Chrome Releases: Stable Channel Update

Monday, March 4, 2013

Stable Channel Update

The Stable channel has been updated to 25.0.1364.152 for Windows and Linux. Note: these release notes also apply to the same version for Mac that was released last Friday. This release contains security and stability improvements along with a number of bug fixes.

Security fixes and rewards:

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

[$1000] [176882] High CVE-2013-0902: Use-after-free in frame loader. Credit to Chamal de Silva.
[$1000] [176252] High CVE-2013-0903: Use-after-free in browser navigation handling. Credit to “chromium.khalil”.
[$2000] [172926] [172331] High CVE-2013-0904: Memory corruption in Web Audio. Credit to Atte Kettunen of OUSPG.
[$1000] [168982] High CVE-2013-0905: Use-after-free with SVG animations. Credit to Atte Kettunen of OUSPG.
[174895] High CVE-2013-0906: Memory corruption in Indexed DB. Credit to Google Chrome Security Team (Jüri Aedla).
[174150] Medium CVE-2013-0907: Race condition in media thread handling. Credit to Andrew Scherkus of the Chromium development community.
[174059] Medium CVE-2013-0908: Incorrect handling of bindings for extension processes.
[173906] Low CVE-2013-0909: Referer leakage with XSS Auditor. Credit to Egor Homakov.
[172573] Medium CVE-2013-0910: Mediate renderer -> browser plug-in loads more strictly. Credit to Google Chrome Security Team (Chris Evans).
[172264] High CVE-2013-0911: Possible path traversal in database handling. Credit to Google Chrome Security Team (Jüri Aedla).

Full details about what changes are in this build are available in the SVN revision log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Jason Kersey
Google Chrome

9 comments:

khalil zhani said...: awesome !!!; 12:20 PM, March 04, 2013
Son Gokou said...: is Google silently updating Flash? I thought every update on Flash requires a new update/version of Chrome yet I think I saw twice or thrice updated new version of Flash without Chrome updating. It's mind boggling.; 1:22 PM, March 04, 2013
TarunD. said...: Yes, Flash is updated in the background.; 2:36 PM, March 04, 2013
Diego Ignacio Vargas Nahuelpani said...: Gran trabajo Google; 3:56 PM, March 04, 2013
Jem said...: Webcam problem that I posted (and filed a bug for) in the last release persists. Can you shed any light on what the problem might be?Although the cam works (MS Lifecam) the webcam software for controlling the cam does not start up automatically as it did after granting the cam permission using the Flash dialogue. This is now a fresh install of Chrome Stable with the cam software / driver also re-installed. Tested in IE9 and FF19 and works fine. Site I used to test: http://testwebcam.com/

Windows 7 Pro x64; 5:10 AM, March 05, 2013
raphaelbm said...: At the end of the announcement I am asked to submit a bug report. This link fails. Please fix it. thx Raphael

Here are the announcement words:
"If you find a new issue, please let us know by filing a bug."

I click there and get the message:
"Unavailable". Duh !!!!; 10:58 AM, March 05, 2013
barrera.h said...: Is it just me or in this update double tapping and dragging the mouse doesn't work anymore to high light and move words, sentences, windows and tabs?; 11:28 PM, March 05, 2013
Nero Wiggins said...: Sounds great!; 7:16 AM, March 06, 2013
Big Al said...: This comment has been removed by the author.; 9:58 AM, March 06, 2013