Chrome Stable Channel Update

Two sides to that coin. If I was signed in and synched, I might have lost preferences on both computers instead of just one.

 

I don't know. That info is hard to find.

 

Since Google owns VirusTotal now, it should be good.

 

Well, FWIW, I found the culprit. It was CCleaner v4.08.
My Chrome preferences were getting corrupted only when I ran CCleaner.
I noticed that I did not have the most current version (v4.09) which was released about one month ago.
Lo and behold, when viewing the release notes I saw this:
"Added Google Chrome v32 cleaning & startup management".
I deleted the old User data, closed and opened Chrome and imported saved Bookmarks.
As soon as I upgraded to CCleaner 4.09, I was able to run the CCleaner and the Chrome corruption problem disappeared.
Turns out it had nothing to do with conflicting security programs.

 

Nice find. Thanks for sharing. I upgraded CCleaner to latest version (was using 4.07 version).

Regards, hqsec

 

Not scrolling faster, but I'm experiencing overall sluggishness - when opening the browser for the first time and rendering pictures.

 

I am getting some "Unresponsive" errors off and on.
Never happened prior to this last upgrade.

 

Chrome has been updated to 32.0.1700.102 for Windows, Mac, Linux and Chrome Frame.

This update has fixes for the following issues:
Mouse Pointer disappears after exiting full-screen mode. (317496)
Drag and drop files into Chrome may not work properly. (332579)
Quicktime Plugin crashes in Chrome. (308466)
Chrome becomes unresponsive. (335248 )
Trackpad users may not be able to scroll horizontally. (332797)
Scrolling does not work in combo box. (334454)
Chrome does not work with all CSS minifiers such as whitespace around a media query's `and` keyword. (333035)
Security Fixes and Rewards

This update includes 14 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.

[$1000][330420] High CVE-2013-6649: Use-after-free in SVG images. Credit to Atte Kettunen of OUSPG.
[$3000][331444] High CVE-2013-6650: Memory corruption in V8. This issue was fixed in v8 version 3.22.24.16. Credit to Christian Holler.

We would also like to thank cloudfuzzer and miaubiz for working with us during the development cycle to prevent security bugs from ever reaching the stable channel. $6000 in additional rewards were issued.

Many of the above bugs were detected using AddressSanitizer.

A partial list of changes is available in the SVN log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Karen Grunberg and Daniel Xie
Google Chrome

 

Chrome has been updated to 32.0.1700.107 for Windows, Mac, Linux and Chrome Frame.

 

During 107 update ZA FW wanted me to ok 2 or 3 changes that Chrome wanted to make. One of them was..32.0.1700.107_32.0.1700.102_chrome_updater.exe is trying to create a new process.

 

Lots of negative comments about recent releases. I took the plunge and upgraded on two W7 machines.
So far okay.
Chrome seems to be on less than stable legs recently.
See comments section on this page.

 

Is there any way to go back to old releases? I didn't stop the auto update and this new release is really buggy. High CPU usages and general lagging occurring on 2 separate PC. Really a swing and a miss with these last versions

 

The Stable Channel has been updated to 33.0.1750.117 for Windows, Mac, and Linux.

Security Fixes and Rewards

This update includes 28 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.

[$2000][334897] High CVE-2013-6652: Issue with relative paths in Windows sandbox named pipe policy. Credit to tyranid.
[$1000][331790] High CVE-2013-6653: Use-after-free related to web contents. Credit to Khalil Zhani.
[$3000][333176] High CVE-2013-6654: Bad cast in SVG. Credit to TheShow3511.
[$3000][293534] High CVE-2013-6655: Use-after-free in layout. Credit to cloudfuzzer.
[$500][331725] High CVE-2013-6656: Information leak in XSS auditor. Credit to NeexEmil.
[$1000][331060] Medium CVE-2013-6657: Information leak in XSS auditor. Credit to NeexEmil.
[$2000][322891] Medium CVE-2013-6658: Use-after-free in layout. Credit to cloudfuzzer.
[$1000][306959] Medium CVE-2013-6659: Issue with certificates validation in TLS handshake. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco, Inria Paris.

[332579] Low CVE-2013-6660: Information leak in drag and drop. Credit to bishopjeffreys.

As usual, our ongoing internal security work responsible for a wide range of fixes:
[344876] Low-High CVE-2013-6661: Various fixes from internal audits, fuzzing and other initiatives. Of these, seven are fixes for issues that could have allowed for sandbox escapes from compromised renderers.
Many of the above bugs were detected using AddressSanitizer.

General Announcements

Google Chrome Frame has been retired, please read our June 2013 Chromium blog post for additional details and background.

This release fixes a number of crashes and other bugs. A full list of changes is available in the SVN log. If you find a new issue, please let us know by filing a bug.
Anthony Laforge
Google Chrome

 

All seems smooth with this release.

 

Except for those who don't like the new tab page. I find it more useless than not, but bearable.

 

Not sure what their angle is, but they removed the experimental flag to change the new tab page back to the original. I think this is a useless tab page IMO, as I just type in the omnibar, I don't need to be prompted with recent sites and a big flashing search bar. Total fail

 

Here is quote from Peter Kasting's (Google UI Engineer) about the issue

Not what someone wants to here if they like to customize aspects of their browser

Just because the majority of casual users could not figure out a way to revert the old NTP via //flags does not mean it is a success

Sounds like "we're gearing up to make those little tab boxes into advertisements soon" IMO b/c why else couldn't you have a simple setting to switch it back? Other than to try and persuade you to visit these "recommended sites" not having an option makes no sense, it's not like the page loads faster or is safer in anyway?
Can't think of another reason and from this "explanation" I get nothing that tells me why this is for the best and should not have any other optioins to choose from

 

Marginally bearable, I'll give you that, J_L.
And with no recourse for switching back.
Compared to some of the corruption and puking that recent releases have brought my way, this version does at least run smooth.

 

The Stable Channel has been updated to 33.0.1750.146 for Windows, Mac, and Linux.

Security Fixes and Rewards

This update includes 19 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.

[$1000][344492] High CVE-2013-6663: Use-after-free in svg images. Credit to Atte Kettunen of OUSPG.
[$500][326854] High CVE-2013-6664: Use-after-free in speech recognition. Credit to Khalil Zhani.
[$2000][337882] High CVE-2013-6665: Heap buffer overflow in software rendering. Credit to cloudfuzzer.
[332023] Medium CVE-2013-6666: Chrome allows requests in flash header request. Credit to netfuzzerr.

As usual, our ongoing internal security work responsible for a wide range of fixes:

[348175] CVE-2013-6667: Various fixes from internal audits, fuzzing and other initiatives.
[343964, 344186, 347909] CVE-2013-6668: Multiple vulnerabilities in V8 fixed in version 3.24.35.10.

Many of the above bugs were detected using AddressSanitizer.

This release fixes a number of crashes and other bugs. A full list of changes is available in the SVN log. If you find a new issue, please let us know by filing a bug.

Anthony Laforge
Google Chrome

Chrome Releases

 

The Stable Channel has been updated to 33.0.1750.149 for Windows, Mac, and Linux.

This release also contains a Flash Player update, to version 12.0.0.77.

Security Fixes and Rewards

This update includes 7 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.

[$4000][344881] High CVE-2014-1700: Use-after-free in speech. Credit to Chamal de Silva.
[$3000][342618] High CVE-2014-1701: UXSS in events. Credit to aidanhs.
[$1000][333058] High CVE-2014-1702: Use-after-free in web database. Credit to Collin Payne.

As usual, our ongoing internal security work responsible for a wide range of fixes:

[338354] High CVE-2014-1703: Potential sandbox escape due to a use-after-free in web sockets.
[328202, 349079, 345715] CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version 3.23.17.18.

Many of the above bugs were detected using AddressSanitizer.

This release fixes a number of crashes and other bugs. A full list of changes is available in the SVN log. If you find a new issue, please let us know by filing a bug.

Anthony Laforge
Google Chrome

Chrome Releases

 

<STOP MAKING SENSE Deptartment>

FRIDAY, MARCH 14, 2014
Stable Channel Update
The Stable Channel has been updated to 33.0.1750.12 for Windows, Mac, and Linux.

<Okay, but 3 days ago Chrome updated to 33.0.1750.149>

Chrome Releases

 

Could it be because of Pawn2Own?? Chrome usually releases updates to address publicised vulnerabilities very shortly after this event if i remember correctly.

 

I think he was just wondering why the last number was 12 when it should have been something higher than 149. Mine says 154 now, so that may have been a typo or glitch.

Yes, Pwn2Own will force updates, but another factor is the bundled Flash player. That's essentially an "off-schedule" update, and the fixes that accompany it are whatever they have ready that would have been held for the next one.

 

Yep. Upgraded to 154 this morning.

 

Some changes for exploits from Pwn2Own. Quick update from Google.

hqsec