with network sockets. Credit to Collin Payne.
[$3133.7] [244260] Medium CVE-2013-2853: Man-in-the-middle attack against HTTP in SSL. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco at INRIA Paris.
[$2000] [243991] [243818] High CVE-2013-2871: Use-after-free in input handling. Credit to miaubiz.
[Mac only] [242702] Low CVE-2013-2872: Possible lack of entropy in renderers. Credit to Eric Rescorla.
[$1000] [241139] High CVE-2013-2873: Use-after-free in resource loading. Credit to miaubiz.
[Windows + NVIDIA only] [$500] [237611] Medium CVE-2013-2874: Screen data leak with GL textures. Credit to “danguafer”.
[$500] [233848] Medium CVE-2013-2875: Out-of-bounds-read in SVG. Credit to miaubiz.
[229504] Medium CVE-2013-2876: Extensions permissions confusion with interstitials. Credit to Dev Akhawe.
[229019] Low CVE-2013-2877: Out-of-bounds read in XML parsing. Credit to Aki Helin of OUSPG.
[196636] None: Remove the “viewsource” attribute on iframes. Credit to Collin Jackson.
[177197] Medium CVE-2013-2878: Out-of-bounds read in text handling. Credit to Atte Kettunen of OUSPG.

In addition, our ongoing internal security work was as usual responsible for a wide range of fixes:

[256985] High CVE-2013-2880: Various fixes from internal audits, fuzzing and other initiatives (Chrome 28).

Full details about what changes are in this build are available in the SVN revision log and the Chrome Chrome Blog. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Chrome Releases

Chrome Beta for Android

Chromecast Update

Dev Channel Update for Chrome OS

Dev Channel Update

Chrome for iOS Update

Stable Channel Update for Chrome OS

Stable Channel Update

Dev Channel Update for Chrome OS

Chrome Beta for Android

Beta Channel Update

Beta Channel Release for Chrome OS

Dev Channel Update

Beta Channel Release for Chrome OS

Chrome for Android Update

Dev Channel Release for Chrome OS

Dev Channel Update

Chrome for iOS Update

Dev Channel Update

Chrome Beta for Android

Dev Channel Update for Chrome OS

Beta Channel Update

Dev Channel Update

Stable Channel Update

Dev Channel

Stable Channel Update for Chrome OS

Chrome for Android Update

Dev Channel Update for Chrome OS

Beta Channel Update for Chrome OS

Stable Channel Update

Labels

Archive