Chrome Releases: March 2020

Stable Channel Update for Desktop

Tuesday, March 31, 2020

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 8 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$TBD][1062247] High CVE-2020-6450: Use after free in WebAudio. Reported by Man Yue Mo of GitHub Security Lab on 2020-03-17

[$TBD][1061018] High CVE-2020-6451: Use after free in WebAudio. Reported by Man Yue Mo of GitHub Security Lab on 2020-03-12

[$N/A][1059764] High CVE-2020-6452: Heap buffer overflow in media. Reported by asnine on 2020-03-09
[$TBD][1065094] High CVE-2020-6453: Inappropriate implementation in V8. Reported by Anonymous on 2020-03-26

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible for a wide range of fixes:

[1066247] Various fixes from internal audits, fuzzing and other initiatives

Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

Srinivas Sista
Google Chrome

The stable channel has been updated to 80.0.3987.162 for Windows, Mac, and Linux, which will roll out over the coming days/weeks.
A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Security Fixes and Rewards

This update includes 8 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$TBD][1062247] High CVE-2020-6450: Use after free in WebAudio. Reported by Man Yue Mo of GitHub Security Lab on 2020-03-17

[$TBD][1061018] High CVE-2020-6451: Use after free in WebAudio. Reported by Man Yue Mo of GitHub Security Lab on 2020-03-12

[1066247] Various fixes from internal audits, fuzzing and other initiatives

Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

Srinivas Sista
Google Chrome

Beta Channel Update for Desktop

Thursday, March 26, 2020

A full list of changes in this build is available in the log. Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Prudhvikumar Bommana

Google Chrome

The beta channel has been updated to 81.0.4044.83 for Windows, Mac, and, Linux.
A full list of changes in this build is available in the log. Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Prudhvikumar Bommana Google Chrome

Dev Channel Update for Desktop

Thursday, March 26, 2020

A partial list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Srinivas Sista Google Chrome

The Dev channel has been updated to 83.0.4093.3 for Windows, Mac, and Linux platforms.A partial list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Srinivas Sista Google Chrome

Chrome and Chrome OS release updates

Thursday, March 26, 2020

Friday, April 3, 2020 - UPDATE We’ve published an updated schedule for releases M84+ herepreviously paused

M83 will be released three weeks earlier than previously planned and will include all M82 work as we cancelled the M82 release (all channels).
Our Canary, Dev and Beta channels have or will resume this week, with M83 moving to Dev, and M81 continuing in Beta.
Our Stable channel will resume release next week with security and critical fixes in M80, followed by the release of M81 the week of April 7, and M83 ~mid-May.
We will share a future update on the timing of the M84 branch and releases.

We continue to closely monitor that Chrome and Chrome OS are stable, secure, and work reliably. We’ll keep everyone informed of any changes on our schedule on this blog and will share additional details on the schedule in the Chromium Developers group, as needed. You can also check our schedule page for specific dates for each milestone at any time.

Thanks everyone for the help and patience during this time.

Google Chrome

Chrome Beta for Android Update

Tuesday, March 24, 2020

available on Google PlayGit logChromium blogherefiling a bugGoogle Chrome

Stable Channel Update for Chrome OS

Friday, March 20, 2020

If you find new issues, please let us know by vising our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using 'Report an issue...' in the Chrome menu (3 vertical dots in the upper right corner of the browser).

Daniel Gagnon

Google Chrome OS

The Stable channel is being updated to 80.0.3987.158 (Platform version: 12739.105.0) for most Chrome OS devices. This build contains a number of bug fixes and security updates. Systems will be receiving updates over the next several days.
If you find new issues, please let us know by vising our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using 'Report an issue...' in the Chrome menu (3 vertical dots in the upper right corner of the browser).
Daniel Gagnon Google Chrome OS

Dev Channel Update for Desktop

Wednesday, March 18, 2020

Lakshmana Pamarthy Google Chrome

The Dev channel has been updated to 82.0.4085.12 for Windows, Mac, and Linux platforms.A partial list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Lakshmana Pamarthy Google Chrome

Stable Channel Update for Desktop

Wednesday, March 18, 2020

This update includes 13 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$8500][1051748] High CVE-2020-6422: Use after free in WebGL. Reported by David Manouchehri on 2020-02-13

[$NA][1031142] High CVE-2020-6424: Use after free in media. Reported by Sergei Glazunov of Google Project Zero on 2019-12-05

[$NA][1031670] High CVE-2020-6425: Insufficient policy enforcement in extensions. Reported by Sergei Glazunov of Google Project Zero on 2019-12-06

[$TBD][1052647] High CVE-2020-6426: Inappropriate implementation in V8. Reported by Avihay Cohen @ SeraphicAlgorithms on 2020-02-16

[$TBD][1055788] High CVE-2020-6427: Use after free in audio. Reported by Man Yue Mo of GitHub Security Lab on 2020-02-25

[$TBD][1057593] High CVE-2020-6428: Use after free in audio. Reported by Man Yue Mo of GitHub Security Lab on 2020-03-02

[$TBD][1057627] High CVE-2020-6429: Use after free in audio. Reported by Man Yue Mo of GitHub Security Lab on 2020-03-02

[$NA][1059349] High CVE-2019-20503: Out of bounds read in usersctplib. Reported by Natalie Silvanovich of Google Project Zero on 2020-03-06

[$TBD][1059686] High CVE-2020-6449: Use after free in audio. Reported by Man Yue Mo of GitHub Security Lab on 2020-03-09

[1057473] Various fixes from internal audits, fuzzing and other initiatives

Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.

Srinivas Sista
Google Chrome

The stable channel has been updated to 80.0.3987.149 for Windows, Mac, and Linux, which will roll out over the coming days/weeks.
A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.