Google Chrome Changelog

New in version 43.0.2357.18 Beta

April 17th, 2015
  • Suggesting Answers in the Omnibox
  • A number of new apps/extension APIs (including the Push API!)
  • Lots of under the hood changes for stability and performance

New in version 42.0.2311.90 (April 15th, 2015)

  • A number of new apps, extension and Web Platform APIs (including the Push API!)
  • Lots of under the hood changes for stability and performance
  • Security Fixes and Rewards:
  • [456518] High CVE-2015-1235: Cross-origin-bypass in HTML parser. Credit to anonymous.
  • [313939] Medium CVE-2015-1236: Cross-origin-bypass in Blink. Credit to Amitay Dobo.
  • [461191] High CVE-2015-1237: Use-after-free in IPC. Credit to Khalil Zhani.
  • [445808] High CVE-2015-1238: Out-of-bounds write in Skia. Credit to cloudfuzzer.
  • [463599] Medium CVE-2015-1240: Out-of-bounds read in WebGL. Credit to w3bd3vil.
  • [418402] Medium CVE-2015-1241: Tap-Jacking. Credit to Phillip Moon and Matt Weston of Sandfield Information Systems.
  • [460917] High CVE-2015-1242: Type confusion in V8. Credit to fcole@onshape.com.
  • [455215] Medium CVE-2015-1244: HSTS bypass in WebSockets. Credit to Mike Ruddy.
  • [444957] Medium CVE-2015-1245: Use-after-free in PDFium. Credit to Khalil Zhani.
  • [437399] Medium CVE-2015-1246: Out-of-bounds read in Blink. Credit to Atte Kettunen of OUSPG.
  • [429838] Medium CVE-2015-1247: Scheme issues in OpenSearch. Credit to Jann Horn.
  • [380663] Medium CVE-2015-1248: SafeBrowsing bypass. Credit to Vittorio Gambaletta (VittGam).
  • [476786] CVE-2015-1249: Various fixes from internal audits, fuzzing and other initiatives.
  • Multiple vulnerabilities in V8 fixed at the tip of the 4.2 branch (currently 4.2.77.14).

New in version 41.0.2272.118 (April 2nd, 2015)

  • Security fixes:
  • [469058] Critical CVE-2015-1233: A special thanks to Anonymous for a combination of V8, Gamepad and IPC bugs that can lead to remote code execution outside of the sandbox.
  • [468936] High CVE-2015-1234: Buffer overflow via race condition in GPU. Credit to lokihardt working with Pwn2Own and HP’s Zero Day Initiative.

New in version 42.0.2311.22 Beta (March 10th, 2015)

  • A number of new apps/extension APIs (including the Push API!)
  • Lots of under the hood changes for stability and performance

New in version 41.0.2272.76 (March 4th, 2015)

  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance
  • This update includes 51 security fixes

New in version 40.0.2214.111 (February 6th, 2015)

  • [447906] High CVE-2015-1209: Use-after-free in DOM. Credit to Maksymillian Motyl.
  • [453979] High CVE-2015-1210: Cross-origin-bypass in V8 bindings. Credit to anonymous.
  • [453982] High CVE-2015-1211: Privilege escalation using service workers. Credit to anonymous.
  • [455225] CVE-2015-1212: Various fixes from internal audits, fuzzing and other initiatives.

New in version 41.0.2272.16 Beta (January 23rd, 2015)

  • Contains many improvements including:
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in version 40.0.2214.91 (January 22nd, 2015)

  • A number of fixes and improvements, including:
  • A new clock behind/ahead error message.
  • Security Fixes:
  • [430353] High CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning.
  • [435880] High CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne.
  • [434136] High CVE-2014-7925: Use-after-free in WebAudio. Credit to mark.buer.
  • [422824] High CVE-2014-7926: Memory corruption in ICU. Credit to yangdingning.
  • [444695] High CVE-2014-7927: Memory corruption in V8. Credit to Christian Holler.
  • [435073] High CVE-2014-7928: Memory corruption in V8. Credit to Christian Holler.
  • [442806] High CVE-2014-7930: Use-after-free in DOM. Credit to cloudfuzzer.
  • [442710] High CVE-2014-7931: Memory corruption in V8. Credit to cloudfuzzer.
  • [443115] High CVE-2014-7929: Use-after-free in DOM. Credit to cloudfuzzer.
  • [429666] High CVE-2014-7932: Use-after-free in DOM. Credit to Atte Kettunen of OUSPG.
  • [427266] High CVE-2014-7933: Use-after-free in FFmpeg. Credit to aohelin.
  • [427249] High CVE-2014-7934: Use-after-free in DOM. Credit to cloudfuzzer.
  • [402957] High CVE-2014-7935: Use-after-free in Speech. Credit to Khalil Zhani.
  • [428561] High CVE-2014-7936: Use-after-free in Views. Credit to Christoph Diehl.
  • [419060] High CVE-2014-7937: Use-after-free in FFmpeg. Credit to Atte Kettunen of OUSPG.
  • [416323] High CVE-2014-7938: Memory corruption in Fonts. Credit to Atte Kettunen of OUSPG.
  • [399951] High CVE-2014-7939: Same-origin-bypass in V8. Credit to Takeshi Terada.
  • [433866] Medium CVE-2014-7940: Uninitialized-value in ICU. Credit to miaubiz.
  • [428557] Medium CVE-2014-7941: Out-of-bounds read in UI. Credit to Atte Kettunen of OUSPG and Christoph Diehl.
  • [426762] Medium CVE-2014-7942: Uninitialized-value in Fonts. Credit to miaubiz.
  • [422492] Medium CVE-2014-7943: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.
  • [418881] Medium CVE-2014-7944: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
  • [414310] Medium CVE-2014-7945: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
  • [414109] Medium CVE-2014-7946: Out-of-bounds read in Fonts. Credit to miaubiz.
  • [430566] Medium CVE-2014-7947: Out-of-bounds read in PDFium. Credit to fuzztercluck.
  • [414026] Medium CVE-2014-7948: Caching error in AppCache. Credit to jiayaoqijia.
  • [449894] CVE-2015-1205: Various fixes from internal audits, fuzzing and other initiatives.
  • Multiple vulnerabilities in V8 fixed at the tip of the 3.30 branch (currently 3.30.33.15).

New in version 39.0.2171.99 (January 14th, 2015)

  • Contains an update for Adobe Flash as well as a number of other fixes.

New in version 40.0.2214.10 Beta (November 21st, 2014)

  • Contains many stability and developer improvements including:
  • Profile Lock, which introduces the ability to "child lock" signed-in profiles.
  • New Tabs Page Suggestions, which tries to determine which sites you'd like to visit depending on the the time and day.
  • New crash recovery UI.

New in version 39.0.2171.65 (November 19th, 2014)

  • Contains a number of fixes and improvements, including:
  • 64-bit support for Mac
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance
  • Security Fixes and Rewards:
  • This update includes 42 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.
  • [$500][389734] High CVE-2014-7899: Address bar spoofing. Credit to Eli Grey.
  • [$1500][406868] High CVE-2014-7900: Use-after-free in pdfium. Credit to Atte Kettunen from OUSPG.
  • [$1000][413375] High CVE-2014-7901: Integer overflow in pdfium. Credit to cloudfuzzer.
  • [$1000][414504] High CVE-2014-7902: Use-after-free in pdfium. Credit to cloudfuzzer.
  • [$3000][414525] High CVE-2014-7903: Buffer overflow in pdfium. Credit to cloudfuzzer.
  • [$2000][418161] High CVE-2014-7904: Buffer overflow in Skia. Credit to Atte Kettunen from OUSPG.
  • [$2000][421817] High CVE-2014-7905: Flaw allowing navigation to intents that do not have the BROWSABLE category. Credit to WangTao(neobyte) of Baidu X-Team.
  • [$500][423030] High CVE-2014-7906: Use-after-free in pepper plugins. Credit to Chen Zhang (demi6od) of the NSFOCUS Security Team.
  • [$7500][423703] High CVE-2014-0574: Double-free in Flash. Credit to biloulehibou.
  • [$5000][424453] High CVE-2014-7907: Use-after-free in blink. Credit to Chen Zhang (demi6od) of the NSFOCUS Security Team.
  • [$500][425980] High CVE-2014-7908: Integer overflow in media. Credit to Christoph Diehl.
  • [$500][391001] Medium CVE-2014-7909: Uninitialized memory read in Skia. Credit to miaubiz.
  • [433500] CVE-2014-7910: Various fixes from internal audits, fuzzing and other initiatives.

New in version 38.0.2125.122 (November 12th, 2014)

  • Contains an update for Adobe Flash as well as a number of other fixes.

New in version 38.0.2125.104 (October 15th, 2014)

  • This release contains an update for Adobe Flash as well as a number of other fixes.

New in version 39.0.2171.13 Beta (October 10th, 2014)

  • 64-bit support for Mac
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in version 38.0.2125.101 (October 8th, 2014)

  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance
  • Security Fixes:
  • [416449] Critical CVE-2014-3188: A special thanks to Jüri Aedla for a combination of V8 and IPC bugs that can lead to remote code execution outside of the sandbox.
  • [398384] High CVE-2014-3189: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
  • [400476] High CVE-2014-3190: Use-after-free in Events. Credit to cloudfuzzer.
  • [402407] High CVE-2014-3191: Use-after-free in Rendering. Credit to cloudfuzzer.
  • [403276] High CVE-2014-3192: Use-after-free in DOM. Credit to cloudfuzzer.
  • [399655] High CVE-2014-3193: Type confusion in Session Management. Credit to miaubiz.
  • [401115] High CVE-2014-3194: Use-after-free in Web Workers. Credit to Collin Payne.
  • [403409] Medium CVE-2014-3195: Information Leak in V8. Credit to Jüri Aedla.
  • [338538] Medium CVE-2014-3196: Permissions bypass in Windows Sandbox. Credit to James Forshaw.
  • [396544] Medium CVE-2014-3197: Information Leak in XSS Auditor. Credit to Takeshi Terada.
  • [415307] Medium CVE-2014-3198: Out-of-bounds read in PDFium. Credit to Atte Kettunen of OUSPG.
  • [395411] Low CVE-2014-3199: Release Assert in V8 bindings. Credit to Collin Payne.
  • [420899] CVE-2014-3200: Various fixes from internal audits, fuzzing and other initiatives (Chrome 38).
  • Multiple vulnerabilities in V8 fixed at the tip of the 3.28 branch (currently 3.28.71.15).

New in version 37.0.2062.124 (September 25th, 2014)

  • [414124] RSA signature malleability in NSS (CVE-2014-1568).

New in version 37.0.2062.122 (September 19th, 2014)

  • This update brings compatibility with Mac OS X 10.9.5 for new installations.

New in version 37.0.2062.120 (September 10th, 2014)

  • This release contains an update for Adobe Flash and includes 4 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting:
  • [401362] High CVE-2014-3178: Use-after-free in rendering. Credit to miaubiz.
  • [411014] CVE-2014-3179: Various fixes from internal audits, fuzzing and other initiatives.

New in version 38.0.2125.24 Beta (August 29th, 2014)

  • New experimental user switching design which makes changing profiles and into incognito mode simpler.
  • A new experimental Guest mode.
  • Experimental UI for Chrome supervised users.
  • Lots of under the hood changes for stability and performance.

New in version 37.0.2062.94 (August 26th, 2014)

  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance
  • Security Fixes:
  • Critical CVE-2014-3176, CVE-2014-3177: A special reward to lokihardt@asrt for a combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox.
  • High CVE-2014-3168: Use-after-free in SVG.
  • High CVE-2014-3169: Use-after-free in DOM.
  • High CVE-2014-3170: Extension permission dialog spoofing.
  • High CVE-2014-3171: Use-after-free in bindings.
  • Medium CVE-2014-3172: Issue related to extension debugging.
  • Medium CVE-2014-3173: Uninitialized memory read in WebGL.
  • Medium CVE-2014-3174: Uninitialized memory read in Web Audio.
  • CVE-2014-3175: Various fixes from internal audits, fuzzing and other initiatives (Chrome 37).

New in version 37.0.2062.20 Beta (July 18th, 2014)

  • This release contains many stability and developer improvements including:
  • DirectWrite support on Windows
  • A new password manager UI
  • Automatic reload of unreachable pages when network becomes available
  • Dropped Chrome sign-in requirement for Chrome Apps
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in version 36.0.1985.125 (July 17th, 2014)

  • A number of fixes and improvements, including:
  • Rich Notifications Improvements
  • An Updated Incognito / Guest NTP design
  • The addition of a Browser crash recovery bubble
  • Chrome App Launcher for Linux
  • Lots of under the hood changes for stability and performance
  • Security Fixes and Rewards:
  • This update includes 26 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting.
  • [380885] Medium CVE-2014-3160: Same-Origin-Policy bypass in SVG. Credit to Christian Schneider.
  • [393765] CVE-2014-3162: Various fixes from internal audits, fuzzing and other initiatives.

New in version 36.0.1985.97 Beta (June 26th, 2014)

  • This release fixes a number of crashes and other bugs.
  • Merge 279268 "Correctly set the request and response time for QU..."
  • Correctly set the request and response time for QUIC responses

New in version 36.0.1985.67 Beta (June 12th, 2014)

  • Fix a long standing leak on cancellation of renderer-initiated URLRequests.
  • Fix crash from missing app.binding in extensions.
  • When deleting a WebContents, keep SessionStorageNamespaces used in the tab alive until we receive an acknowledgment from the renderer that the renderer side constructs have been cleaned up. Otherwise we can receive messages from still executing content referring to sessions that were prematurely deleted.
  • Set visible viewport value in screen emulation.
  • Fixes the crash when the transient parent is NULL.
  • Fixes crash of SetGtkTransientForAura.
  • Removes remaining parents observations at dtor.
  • Revert 241291 (Fix a leak in ResourceDispatcher on cancel).
  • Combine base_java.jar, net_java.jar and url_java.jar into cronet.jar
  • Fix the gfx::Canvas::DrawImageIntInPixel function to ensure that it works correctly in RTL layouts.

New in version 35.0.1916.153 (June 10th, 2014)

  • This update includes 4 security fixes:
  • CVE-2014-3154: Use-after-free in filesystem API.
  • CVE-2014-3155: Out-of-bounds read in SPDY.
  • CVE-2014-3156: Buffer overflow in clipboard.
  • CVE-2014-3157: Heap overflow in media.

New in version 36.0.1985.18 Beta (May 22nd, 2014)

  • New Chrome app launcher for Linux
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in version 35.0.1916.114 (May 20th, 2014)

  • More developer control over touch input
  • New JavaScript features
  • Unprefixed Shadow DOM
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance
  • This update includes 23 security fixes

New in version 36.0.1985.8 Dev (May 16th, 2014)

  • Fixes and improvements:
  • Introduce a new framework for back-and-forth tracked preference migration between Protected Preferences and unprotected Preferences.
  • Fix the compile error for win64: widevine_key_systems.cc.
  • Prefer GL_ARB_sync/ES3 fences
  • Fix an issue that jni generator is ignoring input param

New in version 35.0.1916.114 Beta (May 15th, 2014)

  • Merge 269194 "Add Play Movies app's id to feedback whitelist."
  • Merge 267918 "Store context in scoped_refptr between tasks."
  • Merge 266012 "Fix to update checks."
  • Merge 269840 "Don't inhibit checking for pending updates for domain-enrolled machines."

New in version 34.0.1847.137 (May 13th, 2014)

  • Bug fixes:
  • High CVE-2014-1740: Use-after-free in WebSockets.
  • High CVE-2014-1741: Integer overflow in DOM ranges.
  • High CVE-2014-1742: Use-after-free in editing.

New in version 34.0.1847.131 (April 25th, 2014)

  • Bug and crash fixes.
  • Flash Player update, to version 13.0.0.206.

New in version 35.0.1916.47 Beta (April 17th, 2014)

  • Fixed a number of crashes and other bugs.

New in version 35.0.1916.27 Beta (April 10th, 2014)

  • More developer control over touch input
  • New JavaScript features
  • Unprefixed Shadow DOM
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in version 34.0.1847.116 (April 8th, 2014)

  • Responsive Images and Unprefixed Web Audio
  • Import supervised users onto new computers
  • A number of new apps/extension APIs
  • A different look for Win8 Metro mode
  • Lots of under the hood changes for stability and performance

New in version 34.0.1847.76 Beta (March 20th, 2014)

  • Fixes a number of crashes and other bugs.

New in version 33.0.1750.152 (March 15th, 2014)

  • Security Fixes and Rewards:
  • [352369] Code execution outside sandbox. Credit to VUPEN.
  • [352374] High CVE-2014-1713: Use-after-free in Blink bindings
  • [352395] High CVE-2014-1714: Windows clipboard vulnerability
  • [352420] Code execution outside sandbox. Credit to Anonymous.
  • [351787] High CVE-2014-1705: Memory corruption in V8
  • [352429] High CVE-2014-1715: Directory traversal issue

New in version 33.0.1750.149 (March 11th, 2014)

  • Security fixes:
  • [344881] High CVE-2014-1700: Use-after-free in speech. Credit to Chamal de Silva.
  • [342618] High CVE-2014-1701: UXSS in events. Credit to aidanhs.
  • [333058] High CVE-2014-1702: Use-after-free in web database. Credit to Collin Payne.
  • [338354] High CVE-2014-1703: Potential sandbox escape due to a use-after-free in web sockets.
  • [328202, 349079, 345715] CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version 3.23.17.18.

New in version 33.0.1750.146 (March 4th, 2014)

  • [344492] High CVE-2013-6663: Use-after-free in svg images.
  • [326854] High CVE-2013-6664: Use-after-free in speech recognition. .
  • [337882] High CVE-2013-6665: Heap buffer overflow in software rendering.
  • [332023] Medium CVE-2013-6666: Chrome allows requests in flash header request.
  • [348175] CVE-2013-6667: Various fixes from internal audits, fuzzing and other initiatives.
  • [343964, 344186, 347909] CVE-2013-6668: Multiple vulnerabilities in V8 fixed in version 3.24.35.10.

New in version 34.0.1847.11 Beta (February 27th, 2014)

  • Responsive Images and Unprefixed Web Audio
  • Hands-free Google Voice Search in Chrome
  • Import supervised users onto new computers
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in version 33.0.1750.117 (February 20th, 2014)

  • Security fixes:
  • [334897] High CVE-2013-6652: Issue with relative paths in Windows sandbox named pipe policy. Credit to tyranid.
  • [331790] High CVE-2013-6653: Use-after-free related to web contents. Credit to Khalil Zhani.
  • [333176] High CVE-2013-6654: Bad cast in SVG. Credit to TheShow3511.
  • [293534] High CVE-2013-6655: Use-after-free in layout. Credit to cloudfuzzer.
  • [331725] High CVE-2013-6656: Information leak in XSS auditor. Credit to NeexEmil.
  • [$1000][331060] Medium CVE-2013-6657: Information leak in XSS auditor. Credit to NeexEmil.
  • [322891] Medium CVE-2013-6658: Use-after-free in layout. Credit to cloudfuzzer.
  • [306959] Medium CVE-2013-6659: Issue with certificates validation in TLS handshake. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco, Inria Paris.
  • [332579] Low CVE-2013-6660: Information leak in drag and drop. Credit to bishopjeffreys.
  • [344876] Low-High CVE-2013-6661: Various fixes from internal audits, fuzzing and other initiatives. Of these, seven are fixes for issues that could have allowed for sandbox escapes from compromised renderers.

New in version 33.0.1750.117 (February 20th, 2014)

  • Security fixes:
  • [334897] High CVE-2013-6652: Issue with relative paths in Windows sandbox named pipe policy. Credit to tyranid.
  • [331790] High CVE-2013-6653: Use-after-free related to web contents. Credit to Khalil Zhani.
  • [333176] High CVE-2013-6654: Bad cast in SVG. Credit to TheShow3511.
  • [293534] High CVE-2013-6655: Use-after-free in layout. Credit to cloudfuzzer.
  • [331725] High CVE-2013-6656: Information leak in XSS auditor. Credit to NeexEmil.
  • [$1000][331060] Medium CVE-2013-6657: Information leak in XSS auditor. Credit to NeexEmil.
  • [322891] Medium CVE-2013-6658: Use-after-free in layout. Credit to cloudfuzzer.
  • [306959] Medium CVE-2013-6659: Issue with certificates validation in TLS handshake. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco, Inria Paris.
  • [332579] Low CVE-2013-6660: Information leak in drag and drop. Credit to bishopjeffreys.
  • [344876] Low-High CVE-2013-6661: Various fixes from internal audits, fuzzing and other initiatives. Of these, seven are fixes for issues that could have allowed for sandbox escapes from compromised renderers.

New in version 34.0.1825.4 Dev (February 6th, 2014)

  • Fixes a number of crashes and other bugs.

New in version 32.0.1700.102 (January 27th, 2014)

  • Mouse Pointer disappears after exiting full-screen mode.
  • Drag and drop files into Chrome may not work properly.
  • Quicktime Plugin crashes in Chrome.
  • Chrome becomes unresponsive.
  • Trackpad users may not be able to scroll horizontally.
  • Scrolling does not work in combo box.
  • Chrome does not work with all CSS minifiers such as whitespace around a media query's `and` keyword.
  • This update includes 14 security fixes.

New in version 32.0.1700.77 (January 14th, 2014)

  • Highlights:
  • Tab indicators for sound, webcam and casting
  • A different look for Win8 Metro mode
  • Automatically blocking malware files
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance
  • Flash Player has been updated to version 12.0.0.41
  • Security Fixes:
  • [249502] High CVE-2013-6646: Use-after-free in web workers. Credit to Collin Payne.
  • [326854] High CVE-2013-6641: Use-after-free related to forms. Credit to Atte Kettunen of OUSPG.
  • [324969] High CVE-2013-6642: Address bar spoofing in Chrome for Android. Credit to lpilorz.
  • [321940] High CVE-2013-6643: Unprompted sync with an attacker’s Google account. Credit to Joao Lucas Melo Brasio.
  • [318791] Medium CVE-2013-6645 Use-after-free related to speech input elements. Credit to Khalil Zhani.
  • [333036] CVE-2013-6644: Various fixes from internal audits, fuzzing and other initiatives.

New in version 31.0.1650.63 (December 4th, 2013)

  • Security Fixes:
  • [307159] Medium CVE-2013-6634: Session fixation in sync related to 302 redirects. Credit to Andrey Labunets.
  • [314469] High CVE-2013-6635: Use-after-free in editing. Credit to cloudfuzzer.
  • [322959] Medium CVE-2013-6636: Address bar spoofing related to modal dialogs. Credit to Bas Venis.
  • [325501] CVE-2013-6637: Various fixes from internal audits, fuzzing and other initiatives.
  • [319722] Medium CVE-2013-6638: Buffer overflow in v8. This issue was fixed in v8 version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
  • [319835] High CVE-2013-6639: Out of bounds write in v8. This issue was fixed in v8 version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
  • [319860] Medium CVE-2013-6640: Out of bounds read in v8. This issue was fixed in v8 version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.

New in version 31.0.1650.57 (November 14th, 2013)

  • Fixed multiple memory corruption issues.

New in version 31.0.1650.48 (November 12th, 2013)

  • This update includes 25 security fixes.

New in version 32.0.1700.6 Beta (November 11th, 2013)

  • Tab indicators for sound, webcam and casting
  • A different look for Win8 Metro mode
  • Automatically blocking malware files
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in version 30.0.1599.101 (October 16th, 2013)

  • Security Fixes:
  • Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
  • This update includes 5 security fixes:
  • High CVE-2013-2925: Use after free in XHR.
  • High CVE-2013-2926: Use after free in editing.
  • High CVE-2013-2927: Use after free in forms.
  • CVE-2013-2928: Various fixes from internal audits, fuzzing and other initiatives.

New in version 30.0.1599.69 (October 4th, 2013)

  • Tabs freeze up (Issue: 303293)
  • Lag in some games/GPU issues with certain monitors (Issue: 262437)

New in version 30.0.1599.66 (October 1st, 2013)

  • Easier searching by image
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in version 31.0.1650.4 Dev (September 26th, 2013)

  • Enable GPU control lists in tests
  • Fixes the issue with omnibox suggestions, etc not showing up on non AURA trunk on Windows.
  • Don't account for the insets twice in the code which adjusts for the WM_NCCALCSIZE hack to get windows to show up correctly with Glass.
  • [Webapps] Encourage use of mobile-web-app-capable
  • Closing the AppList (e.g. due to pressing ESC) will abort the drag and drop operation
  • Add "Don't show this again" button to privet printer notifications
  • wifi icon centered when vertically aligned.
  • Increase inset for app icons on side launcher.
  • Fix the issue that onClicked event is not fired when notification title or message is clicked
  • IME string centered on alignment changed.
  • Disable the moveable app list icon.
  • cros: Add a policy for multiprofile user behavior.
  • cros: Assets for the multiprofile first run notification.
  • cros: Add a multiprofile first run notification.

New in version 30.0.1599.59 Beta (September 25th, 2013)

  • Merge 219210 "Predictor::PreconnectUsage: mark preconnect as used when appeared in navigation chain."
  • Merge 224158 "Fixed rendering of the webui list."
  • Merge 223767 "Remove SendFakeProcessKeyEvent."
  • Merge 223961 "ui/compositor: use an IO message loop on posix instead of DEFAULT"
  • Merge 223953 "SystemUse24HourClock should default to consumer device default."
  • Merge 224777 "Send the referrer when opening a URL via the browser for prerender and instant"
  • Merge 225017 "net: disable TLS False Start."
  • Revert changes to prerender_browsertest.cc, they don't build on the branch

New in version 29.0.1547.76 (September 19th, 2013)

  • Highglights:
  • [288935] Flash Player does not work in Metro mode
  • [278370] Unable to submit client certificates over TLS 1.2 from Windows
  • [278940] Canvas loses ability to render, is blank even if page reloaded
  • Other stability improvements

New in version 30.0.1599.47 Beta (September 18th, 2013)

  • Fix stuck state when long press on a button is performed.
  • Don't set the request target type to object when navigating from a Pepper plug-in.
  • Handle browser shutdown better in KioskModeScreensaver.
  • Update Quickoffice (Beta) to 31.89.1353
  • Change logos.
  • InstantExtended: add a finch flag to disable Instant Extended on SRP.
  • Fix stuck state when long press on a button is performed.
  • Increase the timeout for the share dialog to 10 seconds.
  • Implement put_accvalue for textfields and location bar.
  • Include transient and child widgets in win aura accessibility tree.
  • Fix handling of empty lists and dictionaries in PrefMetricsService.
  • Fix memory leak in PrefMetricsService
  • Fix preference hashing for dictionary values.
  • Add UMA to report Preferences File Corruption
  • Copy the callback in DhcpProxyScriptFetcherChromeos
  • Update crosh_builtin
  • [Windows] Form validation message bubble doesn't move correctly.
  • Force SetNeedsPushProperties after an update in TextureLayer, because some properties need to be pushed.
  • Keep track of accessibility ids serialized to avoid duplicates/loops.
  • FileAPIMessageFilter Security: Minimal patch to fix permissions escalation.
  • Avoid use-after-free in GpuVideo{De,En}codeAcceleratorHost on error.
  • Remove extra plugin path when unregistering an internal plugin from the PluginList.
  • Updated Quickoffice component extension manifests.
  • RequestQuotaDispatcher should handle unexpected death of QuotaDispatcherHost gracefully
  • Disable cache color hinting optimization for SelectPopupDialog.
  • Revert "Don't change the value of the search field while its focused."
  • Allow ProfileSyncService to initialize backend when access token is not available.
  • Use the top-level URL for popup blocking.
  • Limit number of blocked popups to avoid DoS attack from a renderer.
  • Exempt extension processes from popup blocking.
  • Fix default path in FileManager.
  • The NSS client auth (as opposed to NSS_PLATFORM_CLIENT_AUTH) also needs to check if the backup handshake hash should be used.
  • Allow ChromeVox to have access to the web store again.
  • Prefer to generate SHA-1 signatures for TLS 1.2 client authentication if the client private key is a 1024-bit RSA or DSA key.
  • Fix NULL dereference in StatusTrayWin.
  • Update notification tray icons for Mac.
  • Delete unneeded pending entries in DidFailProvisionalLoad to prevent a spoof.
  • Fix the 24 hour clock type issue on the signed out screen.
  • gpu: Re-enable virtual contexts on Qualcomm
  • ColorChooserWin::End should act like the dialog has closed
  • Fix Views Textfield keyboard triggered context menus.
  • network_list.js should reflect the correct logged in user type.
  • Switch AwPixelInfo to wrap SkCanvasLayerState
  • Fix Heap-buffer-overflow in AudioBuffer::ReadFrames
  • Change the PepperInProcessRouter to defer resource destruction messages.
  • UserManager shutdown now also stops the profile image downloader.
  • Change active root window before closing old root windows' children.
  • Put a hard limit on initial policy fetch wait time.
  • Free memory when the last WebView instance is destroyed.
  • Stop sending long press events twice
  • Fix problem with input fields not gaining focus
  • Avoid dereferencing a NULL DeviceState in NetworkIconImpl::GetBadges().

New in version 30.0.1599.37 Beta (September 11th, 2013)

  • Merge 221300 "Fixing spreadsheets printing."
  • Merge 218648 "Null ModelSafeWorker's working_loop_ if loop is destructed and synchronize access to workiing_loop_. Otherwise ModelSafeWorker could try to unregister for dead loop."
  • Merge 221247 "cc: Adopt new skia object when it's created to avoid memory leak."
  • Merge 221221 "Fix Views Combobox and TreeView input minimally."
  • Merge 221147 "Whitelist some Google apps for oauth2.auto_approve"
  • Merge 221853 "Send Android accessibility "content changed" event for any change."
  • Merge 220970 "Prevent hanging client by making WebContentsDelegate::RequestMediaAccessPermission reject request by default."
  • Merge 217954 "Update manifest for latest speech synthesis code."
  • Merge 221355 "Show the mixed content shield UI even for HSTS hosts."
  • Merge 218092 ": Fix ptr access crash on browser plugin + interstitial teardown."
  • Merge 221892 "Fix threading issues in aw form database"
  • Merge 220969 "Touch selection: Hide selection handles when overscroll is in progress and show them only after the overscroll animation is complete."

New in version 30.0.1599.37 Beta (September 11th, 2013)

  • Merge 221300 "Fixing spreadsheets printing."
  • Merge 218648 "Null ModelSafeWorker's working_loop_ if loop is destructed and synchronize access to workiing_loop_. Otherwise ModelSafeWorker could try to unregister for dead loop."
  • Merge 221247 "cc: Adopt new skia object when it's created to avoid memory leak."
  • Merge 221221 "Fix Views Combobox and TreeView input minimally."
  • Merge 221147 "Whitelist some Google apps for oauth2.auto_approve"
  • Merge 221853 "Send Android accessibility "content changed" event for any change."
  • Merge 220970 "Prevent hanging client by making WebContentsDelegate::RequestMediaAccessPermission reject request by default."
  • Merge 217954 "Update manifest for latest speech synthesis code."
  • Merge 221355 "Show the mixed content shield UI even for HSTS hosts."
  • Merge 218092 ": Fix ptr access crash on browser plugin + interstitial teardown."
  • Merge 221892 "Fix threading issues in aw form database"
  • Merge 220969 "Touch selection: Hide selection handles when overscroll is in progress and show them only after the overscroll animation is complete."

New in version 31.0.1626.0 Dev (September 11th, 2013)

  • sync: Improve ModelAssociation event tracing
  • Remove self as delegate when cleaning up AppLaunchController.
  • Stop sending long press events twice
  • Net: make IsSafePortableRelativePath look for reserved names on all components.
  • Close Views autofill dialog on interstitial WebUI
  • InstantExtended: add a finch flag to disable Instant Extended on SRP.
  • Modify devices page to match the latest mocks
  • Made sure NativeMessagingHostTest.All can handle out of order responses.
  • cc: Fix precision loss causing AA quads
  • Minor feedback UI fixes. This CL fixes the attached file 'size to big' error to show the maximum size allowed. Also reduced the size of the screenshot (when zoomed) slightly because on some platforms it doesn't fit into the feedback page width, displacing all the elements and moving one line down.
  • CC: Fix missing swap-used-incomplete-tile updates
  • Fix threading issues in aw form database
  • Permissions for device info APIs.
  • Add dsinclair to tracing OWNERS
  • Add driver bug workaround for SH_INIT_GL_POSITION.
  • Fix SourceBufferStream::Remove() for buffers before the current play position.
  • Add cpu_stats for the browser
  • [rAC, OSX] enable rAC by default for Dev/Canary.
  • Revert 221874 "Implement Desktop Media Picker (Mac version) for the Desktop Capture API"
  • Revert 221893 "Permissions for device info APIs."
  • Add InputEvent and EventPacket types for batched input delivery
  • Support creating secure decoder in MediaCodecBridge.
  • Added a comment to PlatformAppBrowserTest.WindowDotPrintWorks.
  • Replace options arg with extra_wpr_args in AddReplayServerOptions
  • Update client-side sync.proto file so that it is in sync with the
  • server-side version
  • Add option to specify number of jobs in sharding supervisor.
  • [rAc] Move email address into billing address section.
  • Added UMA actions for devices page, including for when it is opened, when "add printers" is clicked, when "register" is clicked, when a registration is canceled, when a registration fails, and when a registration succeeds.
  • Added cache flush on network change to ServiceDiscoveryHostClient
  • Remove SigninManager::StartSignIn() since /ClientLogin is no longer used.
  • Add GetPluginRefererURL to PPB_URLUtil_Dev interface to get the 'Referer' HTTP header value that was sent by request that loaded plug-in.
  • Updated cloud devices page to have more general UI
  • Unit tests for sql::MetaTable.
  • Disable "Choose file" button if "Favorites" checkbox is unchecked.
  • Remove base::WorkerPool use from FileStream tests.
  • Add UMA to see how many times HasIsolatedOrigin origin has more than one origin
  • Whitespace commit to trigger the bots.
  • [OSX] Turn on canvas_skia for OSX
  • Add Photos to a background permission whitelist.
  • Refactor KeySystems code to call a function to populate the info.
  • Revert 221930 "[OSX] Turn on canvas_skia for OSX"
  • Switch all windows bots to use Aura.
  • Revert 221932 "Refactor KeySystems code to call a function to populate the info."
  • whitespace change to trigger build
  • Bookmark Undo service for multiple level undo/redo of bookmarks.
  • Add UMA to report Preferences File Corruption
  • Consolidate duplicated frame / capability structures in video capture types

New in version 30.0.1599.28 Beta (September 4th, 2013)

  • Revert 220851 "Merge 219225 "Run |demuxer_| related tasks in the media thread in GTV."
  • Merge 220541 "Defer enabling native accessibility until it's used."
  • Merge 220691 "Make toasts notice when they're hidden and send the mouse-out event."
  • Merge 220570 "Always set need_audio_processing_ to true in WebRtcLocalAudioTrack."
  • Merge 219937 "[sync] Don't modify text of advanced sync button unless contents have changed"
  • Merge 220264 "Fix location of tracks detected by itunes - they should be absolute."
  • Merge 219643 "Added gpu driver workaround for disabling ANGLE_instanced_arrays"
  • Merge 220681 "iTunes artist, album, and track names need to be escaped for slash and colon."
  • Merge 217411 "Media Galleries API Itunes: Support for Itunes Auto-add directory"
  • Merge 220251 "Android: Don't update StreamTexture from CopyTextureCHROMIUM"
  • Merge 219601 "When dropping a file, explicitly select it."
  • Merge 219096 "Changed title of interstitial bubble."
  • Merge 219993 "GTK, Views: Properly identify browser and page actions for the install bubble."
  • Updating XTBs based on .GRDs from branch 1599
  • Merge 218356 "Add a new version of decidePolicyForNavigation() to RenderFrameImpl."
  • Merge 220291 "WebContentObserver::RenderViewCreated should be called for empty document."
  • Merge 218474 "Consider possibility of split windows on win8 when positioning the App Launcher."
  • Merge 220441 "Fix check for removed plug-in while loading a blocked plug-in."
  • Merge 218999 ": Expose all URLs to WebRequest API"
  • Merge 220536 "Fix scroll_delta computation on windows for vertical scroll by page"

New in version 29.0.1547.65 (September 2nd, 2013)

  • This version contains a Flash update, as well as fixes an issue with Sync.

New in version 31.0.1612.0 Dev (August 28th, 2013)

  • Fixes a number of crashes and other bugs.

New in version 30.0.1599.14 Beta (August 23rd, 2013)

  • Easier searching by image
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in version 29.0.1547.57 (August 20th, 2013)

  • Improved Omnibox suggestions based on the recency sites you have visited
  • Ability to reset your profile back to its original state
  • Many new apps and extensions APIs
  • Lots of stability and performance improvements
  • Includes 25 security fixes.
  • High CVE-2013-2900: Incomplete path sanitization in file handling. Credit to Krystian Bigaj.
  • Low CVE-2013-2905: Information leak via overly broad permissions on shared memory files. Credit to Christian Jaeger.
  • High CVE-2013-2901: Integer overflow in ANGLE. Credit to Alex Chapman.
  • High CVE-2013-2902: Use after free in XSLT. Credit to cloudfuzzer.
  • High CVE-2013-2903: Use after free in media element. Credit to cloudfuzzer.
  • High CVE-2013-2904: Use after free in document parsing. Credit to cloudfuzzer.
  • Various fixes from internal audits, fuzzing and other initiatives (Chrome 29).

New in version 29.0.1547.57 Beta (August 17th, 2013)

  • Fixes a number of crashes and other bugs.

New in version 28.0.1500.95 (July 30th, 2013)

  • [257748] Medium CVE-2013-2881: Origin bypass in frame handling. Credit to Karthik Bhargavan.
  • [260106] High CVE-2013-2882: Type confusion in V8. Credit to Cloudfuzzer.
  • [260165] High CVE-2013-2883: Use-after-free in MutationObserver. Credit to Cloudfuzzer.
  • [248950] High CVE-2013-2884: Use-after-free in DOM. Credit to Ivan Fratric of Google Security Team.
  • [249640] [257353] High CVE-2013-2885: Use-after-free in input handling. Credit to Ivan Fratric of Google Security Team.
  • [261701] High CVE-2013-2886: Various fixes from internal audits, fuzzing and other initiatives.

New in version 29.0.1547.22 Beta (July 16th, 2013)

  • Improved Omnibox suggestions
  • A number of new apps/extension APIs
  • Lots of under the hood changes for stability and performance

New in version 28.0.1500.71 (July 10th, 2013)

  • Security fixes and rewards:
  • A special reward for Andrey Labunets for his combination of CVE-2013-2879 and CVE-2013-2868 along with some (since fixed) server-side bugs.
  • [252216] Low CVE-2013-2867: Block pop-unders in various scenarios.
  • [252062] High CVE-2013-2879: Confusion setting up sign-in and sync. Credit to Andrey Labunets.
  • [252034] Medium CVE-2013-2868: Incorrect sync of NPAPI extension component. Credit to Andrey Labunets.
  • [245153] Medium CVE-2013-2869: Out-of-bounds read in JPEG2000 handling. Credit to Felix Groebert of Google Security Team.
  • [244746] [242762] Critical CVE-2013-2870: Use-after-free with network sockets. Credit to Collin Payne.
  • [244260] Medium CVE-2013-2853: Man-in-the-middle attack against HTTP in SSL. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco at INRIA Paris.
  • [243991] [243818] High CVE-2013-2871: Use-after-free in input handling. Credit to miaubiz.
  • [Mac only] [242702] Low CVE-2013-2872: Possible lack of entropy in renderers. Credit to Eric Rescorla.
  • [241139] High CVE-2013-2873: Use-after-free in resource loading. Credit to miaubiz.
  • [233848] Medium CVE-2013-2875: Out-of-bounds-read in SVG. Credit to miaubiz.
  • [229504] Medium CVE-2013-2876: Extensions permissions confusion with interstitials. Credit to Dev Akhawe.
  • [229019] Low CVE-2013-2877: Out-of-bounds read in XML parsing. Credit to Aki Helin of OUSPG.
  • [196636] None: Remove the “viewsource” attribute on iframes. Credit to Collin Jackson.
  • [177197] Medium CVE-2013-2878: Out-of-bounds read in text handling. Credit to Atte Kettunen of OUSPG.
  • [256985] High CVE-2013-2880: Various fixes from internal audits, fuzzing and other initiatives (Chrome 28).

New in version 27.0.1453.116 (June 19th, 2013)

  • This update includes security fixes. We’d like to highlight the following fixes for various reasons (crediting external researchers, issuing rewards, or highlighting particularly interesting issues):
  • [249335] Medium CVE-2013-2866: Clickjacking in the Flash plug-in.
  • This build also has fixes to the following issues:
  • Multiple flash movies on one page not playing [Issue: 243290]
  • Arc rendering bug in canvas [Issue: 243996]
  • Select box with Multiple option fires Onchange event on scroll [Issue: 244406]

New in version 29.0.1530.2 Dev (June 7th, 2013)

  • Fixed Issue:
  • Cached CSS file is used regardless of media type

New in version 27.0.1453.110 (June 4th, 2013)

  • Medium CVE-2013-2855: Memory corruption in dev tools API. Credit to “daniel.zulla”.
  • High CVE-2013-2856: Use-after-free in input handling. Credit to miaubiz.
  • High CVE-2013-2857: Use-after-free in image handling. Credit to miaubiz.
  • High CVE-2013-2858: Use-after-free in HTML5 Audio. Credit to “cdel921”.
  • High CVE-2013-2859: Cross-origin namespace pollution. Credit to “bobbyholley”.
  • High CVE-2013-2860: Use-after-free with workers accessing database APIs. Credit to Collin Payne.
  • High CVE-2013-2861: Use-after-free with SVG. Credit to miaubiz.
  • High CVE-2013-2862: Memory corruption in Skia GPU handling. Credit to Atte Kettunen of OUSPG.
  • Critical CVE-2013-2863: Memory corruption in SSL socket handling. Credit to Sebastien Marchand of the Chromium development community.
  • High CVE-2013-2864: Bad free in PDF viewer. Credit to Mateusz Jurczyk, with contributions by Gynvael Coldwind, both from Google Security Team.

New in version 29.0.1516.3 Dev (May 25th, 2013)

  • A large number of bug fixes and other new items.

New in version 28.0.1500.20 Beta (May 24th, 2013)

  • Enables Chrome apps and extensions to show richer notifications with a revamped user interface.

New in version 27.0.1453.93 (May 21st, 2013)

  • Web pages load 5% faster on average
  • chrome.syncFileSystem API
  • Improved ranking of predictions, improved spell correction, and numerous fundamental improvements for Omnibox predictions. Please see the Help Center for more information on our updated policies.
  • This update includes the following security fixes:
  • [$1000] [235638] High CVE-2013-2837: Use-after-free in SVG. Credit to Sławomir Błażek.
  • [$500] [235311] Medium CVE-2013-2838: Out-of-bounds read in v8. Credit to Christian Holler.
  • [$1500] [230176] High CVE-2013-2839: Bad cast in clipboard handling. Credit to Jon of MWR InfoSecurity.
  • [$1000] [230117] High CVE-2013-2840: Use-after-free in media loader. Credit to Nils of MWR InfoSecurity.
  • [$1000] [227350] High CVE-2013-2841: Use-after-free in Pepper resource handling. Credit to Chamal de Silva.
  • [$2000] [226696] High CVE-2013-2842: Use-after-free in widget handling. Credit to Cyril Cattiaux.
  • [$1000] [222000] High CVE-2013-2843: Use-after-free in speech handling. Credit to Khalil Zhani.
  • [$1000] [196393] High CVE-2013-2844: Use-after-free in style resolution. Credit to Sachin Shinde (@cons0ul).
  • [$3133.7] [188092] [179522] [222136] [188092] High CVE-2013-2845: Memory safety issues in Web Audio. Credit to Atte Kettunen of OUSPG.
  • [$1000] [177620] High CVE-2013-2846: Use-after-free in media loader. Credit to Chamal de Silva.
  • [$1000] [176692] High CVE-2013-2847: Use-after-free race condition with workers. Credit to Collin Payne.
  • [$500] [176137] Medium CVE-2013-2848: Possible data extraction with XSS Auditor. Credit to Egor Homakov.
  • [171392] Low CVE-2013-2849: Possible XSS with drag+drop or copy+paste. Credit to Mario Heiderich.
  • In addition, our ongoing internal security work was as usual responsible for a wide range of fixes:
  • [241595] High CVE-2013-2836: Various fixes from internal audits, fuzzing and other initiatives.
  • This build also contains a new Adobe Flash build.

New in version 28.0.1500.20 Dev (May 21st, 2013)

  • This build addresses some known regressions and stability issues.

New in version 28.0.1500.5 Dev (May 10th, 2013)

  • This build addresses some known regressions and stability issues.

New in version 28.0.1496.0 Dev (May 3rd, 2013)

  • This build addresses some known regressions and stability issues.

New in version 28.0.1490.2 Dev (May 1st, 2013)

  • This build addresses some known regressions and stability issues.

New in version 28.0.1485.0 Dev (April 23rd, 2013)

  • This build addresses some known regressions and stability issues.

New in version 28.0.1478.0 Dev (April 16th, 2013)

  • This build addresses some known regressions and stability issues.

New in version 26.0.1410.65 (April 11th, 2013)

  • This release fixes WebGL bug which got regressed in last stable build.

New in version 26.0.1410.63 (April 10th, 2013)

  • This release contains stability improvements, and a new version of Adobe Flash.

New in version 28.0.1469.0 Dev (April 9th, 2013)

  • This build addresses some known regressions and stability issues.

New in version 28.0.1464.0 Dev (April 6th, 2013)

  • This build addresses some known regressions and stability issues.

New in version 27.0.1453.15 Beta (April 5th, 2013)

  • Contains a number of new improvements, including:
  • Faster page loads
  • Elegant HTML5 date and time forms
  • Live audio input to Web Audio API
  • Sync FileSystem API for Chrome Apps
  • DevTools updates
  • And lots of other features for developers

New in version 27.0.1453.12 Dev (April 3rd, 2013)

  • This build addresses some known regressions and stability issues.

New in version 27.0.1453.6 Dev (March 29th, 2013)

  • This build addresses some known stability issues

New in version 26.0.1410.43 (March 27th, 2013)

  • "Ask Google for suggestions" spell checking feature improvements (e.g. grammar and homonym checking)
  • Asynchronous DNS resolver on Mac and Linux
  • Security fixes and rewards:
  • [172342] High CVE-2013-0916: Use-after-free in Web Audio.
  • [180909] Low CVE-2013-0917: Out-of-bounds read in URL loader.
  • [180555] Low CVE-2013-0918: Do not navigate dev tools upon drag and drop.
  • [177410] Medium CVE-2013-0920: Use-after-free in extension bookmarks API.
  • [174943] High CVE-2013-0921: Ensure isolated web sites run in their own processes.
  • [174129] Low CVE-2013-0922: Avoid HTTP basic auth brute force attempts. Credit to “t3553r”.
  • [169981] [169972] [169765] Medium CVE-2013-0923: Memory safety issues in the USB Apps API.
  • [169632] Low CVE-2013-0924: Check an extension’s permissions API usage again file permissions.
  • [168442] Low CVE-2013-0925: Avoid leaking URLs to extensions without the tabs permissions.
  • [112325] Medium CVE-2013-0926: Avoid pasting active tags in certain situations.

New in version 26.0.1410.40 Beta (March 21st, 2013)

  • Fixed stability crashes. [Issues: 166397, 172319, 189889, 180445]
  • Fixed sign-in issue in Incognito session. [Issue: 180183]
  • Fixed shortcut issue in enterprise. [Issue: 174465]
  • Fixed floppy drive issue. [Issue: 173953]
  • Fixed bug where extension popups would not properly receive input focus when first shown. [Issue: 122352]
  • Fixed views omnibox unfocused double-click behavior. [Issue: 165873]
  • Show strings in content settings bubble when access to cookies is allowed. [Issue: 181172]
  • Fixed recently closed multiple tabs regression. [Issue: 179697]

New in version 26.0.1410.33 Beta (March 14th, 2013)

  • Updated Flash to 11.6.602.180
  • Fixed Ctrl + X issue in bookmark manager. [Issue: 174613]
  • Fixed 'Your profile cannot be opened' issue on first run. [Issue: 180459]
  • Fixed stability crashes. [Issues: 142931, 178176]
  • Fixed background color for extension badges. [Issue: 177734]
  • Fixed text render issue in Adobe flash. [Issue: 164800]
  • Fixed scroll bar issue in bookmark window. [Issue: 174645]

New in version 25.0.1364.172 (March 13th, 2013)

  • This release contains stability improvements, and a new version of Adobe Flash.

New in version 25.0.1364.160 (March 8th, 2013)

  • High CVE-2013-0912: Type confusion in WebKit.

New in version 26.0.1410.28 Beta (March 7th, 2013)

  • Updated Flash to new beta version of Flash 11.6.602.177, includes ActionScript Workers feature.
  • Fixed the way apps appear in new tab page. [Issue: 175377]
  • Fixed a crash while clicking "Install to play offline" button. [Issue: 178036]
  • Fixed prerender of a page when a original prerender was cancelled. [Issue: 178755]
  • Fixed an issue where some avatar icons are shown mirrored in tab strip. [Issue: 178397]
  • Fixed ~60% regression in Cookie.TimeLoadDBQueueWait on Mac and Windows. [Issue: 175415]
  • [Chrome Frame] Fixed a crash when trying to process a target="_blank" link. [Issue: 178415]
  • Fixed stability crashes [Issues: 167510, 165952, 177659, 177843]

New in version 25.0.1364.155 (March 6th, 2013)

  • This release fixes a crash when typing in the Omnibox.

New in version 25.0.1364.152 (March 2nd, 2013)

  • This release fixes a number of issues, including a crash when typing in the Omnibox.

New in version 27.0.1425.0 Dev (March 1st, 2013)

  • Facebook doesn't always render correctly. [Issue: 177520]
  • Cancel string is missing on the button from the uninstall dialog. [Issue: 178464]
  • Mac: After resizing the window, a frameless window can become draggable in the titlebar area [Issue: 159361]

New in version 26.0.1410.19 Beta (March 1st, 2013)

  • Fixed drop down options in the bookmark manager. [Issue: 174562]
  • Don't unpin the normal Chrome shortcut when deleting profile shortcuts. [Issue: 176642]
  • Fixed cloud print dialog issue which stays open after Print or Cancel pressed. [Issue: 176455]
  • Fixed cloud print dialog hang when user prints to virtual driver. [Issue: 170301]
  • Fixed stability crash. [Issue: 176184]
  • Fixed bookmark manager button which does not respond to selection. [Issue: 177392]
  • Fixed the size of scroll bars when using the Windows Classic theme. [Issue: 175335]
  • [Mac] Fixed the issue with omnibox which closes Chrome while typing. [Issue: 175341]

New in version 27.0.1423.0 Dev (February 27th, 2013)

  • This build fixes several known regressions and stability issues.

New in version 26.0.1410.12 Beta (February 27th, 2013)

  • "Ask Google for suggestions" spell checking feature improvements (e.g. grammar and homonym checking)
  • Developer preview of app launcher on Windows
  • Forced compositing mode and threaded compositing on Mac
  • Desktop shortcuts for multiple users (profiles) on Windows
  • Updated UI styling of menus on Windows
  • Asynchronous DNS resolver on Mac and Linux

New in version 26.0.1410.12 Dev (February 22nd, 2013)

  • Hosted apps in Chrome will always be opened from app launcher. [Issue: 176267]
  • Added modal confirmation dialog to the enterprise profile sign-in flow. [Issue: 171236]
  • Fixed a crash with autofill. [Issue: 175454, 176576]
  • Fixed issues with sign-in. [Issue: 175672, 175819, 175541, 176190]
  • Fixed spurious profile shortcuts created with a system-level install. [Issue: 177047]
  • Fixed the background tab flashing with certain themes. [Issue: 175426]
  • [Mac] Fixed background apps dock menu. [Issue: 175113]
  • [Mac] Fixed the hang when clicking on extensions' permission link. [Issue: 175071]

New in version 25.0.1364.99 (February 22nd, 2013)

  • Improvements in managing and securing your extensions
  • Better support for HTML5 time/date inputs
  • JavaScript Web Speech API support
  • Better WebGL error handling
  • And lots of other features for developers
  • Security fixes and rewards:
  • [$1000] [172243] High CVE-2013-0879: Memory corruption with web audio node. Credit to Atte Kettunen of OUSPG.
  • [$1000] [171951] High CVE-2013-0880: Use-after-free in database handling. Credit to Chamal de Silva.
  • [$500] [167069] Medium CVE-2013-0881: Bad read in Matroska handling. Credit to Atte Kettunen of OUSPG.
  • [$500] [165432] High CVE-2013-0882: Bad memory access with excessive SVG parameters. Credit to Renata Hodovan.
  • [$500] [142169] Medium CVE-2013-0883: Bad read in Skia. Credit to Atte Kettunen of OUSPG.
  • [172984] Low CVE-2013-0884: Inappropriate load of NaCl. Credit to Google Chrome Security Team (Chris Evans).
  • [172369] Medium CVE-2013-0885: Too many API permissions granted to web store.
  • [Mac only] [171569] Medium CVE-2013-0886: Incorrect NaCl signal handling. Credit to Mark Seaborn of the Chromium development community.
  • [171065] [170836] Low CVE-2013-0887: Developer tools process has too many permissions and places too much trust in the connected server.
  • [170666] Medium CVE-2013-0888: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno).
  • [170569] Low CVE-2013-0889: Tighten user gesture check for dangerous file downloads.
  • [169973] [169966] High CVE-2013-0890: Memory safety issues across the IPC layer. Credit to Google Chrome Security Team (Chris Evans).
  • [169685] High CVE-2013-0891: Integer overflow in blob handling. Credit to Google Chrome Security Team (Jüri Aedla).
  • [169295] [168710] [166493] [165836] [165747] [164958] [164946] Medium CVE-2013-0892: Lower severity issues across the IPC layer. Credit to Google Chrome Security Team (Chris Evans).
  • [168570] Medium CVE-2013-0893: Race condition in media handling. Credit to Andrew Scherkus of the Chromium development community.
  • [168473] High CVE-2013-0894: Buffer overflow in vorbis decoding. Credit to Google Chrome Security Team (Inferno).
  • [Linux / Mac] [167840] High CVE-2013-0895: Incorrect path handling in file copying. Credit to Google Chrome Security Team (Jüri Aedla).
  • [166708] High CVE-2013-0896: Memory management issues in plug-in message handling. Credit to Google Chrome Security Team (Cris Neckar).
  • [165537] Low CVE-2013-0897: Off-by-one read in PDF. Credit to Mateusz Jurczyk, with contributions by Gynvael Coldwind, both from Google Security Team.
  • [164643] High CVE-2013-0898: Use-after-free in URL handling. Credit to Alexander Potapenko of the Chromium development community.
  • [160480] Low CVE-2013-0899: Integer overflow in Opus handling. Credit to Google Chrome Security Team (Jüri Aedla).
  • [152442] Medium CVE-2013-0900: Race condition in ICU. Credit to Google Chrome Security Team (Inferno).

New in version 26.0.1410.10 Dev (February 20th, 2013)

  • Fixed cookie jar transfer regression. [Issue: 176513]
  • Fixed enable bad language translation detection reports for secure pages. [Issue: 176457]
  • [Linux] Fixed a crash while printing a pdf. [Issue: 175514]
  • Fixed crash while closing tab during tab capture. [Issue: 175275]
  • [Linux] Fixed the panel issue which does not accept keyboard input when it is minimized and expanded. [Issue: 175858]
  • Fixed issue in allowing extension permissions to be viewed from extension settings page. [Issue: 170742]
  • Fixed display of CSS3 transformed area which doesn't line up with hit-testing area. [Issue: 157961]
  • Fixed scroll bar and combo box UI issue. [Issue: 175335]
  • Fixed alternate NTP which overlap dev tools with bookmark bar. [Issue: 173205]

New in version 26.0.1410.5 Dev (February 15th, 2013)

  • This build contains an instability fix in the WebCore (Issue: 175307) and the network: (Issue: 174720) components.

New in version 26.0.1410.3 Dev (February 13th, 2013)

  • Display an info banner on the clear browsing data dialog if the browsing data was cleared within the last 24h (Issue: 164600)
  • Added possibility to history to group domains by week or month (Issue:170690)
  • Added wallpaper picker icon (Issue:168913)
  • Made wallpaper images immutable (Issue:173724)

New in version 24.0.1312.70 (February 13th, 2013)

  • This release contains an update to Flash (11.6.602.167)

New in version 26.0.1403.0 Beta (February 5th, 2013)

  • Introduced a different variable icon for VPN (Issue: 172317)
  • Enabled showing Google now notifications in Chrome (Issue: 164227)
  • Implemented drag URL onto Home Button to set homepage (Issue: 152210)
  • Enabled speech bubble for platform apps (Issue: 164382)
  • Added UI to printing selection with print preview (Issue: 83098)
  • Added backup URL support for safe browsing data requests (Issue: 155753)
  • Added support for Chrome's identity API (Issue: 134213)
  • Enabled showing a modal dialog (instead of a bubble) for one-click sign in confirmation window (Issue: 171330)
  • Added search token to omnibox in Mac (Issue: 163190)
  • Changed the gray omnibox suggest color to black (Issue: 172142)
  • Fixed a crash in the DXVA decoder in Chrome (Issue: 171673)
  • Fixed the hierarchy arrow for nested bookmark folders for Mac (Issue: 111101)
  • Fixed showing of the profile picture in the uber tray when user clicks (Issue: 140961)
  • Fixed bug causing tab favicon media indicator to not turn off (Issue: 171077)
  • Fixed unintended first item selection when focusing using mouse (Issue: 172283)
  • Hided action box while typing in an omnibox (Issue: 157232)
  • Hided new Autofill UI when the user moves the window (Issue: 171673)
  • Reverted the appearance of simple notifications (Issue: 172358)
  • Disabled the "Open All in Incognito window" in Context menu for invalid urls (Issue: 106609)

New in version 24.0.1312.68 (February 5th, 2013)

  • This build contains the fix for Pepper Flash.

New in version 26.0.1397.2 Dev (January 31st, 2013)

  • Media Gallery: Removed extension gallery watch count details (Issue: 144491)
  • Media Gallery: Added support for mtp device media file system on Windows (Issue: 151679)
  • Alternate ntp: implemented right-aligned search token (Issue: 163190)
  • Alternate ntp: unpinned bookmark bar in ntp (Issue: 170417)
  • Filemanager uses a smart link to the Files App help page (Issue: 139445, 170291)
  • FIx for Gracefully handling the situation of duplicate public accounts (Issue: 170538)
  • Added incoming intent page transition modifier for Android (Issue: 143118)
  • Added a mechanism to set the default handler for a URL protocol on Windows 8 (Issue: 154081)
  • Made easier to move corners of box when cropping large image in Files.app's photo editor.(Issue: 155705)
  • Fixed showing auto-enrollment-cancellation confirmation dialog (Issue: 170230)
  • Ensured that ChromeVox highlight moves out of a11y popup when it is closed (Issue: 165223)
  • Added 'dark' versions for the LTE/HSPA/GPRS icons so that we show them correctly on the network list (Issue: 169969)
  • Split Date/Time picker values from IME processing (Issue: 143540)
  • Removed the Instant checks for web contents modal dialog (Issue: 157161)
  • Brought back the file dialogs for chrome AURA (Issue: 170483)
  • Fixes for Cellular indicators (Issue: 168935, 169979)
  • Removed the NaCl SRPC proxy from Chrome (Issue: 169152)
  • Updated Task Manager looks closer to the new dialog style (Issue: 166075)
  • Fix to activate the last used profile (Issue: 150856)
  • Fixed crash when popping up speech input bubble in CF (Issue: 156688)
  • Fixed views implementation of table and tree to use the right system colors (Issue: 170368, 170370)
  • Filled unexpected gap in a IME candidate window (Issue: 149185)
  • NaCl SDK: Built a naclports bundle (linux only) ( Issue: 168693)
  • Pop up requestAutocomplete UI when autofill server hints chrome client that it is in a multipage autofill flow (Issue: 159830)
  • Implemented new Task Manager and Edit Bookmark style, etc (Issue: 166075)
  • Implemented support of InputScope for desktop (non-Metro) Chrome (Issue: 150077)

New in version 24.0.1312.57 (January 30th, 2013)

  • Mac: r177690 Fix renderer crashes when using certain IMEs. (Issue 152566)
  • Mac: r178517 Fix microphone input dropout with Pepper Flash. (Issue 168859)
  • Chrome Frame: r178591 Fix renderer exiting in certain cases when opening a new Window from Chrome Frame. (Issue 171877)

New in version 25.0.1364.45 Beta (January 24th, 2013)

  • This build contains improvements in stability and fixes for few other issues.

New in version 24.0.1312.56 (January 23rd, 2013)

  • Fixed performance of mouse wheel scrolling. [Issue: 160122]
  • Fixed visited links regression. [Issue: 160025]
  • Fixed windows installation when installed as admin. [Issue: 166473]
  • Security fixes and rewards:
  • [$1000] [151008] High CVE-2013-0839: Use-after-free in canvas font handling. Credit to Atte Kettunen of OUSPG.
  • [170532] Medium CVE-2013-0840: Missing URL validation when opening new windows.
  • [169770] High CVE-2013-0841: Unchecked array index in content blocking. Credit to Google Chrome Security Team (Chris Evans).
  • [166867] Medium CVE-2013-0842: Problems with NULL characters embedded in paths. Credit to Google Chrome Security Team (Jüri Aedla).
  • [Mac only] [166523] High CVE-2013-0843: Crash with unsupported RTC sampling rate. Credit to Ted Nakamura of the Chromium development community.

New in version 26.0.1386.0 Dev (January 18th, 2013)

  • Fixed marking notifications when opened and closed (Issue: 169388)
  • Fixed web popup menus (Issue: 166832)
  • Fixed renderer form_autofill_util changes to support Checkboxes and Radiobuttons (Issue: 157636)
  • Fixed decoding of URL in bookmark editor (Issue: 165648)
  • Added the preferences and UI to make the launcher opt-inable (Issue: 151676)
  • Added incognito visualization to items in the new app menu (Issue: 169842)
  • Renamed the magnifier names: "Full" -> "Entire screen", "Partial" -> "Lens" (Issue: 166832)
  • Enable webkit preference for Chromium to disallow unsafe plugin pasting (Issue: 112325)
  • Fixed thumbnail view on Drive (Issue 170022)
  • Fixed crash bug in BookmarkEditorView (Issue 167385)

New in version 25.0.1364.36 Beta (January 17th, 2013)

  • [170318] The Chrome Apps Browser Demo does not render correctly.

New in version 26.0.1384.2 Dev (January 16th, 2013)

  • This build contains improvements in stability and fixes for few other issues.

New in version 25.0.1364.29 Beta (January 15th, 2013)

  • Improvements in managing and securing your extensions
  • Continued testing of search and the new tab page
  • Better support for HTML5 time/date inputs
  • Javascript speech API support
  • Better WebGL error handling
  • And lots of other features for developers

New in version 24.0.1312.52 (January 11th, 2013)

  • This is the first Stable release with support for MathML, thanks to WebKit volunteer Dave Barton. This release also contains an update to Flash (11.5.31.137) as well as improvements in speed and stability.
  • Security fixes and rewards:
  • [$1000] [162494] High CVE-2012-5145: Use-after-free in SVG layout. Credit to Atte Kettunen of OUSPG.
  • [$4000] [165622] High CVE-2012-5146: Same origin policy bypass with malformed URL. Credit to Erling A Ellingsen and Subodh Iyengar, both of Facebook.
  • [$1000] [165864] High CVE-2012-5147: Use-after-free in DOM handling. Credit to José A. Vázquez.
  • [167122] Medium CVE-2012-5148: Missing filename sanitization in hyphenation support. Credit to Google Chrome Security Team (Justin Schuh).
  • [166795] High CVE-2012-5149: Integer overflow in audio IPC handling. Credit to Google Chrome Security Team (Chris Evans).
  • [165601] High CVE-2012-5150: Use-after-free when seeking video. Credit to Google Chrome Security Team (Inferno).
  • [165538] High CVE-2012-5151: Integer overflow in PDF JavaScript. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team.
  • [165430] Medium CVE-2012-5152: Out-of-bounds read when seeking video. Credit to Google Chrome Security Team (Inferno).
  • [164565] High CVE-2012-5153: Out-of-bounds stack access in v8. Credit to Andreas Rossberg of the Chromium development community.
  • [Windows only] [164490] Low CVE-2012-5154: Integer overflow in shared memory allocation. Credit to Google Chrome Security Team (Chris Evans).
  • [Mac only] [163208] Medium CVE-2012-5155: Missing Mac sandbox for worker processes. Credit to Google Chrome Security Team (Julien Tinnes).
  • [162778] High CVE-2012-5156: Use-after-free in PDF fields. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team.
  • [162776] [162156] Medium CVE-2012-5157: Out-of-bounds reads in PDF image handling. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team.
  • [162153] High CVE-2013-0828: Bad cast in PDF root handling. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team.
  • [162114] High CVE-2013-0829: Corruption of database metadata leading to incorrect file access. Credit to Google Chrome Security Team (Jüri Aedla).
  • [Windows only] [162066] Low CVE-2013-0830: Missing NUL termination in IPC. Credit to Google Chrome Security Team (Justin Schuh).
  • [161836] Low CVE-2013-0831: Possible path traversal from extension process. Credit to Google Chrome Security Team (Tom Sepez).
  • [160380] Medium CVE-2013-0832: Use-after-free with printing. Credit to Google Chrome Security Team (Cris Neckar).
  • [154485] Medium CVE-2013-0833: Out-of-bounds read with printing. Credit to Google Chrome Security Team (Cris Neckar).
  • [154283] Medium CVE-2013-0834: Out-of-bounds read with glyph handling. Credit to Google Chrome Security Team (Cris Neckar).
  • [152921] Low CVE-2013-0835: Browser crash with geolocation. Credit to Arthur Gerkis.
  • [150545] High CVE-2013-0836: Crash in v8 garbage collection. Credit to Google Chrome Security Team (Cris Neckar).
  • [145363] Medium CVE-2013-0837: Crash in extension tab handling. Credit to Tom Nielsen.
  • [Linux only] [143859] Low CVE-2013-0838: Tighten permissions on shared memory segments. Credit to Google Chrome Security Team (Chris Palmer).

New in version 25.0.1364.29 Dev (January 11th, 2013)

  • Additional stability fixes.

New in version 24.0.1312.52 Beta (January 9th, 2013)

  • This build contains security fixes and an update to flash.

New in version 25.0.1364.26 Dev (January 8th, 2013)

  • This update contains additional stability fixes.

New in version 24.0.1312.49 Beta (January 8th, 2013)

  • This build contains stability fixes.

New in version 25.0.1364.5 Dev (December 21st, 2012)

  • This update contains stability and memory fixes.

New in version 24.0.1312.45 Beta (December 20th, 2012)

  • This build contains stability fixes.

New in version 25.0.1364.2 Dev (December 19th, 2012)

  • This update contains additional stability fixes.

New in version 23.0.1271.101 (December 18th, 2012)

  • This build contains the fix to a bug with sound distortion with microphone input: 157613.

New in version 25.0.1359.3 Dev (December 14th, 2012)

  • This update contains a number of stability fixes.

New in version 24.0.1312.40 Beta (December 13th, 2012)

  • This build contains stability fixes.

New in version 23.0.1271.97 (December 12th, 2012)

  • his build contains the following fixes:
  • Some texts in a Website Settings popup are trimmed (Issue: 159156)
  • Linux: selection renders white text on white bg in apps (Issue: 158422)
  • some plugins stopped working (Issue: 159896)
  • Windows8: Unable to launch system level chrome after self destructing user-level chrome (Issue: 158632)
  • Security fixes:
  • [$1500] [158204] High CVE-2012-5139: Use-after-free with visibility events. Credit to Chamal de Silva.
  • [$1000] [159429] High CVE-2012-5140: Use-after-free in URL loader. Credit to Chamal de Silva.
  • [160456] Medium CVE-2012-5141: Limit Chromoting client plug-in instantiation. Credit to Google Chrome Security Team (Jüri Aedla).
  • [160803] Critical CVE-2012-5142: Crash in history navigation. Credit to Michal Zalewski of Google Security Team.
  • [160926] Medium CVE-2012-5143: Integer overflow in PPAPI image buffers. Credit to Google Chrome Security Team (Cris Neckar).
  • [$2000] [161639] High CVE-2012-5144: Stack corruption in AAC decoding. Credit to pawlkt.

New in version 25.0.1354.0 Dev (December 11th, 2012)

  • Includes a test of new variations of the New Tab Page for a small set of users.

New in version 24.0.1312.36 Beta (December 7th, 2012)

  • This build contains fixes for stability.

New in version 24.0.1312.32 Beta (December 5th, 2012)

  • Fixed crashes like 161858, 158747, 156878
  • Fixed graphical corruption in Dust. [Issue: 155258]
  • Fixed print preview in Windows 8 mode. [Issue: 159902]
  • Fixed scrolling issue. [Issue: 163553]

New in version 24.0.1312.27 Beta (November 30th, 2012)

  • Fixed random Chinese/Japanese characters that are missing in documents printed via the system print dialog on Windows XP SP3. [Issue: 128506]
  • Fixed memory leak in GPU accelerated canvas. [Issue: 160411]
  • Fixed console.log which doesn’t output jQuery objects properly. [Issue: 162570]
  • Fixed stability issues like 161854, 154483, 154462, 153376.

New in version 23.0.1271.95 (November 30th, 2012)

  • [161564] High CVE-2012-5138: Incorrect file path handling.
  • [162835] High CVE-2012-5137: Use-after-free in media source handling.

New in version 24.0.1312.25 Beta (November 28th, 2012)

  • Fixed garbled header and footer text in print preview. [Issue: 152893]
  • Fixed extension action badges with long text. [Issue: 160069]
  • Disable find if constrained window is shown. [Issue: 156969]
  • Enable fullscreen for apps windows. [Issue: 161246]
  • Fixed broken profile with system-wide installation and UserDataDir & DiskCacheDir policy. [Issue: 161336]
  • Fixed stability crashes like 158747, 159437, 149139, 160914, 160401.

New in version 23.0.1271.91 (November 27th, 2012)

  • No audio from Flash content when speaker configuration is set to Quadraphonic (Issue: 159924)
  • High CVE-2012-5131: Corrupt rendering in the Apple OSX driver for Intel GPUs.
  • High CVE-2012-5133: Use-after-free in SVG filters.
  • Medium CVE-2012-5130: Out-of-bounds read in Skia.
  • Low CVE-2012-5132: Browser crash with chunked encoding.
  • High CVE-2012-5134: Buffer underflow in libxml.
  • Medium CVE-2012-5135: Use-after-free with printing.
  • Medium CVE-2012-5136: Bad cast in input element handling.

New in version 24.0.1312.14 Beta (November 15th, 2012)

  • Fixed pre-rendering if the preference is disabled at start up. (Issue: 159393)
  • Fixed JavaScript rendering issue. (Issue: 159655)

New in version 24.0.1312.5 Beta (November 9th, 2012)

  • This build contains a slew of developer features.

New in version 24.0.1312.5 Dev (November 7th, 2012)

  • Fixed BrowserFrameWin artifact on opaque to glass frame changes. (Issue: 156982)
  • Fixed a crash that could occur if the user closed a tab with an uncommitted search navigation. (Issue: 158201)
  • Fixed focus issue which does not change from Omnibox to Find in Page on mouseclick. (Issue: 158562)
  • Flash Mac: Fixed escape to exit fullscreen. (Issue: 155492)
  • Fixed crash when installing an extension and the browser window goes away. (Issue: 134194)
  • Ensure sidebar links are re-enabled when a confirmation dialog is closed. (Issue: 158912)
  • Fixed old Chrome version cleanup. (Issue: 75951)
  • Fixed memory leak in Chrome Windows. (Issue: 158931)
  • Fixed F4 inside should not open calendar picker. (Issue: 158482)
  • Fixed calendar picker can flicker when opened from the suggestion picker. (Issue 158608)

New in version 23.0.1271.64 (November 7th, 2012)

  • High CVE-2012-5115: Defend against wild writes in buggy graphics drivers.
  • Medium CVE-2012-5127: Integer overflow leading to out-of-bounds read in WebP handling.
  • Medium CVE-2012-5120: Out-of-bounds array access in v8.
  • High CVE-2012-5116: Use-after-free in SVG filter handling.
  • High CVE-2012-5118: Integer bounds check issue in GPU command buffers.
  • High CVE-2012-5121: Use-after-free in video layout.
  • Low CVE-2012-5117: Inappropriate load of SVG subresource in img context.
  • Medium CVE-2012-5119: Race condition in Pepper buffer handling.
  • Medium CVE-2012-5122: Bad cast in input handling.
  • Medium CVE-2012-5123: Out-of-bounds reads in Skia.
  • High CVE-2012-5124: Memory corruption in texture handling.
  • Medium CVE-2012-5125: Use-after-free in extension tab handling.
  • Medium CVE-2012-5126: Use-after-free in plug-in placeholder handling.
  • High CVE-2012-5128: Bad write in v8.

New in version 24.0.1312.2 Dev (November 1st, 2012)

  • Fixed getUserMedia video-only requests which should not fail if no audio input device is present. (Issue: 144421)
  • Fixed infobar prompt for Windows 8. (Issue: 158419)
  • Fixed drag and drop to install extensions. (Issue: 158499)
  • Fixed NaCl games for Windows 8. (Issue: 153368)
  • Fixed few stability issues 134175, 158745, 155653, 158377, 158660, 158703, 158176.

New in version 23.0.1271.60 Beta (October 31st, 2012)

  • Updated V8 - 3.13.7.5
  • Fixed Flash Camera and Microphone doesn't work (Issue: 155524)
  • Fixed Find-in-Page doesn't work properly (Issue: 156919)
  • Fixed several known top crashes

New in version 24.0.1312.1 Dev (October 31st, 2012)

  • Updated WebKit - 537.17
  • Fixed bugs related to bookmark sync and stability issues like 157365, 155871

New in version 23.0.1271.52 Dev (October 25th, 2012)

  • Updated V8 - 3.14.5.0
  • Bookmarks are now searched by their title while typing into the omnibox with matching bookmarks being shown in the autocomplete suggestions pop-down list. Matching is done by prefix. Example: if there is a bookmark with a title of “Doglettes & Catlettes” typing any of the following into the omnibox will likely present the bookmark as a suggestion:: “dog”, “cat”, “cat dog”, “dog cat”, “dogle”, etc. Typing “ogle” or “lettes” will not match.
  • Fixed issues 155871, 154173, 155133.

New in version 23.0.1271.52 Beta (October 25th, 2012)

  • Fixed geolocation (Issue: 152428)
  • Fixed sync to use all datatypes when user chooses default (Issue: 154940)
  • Pepper Flash not setting local timezone (Issue: 154060)

New in version 23.0.1271.40 Beta (October 18th, 2012)

  • All:
  • Updated V8 - 3.13.7.4
  • Fixed web spell check (Issue: 144863)
  • Mac:
  • Fixed several known top crashes (Issue: 153283, 139164, 153411)
  • Fixed several known issues with flash and pepper flash (Issues: 151716)
  • Fixed bad audio with USB headset (Issue: 152780)

New in version 24.0.1297.0 Dev (October 17th, 2012)

  • All:
  • Updated V8 - 3.14.4.1
  • Updated WebKit - 537.16
  • Fixed tab character in text field when pressed Tab in a tag. (Issue: 149859)
  • Fixed omnibox suggestion: restore selection on WM_IME_ENDCOMPOSITION (Issue: 154379)
  • Fixed text that goes out of the box under Related section after an app was installed. (Issue: 154797)
  • Fixed Web Store icon (Issue: 149887)
  • Mac:
  • Fixed a bug where Chrome would use an outdated version of Pepper Flash (Issue: 151716)
  • [r161874] Fixed a bug where Chrome would fail to quit if at least two windows were open and a page had a beforeunload handler (Issue: 118424)
  • Fixed browser hang when webcam used on facebook with OSX flapper. (Issue: 152757)

New in version 23.0.1271.26 Beta (October 11th, 2012)

  • This build fixes a known top crash.

New in version 22.0.1229.94 (October 11th, 2012)

  • SVG use-after-free and IPC arbitrary file write.

New in version 24.0.1290.1 Dev (October 10th, 2012)

  • Fixed issue where clearing browse data never completes with PPAPI flash plugin disabled. [Issue: 144874]
  • Fixed issue in disabling sync for default apps. [Issue: 152582]
  • Fixed crashes 154167, 153902, 152622.

New in version 23.0.1271.22 Beta (October 9th, 2012)

  • This build fixes some of the known stability issues and some bugs related to Windows8, Panels, and GPU.
  • This build also has a new version of Flash with security and other fixes.

New in version 22.0.1229.92 (October 9th, 2012)

  • Crash in Skia text rendering.
  • Critical CVE-2012-5108: Race condition in audio device handling.
  • Medium CVE-2012-5109: OOB read in ICU regex.
  • Medium CVE-2012-5110: Out-of-bounds read in compositor.
  • Low CVE-2012-5111: Plug-in crash monitoring was missing for Pepper plug-ins.
  • These build also has a new version of Flash with security and other fixes.

New in version 23.0.1271.17 Beta (October 5th, 2012)

  • This build fixes some of the known stability issues.

New in version 24.0.1284.2 Dev (October 3rd, 2012)

  • Updated V8 - 3.13.7.1
  • Updated WebKit - 537.13
  • Fixed an issue where clearing browsing data would not complete when Pepper Flash was disabled (Issue: 144874)
  • Fixed an issue where inline disposition isn’t displaying correctly. (Issue: 145622)
  • Fixed a crash when clicking speech input. (Issue: 146689)
  • Fixed file system URLs no longer work in platform apps. (Issue: 150861)
  • Fixed a crash when opening YouTube in full screen mode. (Issue: 149821)
  • Fixed a crash when loading explicit intent service. (Issue: 150834)

New in version 23.0.1271.10 Beta (October 3rd, 2012)

  • better communication and media experiences

New in version 23.0.1271.10 Dev (September 28th, 2012)

  • Flash timezone issue is fixed (Issue: 149006)

New in version 23.0.1271.6 Dev (September 25th, 2012)

  • Updated V8 - 3.13.7.2
  • Several fixes to forced compositing mode (Issues: 150881, 157920)
  • Fixed known crashers (Issue: 146689, and several audio ones.)

New in version 22.0.1229.79 (September 25th, 2012)

  • New and exciting updates including:
  • Mouse Lock API availability for Javascript
  • Additional Windows 8 enhancements
  • Continued polish for users of HiDPI/Retina screens
  • Security fixes:
  • [143439] High CVE-2012-2889: UXSS in frame handling. Credit to Sergey Glazunov.
  • [143437] High CVE-2012-2886: UXSS in v8 bindings. Credit to Sergey Glazunov.
  • [139814] High CVE-2012-2881: DOM tree corruption with plug-ins. Credit to Chamal de Silva.
  • [135432] High CVE-2012-2876: Buffer overflow in SSE2 optimizations. Credit to Atte Kettunen of OUSPG.
  • [140803] High CVE-2012-2883: Out-of-bounds write in Skia. Credit to Atte Kettunen of OUSPG.
  • [143609] High CVE-2012-2887: Use-after-free in onclick handling. Credit to Atte Kettunen of OUSPG.
  • [143656] High CVE-2012-2888: Use-after-free in SVG text references. Credit to miaubiz.
  • [144899] High CVE-2012-2894: Crash in graphics context handling. Credit to Sławomir Błażek.
  • [Mac only] [145544] High CVE-2012-2896: Integer overflow in WebGL. Credit to miaubiz.
  • [137707] Medium CVE-2012-2877: Browser crash with extensions and modal dialogs. Credit to Nir Moshe.
  • [139168] Low CVE-2012-2879: DOM topology corruption. Credit to pawlkt.
  • [141651] Medium CVE-2012-2884: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.
  • [132398] High CVE-2012-2874: Out-of-bounds write in Skia. Credit to Google Chrome Security Team (Inferno).
  • [134955] [135488] [137106] [137288] [137302] [137547] [137556] [137606] [137635] [137880] [137928] [144579] [145079] [145121] [145163] [146462] Medium CVE-2012-2875: Various lower severity issues in the PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.
  • [137852] High CVE-2012-2878: Use-after-free in plug-in handling. Credit to Fermin Serna of Google Security Team.
  • [139462] Medium CVE-2012-2880: Race condition in plug-in paint buffer. Credit to Google Chrome Security Team (Cris Neckar).
  • [140647] High CVE-2012-2882: Wild pointer in OGG container handling. Credit to Google Chrome Security Team (Inferno).
  • [142310] Medium CVE-2012-2885: Possible double free on exit. Credit to the Chromium development community.
  • [143798] [144072] [147402] High CVE-2012-2890: Use-after-free in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.
  • [144051] Low CVE-2012-2891: Address leak over IPC. Credit to Lei Zhang of the Chromium development community.
  • [144704] Low CVE-2012-2892: Pop-up block bypass. Credit to Google Chrome Security Team (Cris Neckar).
  • [144799] High CVE-2012-2893: Double free in XSL transforms. Credit to Google Chrome Security Team (Cris Neckar).
  • [145029] [145157] [146460] High CVE-2012-2895: Out-of-bounds writes in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.
  • [Linux only] [137541] Critical CVE-2012-2859: Crash in tab handling. Credit to Jeff Roberts of Google Security Team.
  • [137671] Medium CVE-2012-2860: Out-of-bounds access when clicking in date picker. Credit to Chamal de Silva.

New in version 23.0.1271.1 Dev (September 21st, 2012)

  • Updated WebKit - 537.11
  • Fixed simultaneous audio playback is broken (Issue: 150003)
  • Fixed bug with Web Intents and non-sticky defaults (Issue: 148740)
  • Audio may drop out under certain play / pause cycles. (Issue: 150702)

New in version 23.0.1270.0 Dev (September 19th, 2012)

  • Updated V8 - 3.13.7.1
  • Fixed playback of multiple audio streams with Pepper Flash, WebRTC, and WebAudio.
  • Fixed crash when attempting to play audio without a sound card or via remote desktop.
  • Media Galleries Extension API should work on all platforms, though permission format has changed.
  • Chrome will automatically check for captive portals when showing SSL interstitials or when an HTTP server responds to an HTTPS request.

New in version 23.0.1262.0 Dev (September 11th, 2012)

  • Updated V8 - 3.13.6.0
  • Updated WebKit - 537.10
  • Fix top crashes (Issue: 142388, 146606)
  • Make the favicons for chrome:// URLs high DPI (Issue: 145228)

New in version 23.0.1255.0 Dev (September 5th, 2012)

  • Fixed a crash which occurred when scavenging sessionStorages. (Issue: 145068)
  • Packaged Apps can now request access to local media folders.
  • Fix crash when playing video on MB retina (Issue: 141541)

New in version 23.0.1251.2 Dev (September 1st, 2012)

  • All:
  • Fixes several known top crashers (Issue: 144436)
  • Fixed tab strip menu not working (Issue: 144425)

New in version 21.0.1180.89 (August 31st, 2012)

  • Several Pepper Flash fixes (Issue 140577, 144107, 140498, 142479).
  • Microphone issues with tinychat.com (Issue: 143192)
  • devtools regression with "save as" of edited source (issue: 141180)
  • mini ninjas shaders fails (Issue: 142705)
  • page randomly turns red/green gradient boxes (Issue: 110343)
  • [121347] Medium CVE-2012-2865: Out-of-bounds read in line breaking.
  • [134897] High CVE-2012-2866: Bad cast with run-ins.
  • [135485] Low CVE-2012-2867: Browser crash with SPDY.
  • [136881] Medium CVE-2012-2868: Race condition with workers and XHR.
  • [137778] High CVE-2012-2869: Avoid stale buffer in URL loading.
  • [138672] [140368] Low CVE-2012-2870: Lower severity memory management issues in XPath.
  • [138673] High CVE-2012-2871: Bad cast in XSL transforms.
  • [142956] Medium CVE-2012-2872: XSS in SSL interstitial.

New in version 23.0.1246.0 Dev (August 28th, 2012)

  • Updated V8 - 3.13.3.1
  • Updated WebKit - 537.8
  • Fixed favicons not showing in tab buttons.
  • Fixed cloud-printer being treated as local-printer problem.

New in version 23.0.1243.0 Dev (August 24th, 2012)

  • Updated V8 - 3.13.1.0
  • Updated WebKit - 537.6
  • SessionStorage is now persisted on disk; it’s stored and restored by the session restore system

New in version 22.0.1229.14 Beta (August 24th, 2012)

  • Mouse Lock API availability for Javascript
  • Additional Windows 8 enhancements
  • Continued polish for users of HiDPI/Retina screens

New in version 21.0.1180.82 (August 22nd, 2012)

  • Duplex Printing defaults to Yes, which prints extra pages even for a 1 page print out (Issue 138312).
  • Print preview takes forever on Win XP (issue: 140044)
  • Anti-DDoS inversion of logic (Issues: 141643, 141081)
  • Pepper Flash: in file uploads, treats HTTP status != 200 as failure, breaking (e.g.) uploads to Amazon S3 (Issue: 140468)
  • Projectmanager.com application causes Flash to hang (Issue: 141018)
  • Turn off TLS 1.1 in Chrome 21 Stable (Issue: 142172)
  • Setting and unsetting display:none obliterates current scroll position (issue: 140101)

New in version 21.0.1180.81 Beta (August 18th, 2012)

  • Duplex Printing defaults to Yes, which prints extra pages even for a 1 page print out (Issue 138312).
  • Print preview takes forever on Win XP (issue: 140044)
  • Anti-DDoS inversion of logic (Issues: 141643, 141081)
  • Pepper Flash: in file uploads, treats HTTP status != 200 as failure, breaking (e.g.) uploads to Amazon S3 (Issue: 140468)
  • Projectmanager.com application causes Flash to hang (Issue: 141018)
  • Turn off TLS 1.1 in Chrome 21 Stable (Issue: 142172)
  • An additional scroll bar appears at the right on many sites (issue: 140239)
  • Setting and unsetting display:none obliterates current scroll position (issue: 140101)

New in version 21.0.1180.79 (August 16th, 2012)

  • This build fixes a security issue with Adobe Flash.

New in version 21.0.1180.77 (August 14th, 2012)

  • This build fixes a problem with an item in Node::attributes disappearing.

New in version 21.0.1180.77 Beta (August 10th, 2012)

  • This build fixes a problem with an item in Node::attributes disappearing (Issue 140473).

New in version 21.0.1180.75 (August 9th, 2012)

  • This build fixes:
  • Flash videos not longer remaining in fullscreen when clicking a secondary monitor while the video is playing (Issue: 140366).
  • Flash video full screen displays on wrong monitor (Issue: 137523)
  • REGRESSION: Rendering difference in Chrome 21 and 22 that affected on Persian Wikipedia (Issue: 139502)
  • Some known crashes (Issues: 137498, 138552, 128652, 140140)
  • Audio objects are not "switched" immediately (Issue: 140247)
  • Print and Print Preview ignore paper size default in printer config (Issue: 135374)
  • Candidate windows is shown in wrong place in Retina display (Issue: 139108)
  • more of the choppy and distorted audio issues (Issue: 136624)
  • Japanese characters showing in Chinese font (Issue: 140432)
  • Video playback issues with flash-based sites (Issue: 139953)
  • Sync invalidation notification broken after restart (Issue: 139424)
  • Security fixes and rewards:
  • [136643] [137721] [137957] High CVE-2012-2862: Use-after-free in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.
  • [136968] [137361] High CVE-2012-2863: Out-of-bounds writes in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

New in version 21.0.1180.75 Beta (August 8th, 2012)

  • Flash videos not longer remaining in fullscreen when clicking a secondary monitor while the video is playing (Issue: 140366).
  • Flash video full screen displays on wrong monitor (Issue: 137523)
  • REGRESSION: Rendering difference in Chrome 21 and 22 that affected on Persian Wikipedia (Issue: 139502)
  • Some known crashes (Issues: 137498, 138552, 128652)
  • Audio objects are not "switched" immediately (Issue: 140247)
  • Print and Print Preview ignore paper size default in printer config (Issue: 135374)
  • Candidate windows is shown in wrong place in Retina display (Issue: 139108)
  • We've also fixed the issue with no webpages loading (Issue: 140982)

New in version 21.0.1180.64 Beta (August 7th, 2012)

  • more of the choppy and distorted audio issues (Issue: 136624).
  • Some known crashes (Issue: 140140)
  • Japanese characters showing in Chinese font (Issue: 140432)
  • Video playback issues with flash-based sites (Issue: 139953)
  • Sync invalidation notification broken after restart (Issue: 139424)

New in version 21.0.1180.57 (August 1st, 2012)

  • Missing re-prompt to user upon excessive downloads.
  • Overly broad file access granted after drag+drop.
  • Off-by-one read in GIF decoder.
  • Various lower severity issues in the PDF viewer.
  • Integer overflows in PDF viewer.
  • Use-after-free with bad object linkage in PDF.
  • webRequest can interfere with the Chrome Web Store.
  • Leak of pointer values to WebUI renderers.
  • Use-after-free in PDF viewer.
  • Out-of-bounds writes in PDF viewer.
  • Use-after-free in CSS DOM.
  • Buffer overflow in WebP decoder.
  • Crash in tab handling.
  • Out-of-bounds access when clicking in date picker.

New in version 22.0.1221.0 Dev (July 31st, 2012)

  • This update has an updated version of V8 (3.12.16.0) along with other improvements.

New in version 21.0.1180.57 Beta (July 27th, 2012)

  • All:
  • Fixed Youtube Drag & Drop Upload Not Working (Issue: 137024)
  • Mac:
  • Fixed Calendar picker for is garbled in HiDPI (Issue: 136958)

New in version 21.0.1180.55 Beta (July 26th, 2012)

  • All:
  • Several crash fixes (Issues: 131310, 134574)
  • Can't press Enter to save to PDF (Issue: 137690)
  • Mac:
  • Chrome returns black screen with no logged errors on WebGL examples (Issue: 138088)
  • Chrome Extension dropdown menus corrupted for when compositing is enabled (Issue: 135382)
  • Fixed Websites do not render completely in Presentation Mode (Issue: 137336)

New in version 22.0.1215.0 Dev (July 24th, 2012)

  • This build has an update version of V8 (3.12.14.0)
  • The Pepper Flash Player Plugin has been turned on by default on Mac OS X.

New in version 21.0.1180.49 Beta (July 19th, 2012)

  • All:
  • Several crash fixes (Issues: 134550, 129446)
  • Fixed Autofill does not work in Incognito mode (Issue: 137100)
  • Mac:
  • Fixed parental controls related problems on mac (Issue: 134311)

New in version 22.0.1207.1 Dev (July 17th, 2012)

  • Updated V8 - 3.12.11.0
  • New-style packaged apps are enabled by default.

New in version 21.0.1180.41 Beta (July 13th, 2012)

  • All
  • Updated V8 - 3.11.10.14
  • Several crash fixes
  • Fixed horizontal scrollbar flash on uber page
  • Fixed cloud printers not showing full list
  • Fixed profile editing on uber page
  • Fixed buffered area disappearing while playing video
  • Mac:
  • Several HiDPI enhancements
  • Several fullscreen and mouselock related fixed

New in version 20.0.1132.57 (July 12th, 2012)

  • This build contains an update to Flash player, v8 (3.10.8.20) and couple of stability/bug fixes.
  • Use-after-free in counter handling.
  • Use-after-free in layout height tracking.
  • Bad object access with JavaScript in PDF.

New in version 22.0.1201.0 Dev (July 10th, 2012)

  • This build has an update version of V8 (3.12.9.0)

New in version 21.0.1180.15 Beta (July 10th, 2012)

  • Contains some really great improvements including better communication and printing experiences.

New in version 21.0.1180.15 Dev (June 29th, 2012)

  • This version fixes a small sync problem (Issue: 134715) and contains a fix for Mac hardware with the Intel HD 4000 graphics chip (e.g. the new Macbook Airs), in order to prevent a resource leak which is causing a kernel panic on that hardware. This is a temporary change while we work on fixing the root cause of the issue.

New in version 20.0.1132.47 (June 29th, 2012)

  • This release disables some of Chrome’s GPU acceleration features on Mac hardware containing the Intel HD 4000 graphics chip (e.g. the new Macbook Airs), in order to prevent a resource leak which is causing a kernel panic on that hardware. This is a temporary change while we work on fixing the root cause of the issue.

New in version 20.0.1132.43 (June 27th, 2012)

  • Leak of iframe fragment id.
  • Use-after-free in table section handling.
  • Use-after-free in counter layout.
  • Crash in texture handling.
  • Out-of-bounds read in SVG filter handling.
  • Autofill display problem.
  • Misc. lower severity OOB read issues in PDF.
  • Use-after-free in SVG resource handling.
  • Use-after-free in SVG painting.
  • Out-of-bounds read in texture conversion.
  • Use-after-free in Mac UI.
  • Integer overflows in PDF.
  • Use-after-free in first-letter handling.
  • Wild pointer in array value setting.
  • Use-after-free in SVG reference handling.
  • Uninitialized pointer in PDF image codec.
  • Buffer overflow in PDF JS API.
  • Integer overflow in Matroska container.
  • Wild read in XSL handling.

New in version 21.0.1180.11 Dev (June 26th, 2012)

  • All:
  • Updated V8 - 3.11.10.12
  • Several crash fixes (Issues: 129884, 133692)
  • Mac:
  • Several HiDPI enhancements (Issues: 132910, 133542, 133299, 133376)
  • Fixed the bottom of the background tab is shining through the black border (Issue: 133565)

New in version 20.0.1132.43 Beta (June 25th, 2012)

  • This build contains stability fixes

New in version 20.0.1132.42 Beta (June 23rd, 2012)

  • This build contains a fix for GPU out of memory issue.

New in version 20.0.1132.41 Beta (June 22nd, 2012)

  • This build contains only updates to v8 (3.10.8.19) and fixes align=center issue.

New in version 21.0.1180.4 Dev (June 22nd, 2012)

  • All:
  • Updated V8 - 3.11.10.10
  • Fixed regression in alignment (Issue: 120859)
  • Fixed scrollbar layers being misplaced with a clipped owner layer (Issue: 132839)
  • Mac:
  • Fixed "Relaunch" button in canary doesn't do anything (Issue: 133737)

New in version 21.0.1180.0 Dev (June 20th, 2012)

  • All:
  • Updated V8 - 3.11.10.6
  • Content settings for Cookies now also show protected storage granted to hosted apps
  • Chromoting client plugin correctly up-scales on when page-zoom is >100%.
  • Mac:
  • Implement HiDPI drawing for composited pages
  • Handle dynamic changes to backing scale factor
  • Improve tabstrip appearance on HiDPI displays

New in version 20.0.1132.34 Beta (June 14th, 2012)

  • This build contains updates to v8 (3.10.8.16) and fixes for bugs and stability.

New in version 21.0.1171.0 Dev (June 12th, 2012)

  • HTML5 audio/video and WebAudio now support 24-bit PCM wave files.

New in version 19.0.1084.56 (June 10th, 2012)

  • Contains a new version of Flash Player (11.3), in addition to some minor stability fixes.

New in version 20.0.1132.27 Beta (June 7th, 2012)

  • This build contains updates to v8 (3.10.8.13) and fixes for bugs and stability.

New in version 19.0.1084.54 (June 6th, 2012)

  • Supports the transition to OS-X Mountain Lion

New in version 21.0.1163.0 Dev (June 5th, 2012)

  • Updated V8 - 3.11.8.0

New in version 19.0.1084.53 (June 1st, 2012)

  • Supports the transition to OS-X Mountain Lion.

New in version 20.0.1132.21 Beta (May 31st, 2012)

  • This build contains updates to v8 (3.10.8.11) and fixes for bugs and stability.

New in version 21.0.1155.2 Dev (May 30th, 2012)

  • Updated V8 - 3.11.6.2
  • Gamepad API prototype http://www.w3.org/TR/gamepad/ available by default.
  • TLS 1.1 is enabled by default.
  • Mouse Lock (Pointer Lock) no longer requires fullscreen. Native Client applications can use this now, while the JavaScript API still requires enabling in about:flags.

New in version 20.0.1132.17 Beta (May 25th, 2012)

  • This build contains updates to v8 (3.10.8.10) and fixes for bugs and stability.

New in version 19.0.1084.52 (May 24th, 2012)

  • CVE-2011-3103: Crashes in v8 garbage collection.
  • CVE-2011-3104: Out-of-bounds read in Skia.
  • CVE-2011-3105: Use-after-free in first-letter handling.
  • CVE-2011-3106: Browser memory corruption with websockets over SSL.
  • CVE-2011-3107: Crashes in the plug-in JavaScript bindings.
  • CVE-2011-3108: Use-after-free in browser cache.
  • CVE-2011-3110: Out of bounds writes in PDF.
  • CVE-2011-3111: Invalid read in v8.
  • CVE-2011-3112: Use-after-free with invalid encrypted PDF.
  • CVE-2011-3113: Invalid cast with colorspace handling in PDF.
  • CVE-2011-3114: Buffer overflows with PDF functions.
  • CVE-2011-3115: Type corruption in v8.

New in version 20.0.1132.11 Beta (May 22nd, 2012)

  • Contains several bug and stability fixes.

New in version 21.0.1145.0 Dev (May 22nd, 2012)

  • Updated V8 - 3.11.3.0
  • Allow certain unused renderer processes to exit before the tab is closed. (Issue: 126333)
  • Fix password autofill to work again for Incognito windows (Issue: 117720)
  • Prevent an infinite loop inside SSLClientSocketNSS::OnSendComplete. This has been observed in Chrome OS, but could also happen on other platforms. (Issue: 127822)

New in version 20.0.1132.11 Dev (May 18th, 2012)

  • This build contains updates to V8 (3.10.8.7) and several other fixes.

New in version 20.0.1132.8 Dev (May 16th, 2012)

  • This build contains updates to V8 (3.10.8.5) and several other fixes.

New in version 19.0.1084.46 (May 15th, 2012)

  • New Features:
  • Tab sync.
  • Fixes:
  • [112983] Low CVE-2011-3083: Browser crash with video + FTP. Credit to Aki Helin of OUSPG.
  • [113496] Low CVE-2011-3084: Load links from internal pages in their own process. Credit to Brett Wilson of the Chromium development community.
  • [118374] Medium CVE-2011-3085: UI corruption with long autofilled values. Credit to “psaldorn”.
  • [$1000] [118642] High CVE-2011-3086: Use-after-free with style element. Credit to Arthur Gerkis.
  • [118664] Low CVE-2011-3087: Incorrect window navigation. Credit to Charlie Reis of the Chromium development community.
  • [$500] [120648] Medium CVE-2011-3088: Out-of-bounds read in hairline drawing. Credit to Aki Helin of OUSPG.
  • [$1000] [120711] High CVE-2011-3089: Use-after-free in table handling. Credit to miaubiz.
  • [$500] [121223] Medium CVE-2011-3090: Race condition with workers. Credit to Arthur Gerkis.
  • [121734] High CVE-2011-3091: Use-after-free with indexed DB. Credit to Google Chrome Security Team (Inferno).
  • [$1000] [122337] High CVE-2011-3092: Invalid write in v8 regex. Credit to Christian Holler.
  • [$500] [122585] Medium CVE-2011-3093: Out-of-bounds read in glyph handling. Credit to miaubiz.
  • [122586] Medium CVE-2011-3094: Out-of-bounds read in Tibetan handling. Credit to miaubiz.
  • [$1000] [123481] High CVE-2011-3095: Out-of-bounds write in OGG container. Credit to Hannu Heikkinen.
  • [Linux only] [123530] Low CVE-2011-3096: Use-after-free in GTK omnibox handling. Credit to Arthur Gerkis.
  • [123733] [124182] High CVE-2011-3097: Out-of-bounds write in sampled functions with PDF. Credit to Kostya Serebryany of Google and Evgeniy Stepanov of Google.
  • [Windows only] [124216] Low CVE-2011-3098: Bad search path for Windows Media Player plug-in. Credit to Haifei Li of Microsoft and MSVR (MSVR:159).
  • [124479] High CVE-2011-3099: Use-after-free in PDF with corrupt font encoding name. Credit to Mateusz Jurczyk of Google Security Team and Gynvael Coldwind of Google Security Team.
  • [124652] Medium CVE-2011-3100: Out-of-bounds read drawing dash paths. Credit to Google Chrome Security Team (Inferno).

New in version 20.0.1132.3 Dev (May 12th, 2012)

  • This build contains update for several fixes.

New in version 20.0.1130.1 Dev (May 9th, 2012)

  • This build contains update for V8 - 3.10.8.4 and several stability fixes.

New in version 20.0.1123.4 Dev (May 4th, 2012)

  • This build contains fixes for rendering and stability.

New in version 20.0.1123.1 Dev (May 2nd, 2012)

  • Updated V8 - 3.10.6.0
  • Fixed about:inducebrowsercrashforrealz

New in version 18.0.1025.168 (May 1st, 2012)

  • [106413] High CVE-2011-3078: Use after free in floats handling. Credit to Google Chrome Security Team (Marty Barbella) and independent later discovery by miaubiz.
  • [117110] High CVE-2012-1521: Use after free in xml parser. Credit to Google Chrome Security Team (SkyLined) and independent later discovery by wushi of team509 reported through iDefense VCP(V-874rcfpq7z).
  • [117627] Medium CVE-2011-3079: IPC validation failure. Credit to PinkiePie.
  • [121726] Medium CVE-2011-3080: Race condition in sandbox IPC. Credit to Willem Pinckaers of Matasano.
  • [$1000] [121899] High CVE-2011-3081: Use after free in floats handling. Credit to miaubiz.

New in version 20.0.1115.1 Dev (April 25th, 2012)

  • contains few fixes and update to V8 (3.10.5.0)

New in version 18.0.1025.165 (April 24th, 2012)

  • This release fixes a top crasher on the Mac.

New in version 19.0.1084.30 Beta (April 19th, 2012)

  • update the localization and fixed a number of stability issues.

New in version 20.0.1105.0 Dev (April 18th, 2012)

  • All:
  • Updated V8 - 3.10.2.1
  • Fixed issues - 121584, 122130, 122850, 123403
  • Fixed empty apps page crash. (Issue: 122214)
  • Windows:
  • Fixed a crash in the Cloud Print connector when connecting via Remote Desktop (Issue: 122996)
  • Fixed incorrect program icon being shown in the task switcher. (Issue: 118368)
  • Fixed downloads page drag/drop. (Issue: 122946)

New in version 18.0.1025.163 (April 17th, 2012)

  • This release fixes issues with fonts

New in version 18.0.1025.162 (April 13th, 2012)

  • HTML5 audio doesn't work on some Mac computers

New in version 20.0.1096.1 Dev (April 11th, 2012)

  • Updated V8 - 3.10.0.5
  • file: downloads allowed again.
  • Enable the Chrome To Mobile page action for users with compatible registered devices [r130312]
  • Fixed issues 120430, 118960, 120978, 118715

New in version 18.0.1025.152 (April 10th, 2012)

  • This release fixes issues with SSL (Issue: 118706).

New in version 19.0.1084.15 Dev (April 6th, 2012)

  • Other Devices menu shows last update time for other sessions, and allows sessions to be hidden using a context menu.
  • Fix sync issue with sessions (open tabs) triggering an unrecoverable error.
  • Fixed Sync/Apps: NTP apps icons missing after sync. [Issue: 117857]
  • Fixed bookmarks drag-n-drop in Bookmark Manager. [Issue: 118715

New in version 18.0.1025.151 (April 6th, 2012)

  • Fixes:
  • black screen on Hybrid Graphics system with GPU accelerated compositing enabled (Issue: 117371)
  • CSS not applied to element (Issue: 114667)
  • Regression rendering a div with background gradient and borders (Issue: 113726)
  • Canvas 2D line drawing bug with GPU acceleration (Issue: 121285)
  • Multiple crashes (Issues: 72235, 116825 and 92998)
  • Pop-up dialog is at wrong position (Issue: 116045)
  • HTML Canvas patterns are broken if you change the transformation matrix (Issue: 112165)
  • SSL interstitial error "proceed anyway" / "back to safety" buttons don't work (Issue: 119252)
  • Known Issues:
  • HTML5 audio doesn't work on some Mac computers (Issue: 109441)
  • Security fixes and rewards:
  • A new version of Flash Player is included. More details are available in an addendum to this Flash Player advisory.
  • [$500] [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping. Credit to miaubiz.
  • [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to Sergey Glazunov.
  • [$1000] [117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to miaubiz.
  • [$1000] [117728] High CVE-2011-3069: Use-after-free in line box handling. Credit to miaubiz.
  • [118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to Google Chrome Security Team (SkyLined).
  • [118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).
  • [118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up window. Credit to Sergey Glazunov.
  • [$1000] [118593] High CVE-2011-3073: Use-after-free in SVG resource handling. Credit to Arthur Gerkis.
  • [$500] [119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit to Sławomir Błażek.
  • [$1000] [119525] High CVE-2011-3075: Use-after-free applying style command. Credit to miaubiz.
  • [$1000] [120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to miaubiz.
  • [120189] Medium CVE-2011-3077: Read-after-free in script bindings. Credit to Google Chrome Security Team (Inferno).

New in version 19.0.1084.9 Dev (April 4th, 2012)

  • Updated V8 - 3.9.24.7
  • Fixed issues: 120519, 120978, 120430, 120193

New in version 19.0.1084.1 Dev (March 30th, 2012)

  • Fixed issue cannot add GMail app to Chrome.
  • Fixed theme and bookmarks bar notifications.
  • Fixed popup prompting permission for flash plugin.

New in version 19.0.1081.2 Dev (March 29th, 2012)

  • Updated V8 - 3.9.24.1
  • The Other Devices menu on the new tab page restores the navigation history when a tab is restored.
  • Disable file: or data: downloads for security hardening.
  • Fixed: Extension and download icons are drawn incorrectly

New in version 18.0.1025.142 (March 29th, 2012)

  • Bad interaction possibly leading to XSS in EUC-JP.
  • Out-of-bounds read in SVG text handling.
  • Out-of-bounds read in text fragment handling.
  • SPDY proxy certificate checking error.
  • Off-by-one in OpenType Sanitizer.
  • Validate navigation requests from the renderer more carefully.
  • Use-after-free in SVG clipping.
  • Memory corruption in Skia.
  • Invalid read in v8.

New in version 18.0.1025.140 Beta (March 27th, 2012)

  • Fixed Font settings aren't saved on quit (Issue: 112706)
  • Fixed IME failure on specific flows with a windowless Flash (Issue: 117758)
  • Fixed Crash when creating a new tab while the previous one is still loading (Issue: 87176)
  • Fixed Drag and Drop issues (Issue: 119700)

New in version 19.0.1077.3 Dev (March 24th, 2012)

  • Updated V8 - 3.9.23.0
  • Fixed dialog boxes in settings. (Issue: 118031)
  • Fixed flash videos turning white on mac when running with --disable-composited-core-animation-plugins (Issue: 117916)
  • Change to look for correctly sized favicon when multiple images are provided. (Issue: 118275)
  • Fixed issues - 116044, 117470, 117068, 117668, 118620

New in version 17.0.963.83 (March 22nd, 2012)

  • [$1000] [113902] High CVE-2011-3050: Use-after-free with first-letter handling. Credit to miaubiz.
  • [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit to Glenn Randers-Pehrson of the libpng project.
  • [$1000] [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling. Credit to Arthur Gerkis.
  • [116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling. Credit to Ben Vanik of Google.
  • [$1000] [116746] High CVE-2011-3053: Use-after-free in block splitting. Credit to miaubiz.
  • [117418] Low CVE-2011-3054: Apply additional isolations to webui privileges. Credit to Sergey Glazunov.
  • [117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked extension installation. Credit to PinkiePie.
  • [$2000] [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”. Credit to Sergey Glazunov.
  • [$500] [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian Holler.
  • Also, this single low severity issue was fixed in a previous patch but we forgot to issue proper credit:
  • [108648] Low CVE-2011-3049: Extension web request API can interfere with system requests. Credit to Michael Gundlach.

New in version 18.0.1025.129 Beta (March 22nd, 2012)

  • Brings back Print Preview.

New in version 18.0.1025.113 Beta (March 19th, 2012)

  • Changes to turns of print preview and fixes a few known crashes and memory issues.

New in version 18.0.1025.109 Beta (March 18th, 2012)

  • Changes to V8 back version 3.8.

New in version 18.0.1025.108 Beta (March 17th, 2012)

  • Changes to V8 version 3.7
  • Contains fixes for a number of stability issues along with other bugs

New in version 18.0.1025.100 Beta (March 16th, 2012)

  • turns prerendering back on and it contains fixes for a number of stability issues along with other bugs.

New in version 19.0.1068.1 Dev (March 15th, 2012)

  • This build contains a fix for browser hang and increase in CPU usage.

New in version 18.0.1025.58 Beta (March 15th, 2012)

  • GPU acceleration of the Canvas 2D is now reenabled.
  • We've reenabled the image transport surface on Windows Vista and 7.
  • We fixed a race condition in audio.
  • Disabled prerender.

New in version 19.0.1068.0 Dev (March 14th, 2012)

  • Users of Chrome for Android who have tab sync enabled can use the “Other Devices” menu on the new tab page to open tabs from other devices.
  • Several fixes and improvements in the new Settings, Extensions, and Help pages.
  • Fixed the flashing when switched between composited and non-composited mode.
  • Fixed stability issues

New in version 17.0.963.79 (March 11th, 2012)

  • Fixes issues with Flash games
  • Fixes errant plug-in load and GPU process memory corruption.

New in version 18.0.1025.54 Beta (March 9th, 2012)

  • Fixed Chrome install/update resets Google search preferences (Issue: 105390)
  • Don't trigger accelerated compositing on 3D CSS when using swiftshader (Issue: 116401)
  • Fixed a GPU crash (Issue: 116096)
  • More fixes for Back button frequently hangs (Issue: 93427)
  • Bastion now works (Issue: 116285)
  • Fixed Composited layer sorting irregularity with accelerated canvas (Issue: 102943)
  • Fixed Composited layer sorting irregularity with accelerated canvas (Issue: 102943)
  • Fixed Google Feedback causes render process to use too much memory (Issue: 114489)
  • Fixed after upgrade, some pages are rendered as blank (Issue: 109888)
  • Fixed Pasting text into a single-line text field shouldn't keep literal newlines (Issue: 106551)

New in version 17.0.963.78 (March 9th, 2012)

  • Critical CVE-2011-3046: UXSS and bad history navigation.

New in version 19.0.1061.1 Dev (March 7th, 2012)

  • Updated V8 - 3.9.13.0
  • Added remote file system support for File object by 'create-snapshot-first' approach
  • Fixed overlap of apps in NTP when deleting and reinstalling app
  • Fixed issues - 116174, 115309, 115858, 108239, 115399, 105054 (ChromeOS-specific)

New in version 17.0.963.66 (March 7th, 2012)

  • fixes an issue in the DOM.

New in version 17.0.963.65 (March 5th, 2012)

  • Cursors and backgrounds sometimes do not load
  • Plugins not loading on some pages
  • Text paste includes trailing spaces
  • Websites using touch controls break

New in version 18.0.1025.45 Beta (March 1st, 2012)

  • Fixed NTP signed in state is missing (Issue: 112676)
  • Fixed gmail seems to redraw itself (all white) occasionally (Issue: 111263)
  • Focus "OK" button on Javascript dialogs (Issue: 111015)
  • Fixed Back button frequently hangs (Issue: 93427)
  • Increase the buffer size to fix muted playback rate (Issue: 108239)
  • Fixed Empty span with line-height renders with non-zero height (Issue: 109811)

New in version 19.0.1055.1 Dev (February 29th, 2012)

  • stability fixes
  • updated V8 to 3.9.11.0

New in version 19.0.1049.3 Dev (February 24th, 2012)

  • All:
  • Updated V8 - 3.9.8.0
  • Marked the Certum Trusted Network CA as an issuer of extended-validation (EV) certificates.
  • Fixed importing of bookmarks, history, etc. from Firefox 10+.
  • Fixed issues
  • Mac:
  • Worked around lockups of mid-2010 MacBook Pros (dual NVIDIA/Intel GPUs)
  • running 10.7. Please stress test Flash, WebGL and other GPU accelerated
  • content on such machines and file bugs referencing Issue 113703 if issue persists.

New in version 18.0.1025.39 Beta (February 22nd, 2012)

  • All:
  • Updated V8 - 3.8.9.8
  • Fixed several crashes (Issues: 111376, 108688, 114391)
  • Fixed Firefox browser in Import Bookmarks and Settings drop-down (Issue: 114476)
  • Sync: Sessions aren't associating pre-existing tabs (Issue: 113319)
  • Fixed All "Extensions" make an entry under the "NTP Apps" page (Issue: 113672)
  • Mac:
  • Fixed Custom cursor decoding with wrong color (Issue: 114598)
  • Fixed Custom image cursor makes the cursor disappear altogether (Issue: 111027)
  • Fixed Chrome on dual-GPU NVIDIA/Intel MacBook Pro hangs browser (Issue 113703)

New in version 18.0.1025.33 Beta (February 16th, 2012)

  • All:
  • Updated V8 - 3.8.9.6
  • Fixed several crashes (Issues: 110943, 110234, 110176, 108986)
  • Sync: Conflicting sync entries should not be committed (Issue: 82236)
  • Back button frequently hangs (Issue: 93427)
  • Fixed Speech input bubble borders don't closing (Issues: 98323, 112194)
  • Improved the quality of the omnibox
  • Mac:
  • Fixed Gap between download shelf and vertical scrollbar (Issue: 111266)

New in version 17.0.963.56 (February 16th, 2012)

  • [105803] High CVE-2011-3015: Integer overflows in PDF codecs. Credit to Google Chrome Security Team (scarybeasts).
  • [$500] [106336] Medium CVE-2011-3016: Read-after-free with counter nodes. Credit to miaubiz.
  • [$1000] [108695] High CVE-2011-3017: Possible use-after-free in database handling. Credit to miaubiz.
  • [$1000] [110172] High CVE-2011-3018: Heap overflow in path rendering. Credit to Aki Helin of OUSPG.
  • [110849] High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit to Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk of the Google Security Team.
  • [111575] Medium CVE-2011-3020: Native client validator error. Credit to Nick Bray of the Chromium development community.
  • [$1000] [111779] High CVE-2011-3021: Use-after-free in subframe loading. Credit to Arthur Gerkis.
  • [112236] Medium CVE-2011-3022: Inappropriate use of http for translation script. Credit to Google Chrome Security Team (Jorge Obes).
  • [$500] [112259] Medium CVE-2011-3023: Use-after-free with drag and drop. Credit to pa_kt.
  • [112451] Low CVE-2011-3024: Browser crash with empty x509 certificate. Credit to chrometot.
  • [$500] [112670] Medium CVE-2011-3025: Out-of-bounds read in h.264 parsing. Credit to Sławomir Błażek.
  • [$1337] [112822] High CVE-2011-3026: Integer overflow / truncation in libpng. Credit to Jüri Aedla.
  • [$1000] [112847] High CVE-2011-3027: Bad cast in column handling. Credit to miaubiz.

New in version 19.0.1041.0 Dev (February 15th, 2012)

  • Make speech input bubble borders close with the bubble
  • Fixed stability issues

New in version 19.0.1036.7 Dev (February 11th, 2012)

  • Updated V8 - 3.9.4.0
  • Fix: open incognito windows at exit created extra normal windows when the session was restored
  • Show spelling suggestions for misspelled words from the online spellchecker provided by Google (only after users opt into sending text to the service)
  • When translating a page, get the code and translation via HTTPS

New in version 18.0.1025.11 Beta (February 10th, 2012)

  • ntp: add more UMA to prove existing UMA is sane.
  • Exempt default apps from external-extension alerts.
  • Remove 2 pointless NULL checks. These two functions are normal functions these days and can't be NULL.
  • Add AUTHENTICATED session state. Also removed AUTHENTICATED state from ConnectionToHost
  • [Sync] Add new EnumSet class representing a set of enum values. This will eventually replace ModelType{Bit,}Set.
  • Reland 112770, but with test disabled. Prevent a crash in the first run search engine selector.It is possible to try and close the window now before the TemplateURLService is loaded. In this case we will not have a fallback search engine to select by default. So we will just reject attempts to close the window in this circumstance until it is loaded and a fallback choice has been set. It should be an edge case.
  • Use Google OAuth userinfo API to get profile information
  • Update CreateTabContents to use a content::Referrer instead of a plain URL

New in version 17.0.963.46 (February 8th, 2012)

  • New features:
  • New Extensions APIs
  • Updated Omnibox Prerendering
  • Download Scanning Protection
  • Many other small changes
  • Security fixes and rewards:
  • [73478] Low CVE-2011-3953: Avoid clipboard monitoring after paste event. Credit to Daniel Cheng of the Chromium development community.
  • [92550] Low CVE-2011-3954: Crash with excessive database usage. Credit to Collin Payne.
  • [93106] High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit to David Grogan of the Chromium development community.
  • [103630] Low CVE-2011-3956: Incorrect handling of sandboxed origins inside extensions. Credit to Devdatta Akhawe, UC Berkeley.
  • [$1000] [104056] High CVE-2011-3957: Use-after-free in PDF garbage collection. Credit to Aki Helin of OUSPG.
  • [$2000] [105459] High CVE-2011-3958: Bad casts with column spans. Credit to miaubiz.
  • [$1000] [106441] High CVE-2011-3959: Buffer overflow in locale handling. Credit to Aki Helin of OUSPG.
  • [$500] [108416] Medium CVE-2011-3960: Out-of-bounds read in audio decoding. Credit to Aki Helin of OUSPG.
  • [$1000] [108871] Critical CVE-2011-3961: Race condition after crash of utility process. Credit to Shawn Goertzen.
  • [$500] [108901] Medium CVE-2011-3962: Out-of-bounds read in path clipping. Credit to Aki Helin of OUSPG.
  • [109094] Medium CVE-2011-3963: Out-of-bounds read in PDF fax image handling. Credit to Atte Kettunen of OUSPG.
  • [109245] Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to Code Audit Labs of VulnHunt.com.
  • [109664] Low CVE-2011-3965: Crash in signature check. Credit to Sławomir Błażek.
  • [$1000] [109716] High CVE-2011-3966: Use-after-free in stylesheet error handling. Credit to Aki Helin of OUSPG.
  • [109717] Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben Carrillo.
  • [$1000] [109743] High CVE-2011-3968: Use-after-free in CSS handling. Credit to Arthur Gerkis.
  • [$1000] [110112] High CVE-2011-3969: Use-after-free in SVG layout. Credit to Arthur Gerkis.
  • [$500] [110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to Aki Helin of OUSPG.
  • [$1000] [110374] High CVE-2011-3971: Use-after-free with mousemove events. Credit to Arthur Gerkis.
  • [110559] Medium CVE-2011-3972: Out-of-bounds read in shader translator. Credit to Google Chrome Security Team (Inferno).

New in version 18.0.1025.7 Dev (February 8th, 2012)

  • Users can now sync NTP icons to their profile and keep their order across different instances of chrome.
  • Pointer Lock / Mouse Lock is implemented behind a flag (see about:flags). Mac only bug fix when closing a tab.
  • Fixed stability crashes

New in version 18.0.1025.3 Dev (February 3rd, 2012)

  • Fixed URL handling of settings page.
  • Fixed crash when unpacking extension.
  • Fixed the case where the utility process crashes after all plugins have been loaded.

New in version 18.0.1025.1 Dev (February 1st, 2012)

  • All:
  • Updated V8 - 3.8.9.0
  • Moved the ‘privacy’ extension API out of experimental
  • Mac:
  • Fixed bookmarks menu being empty after switching profile.
  • Perform Lion navigation gestures in the right window
  • Fixed momentum scrolling that’s broken in iframes.
  • Fixed Devtools closing in wrong tab when clicking close after resize.

New in version 17.0.963.46 Beta (January 31st, 2012)

  • [GTK] Don't wrap download item warning if the warning is short.
  • Fix race condition in utility process clients:
  • A few clients of the utility process had a race condition that could lead to a
  • browser crash if the utility process crashed. IndexedDB was the worst offender.
  • WebstoreInstallHelper, the profile importer, and posix plugin loader were also
  • affected.
  • As a side effect, NaClProcessHost and GpuProcessHost are now notified when
  • their respective processes are killed and treat such an occurrence as a crash.
  • Disable profile shortcuts on M17
  • Quick fix to resolve a heap corruption in shader translator.
  • Don't force groups.google.com to HTTPS.
  • Fix a crash in profile_shortcut_manager_win involving ProfileInfoCache::GetIndexOfProfileWithPath.
  • Disable NetworkDelayListener because it creates too long delays during session restart

New in version 17.0.963.44 Beta (January 26th, 2012)

  • Bookmarks menu empty after switching profile:
  • Fixes tear-down of the BookmarkMenuCocoaController so that it only de-registers itself as the main menu's delegate. During tear-down it was mistakenly de-registering the newly installed BookmarkMenuCocoaController for a different profile.
  • Fix issue with pattern parsing in xsltCompilePatternInternal
  • return early from ProcessRawBytesWithSeperators() when data length is 0
  • Fix null deref when walking cert chain.
  • Change omnibox behavior when stripping javascript schema to navigate after stripping the schema on drag drop.

New in version 18.0.1017.2 Dev (January 25th, 2012)

  • All:
  • Updated V8 - 3.8.7.1
  • Enable linear scaling for Chrome Remote Desktop’s scale-to-fit feature. (issue 93451)
  • Fixed popup windows issue (Issue: 106967)
  • Fixed crashes in extension binding (Issue: 110694)
  • When Strict Transport Security mandates that HTTPS certificate errors must be fatal, add a string telling the user why. (Issue: 110191)
  • Mac:
  • Fixed flashing window while deleting profile (Issue: 108801)

New in version 16.0.912.77 (January 24th, 2012)

  • [106484] High CVE-2011-3924: Use-after-free in DOM selections. Credit to Arthur Gerkis.
  • [107182] Critical CVE-2011-3925: Use-after-free in Safe Browsing navigation. Credit to Chamal de Silva.
  • High CVE-2011-3928: Use-after-free in DOM handling. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1415).
  • [108605] High CVE-2011-3927: Uninitialized value in Skia. Credit to miaubiz.
  • [109556] High CVE-2011-3926: Heap-buffer-overflow in tree builder. Credit to Arthur Gerkis.

New in version 18.0.1010.2 Dev (January 21st, 2012)

  • Improvement to wifi stability.
  • Improved system hardening [Yama support, etc]

New in version 17.0.963.38 Beta (January 19th, 2012)

  • Merge 118016 - Disable GAIA profile info. This CL disables the GAIA profile info feature for now. Note, this is basically a revert of r112368.
  • Merge 117924 - Fix default apps losing the "bookmark app" bit once they get updated.
  • Merge 115632 - Add performance_ui_tests to chrome_official_builder.
  • Mark css3/flexbox/position-absolute-child.html as failing.
  • Merge 117944 - Stop pumping messages while handling cookie requests for Chrome Frame. This is to reduce (and possibly remove) the likelihood of hitting the deferred navigation code path in webkit when a navigation event is received while pumping messages. The deferered navigation code path puts the renderer's FrameLoader instance into an invalid state that eventually causes a crash. Note that there is a side effect to this. If we don't pump messages then anything done as part of the cookie request that would require the renderer to pump messages will result in deadlock.
  • Updating XTBs based on .GRDs from branch 963
  • Help compiler by pointing it to the right PostTask method.
  • Merge 117658 - Substitute ResourceHandlers with dummy ResourceHandler while request is transferred
  • Merge 117685 - Prevent callbacks after URLRequest/URLRequestJob have been canceled/completed/killed.
  • Merge 113806 - Revert 113794 - Revert 113785 - Enable TransferNavigationResourceHandler
  • Merge 117127 - mach_port_deallocate() the result of mach_thread_self(), which obtains a port send right.
  • Disable accelerated 2D canvas in M17 branch (963)
  • Merge 117854 - Do not preload auth extension on lock screen.
  • Merge 114784 - Extension docs: Links from `samples.html` now point to the correct branch.
  • Merge 117507 - Crash fix for mobile activation page refresh request.
  • Merge 117361 - Print Preview: Handle a CHECK that's getting hit in PrintPreviewHandler::HandlePrint().
  • Merge 117260 - Fix bug 104170: [Mac OS] Best-fit-window-zoom doesn't work anymore
  • Merge 116775 - Revert 116769 - Revert 116765 - Revert 111279 - Removed logic that was disabling other types of network connections during mobile activation.
  • Merge 117082 - Copy all the max page IDs to Instant/Prerender's TabContents
  • This fixes history problems that could arise with the previous approach.
  • disable flaky test
  • Fix flakiness and re-enable http search in find_in_page.FindMatchTests.testSearchInPDF for 963
  • Add loop to _VerifySearchInPDFURL to try FindInPage 10 times and re-raise
  • the exception on the final loop. This is required because
  • _GetResultFromJSONRequest appears to timeout if called before the PDF has
  • loaded.
  • Add timeout parameter to pyauto.FindInPage to be passed to
  • _GetResultFromJSONRequest to speed up the loop in _VerifySearchInPDFURL
  • from the default of 45 seconds to 1 second.
  • Re-enable test on Win, Mac, and Linux.
  • Merge 116931 - Calculate extension permission increases from changes in warning messages.
  • Instead of calculating permission increases from changes in API permissions, use the changes in actual warning messages. This makes sure we only prompt the user once when permissions share warnings.
  • Merge 116961 - Use the current download directory when installing extensions.The WebstoreInstaller had been downloading extensions to the default download directory, rather than the user's current selection.
  • Merge 115885 - Fixed the prefetch in the Photo Editor
  • Merge 117205 - Implements queue for serializing device settings change requests. Without the queue there exists a chance for running into races between stores to the policy blob that come very close to each other, and cause the second change to erase the results of the first change.
  • Merge 115883 - Fixed navigation after editing in the Photo Editor
  • Merge 117146 - Remove contexts from lists of shared contexts on lost context. Even if a context was lost, we tried to use it as the share group for newly-created contexts, resulting in a new context that shared with nothing. Remove all the dead contexts from the list of shared contexts to avoid that.
  • Merge 116457 - Fix crash in didReceiveData, if user calls Close() during RunCallback.
  • Fix same-origin requests, so they can send credentials.
  • Merge 113417 - Fix null pointer exception in WebViewColorOverlay.
  • Merge 116581 - When renderer process tries to establish a GPU channel, close any existing one.
  • Merge 117173 - Add NULL-check around |url| in TemplateURLService::SetDefaultSearchProviderNoNotify
  • Merge 117178 - Postpone deletion of P2PTransportImpl internals when it is being deleted.
  • [filebrowser] Change 'File Shelf' to 'Chromebook'.
  • Merge 115134 - [filebrowser] In image editor, remove focus from file name edit when clicked outside.
  • [filebrowser] Fix the context menu not working, and move new folder action there instead of separate button.

New in version 17.0.963.38 Beta (January 19th, 2012)

  • This update fixes a number of stability and UI issues.

New in version 18.0.1010.0 Dev (January 18th, 2012)

  • All:
  • The PDF plugin now adds ‘Rotate Clockwise’ and ‘Rotate Counterclockwise’ commands to context menus, so users can more easily view documents scanned horizontally.
  • Updated the first-run bubble text and added a link to change the current search engine. (Issue: 117521)
  • Fixed HTML5 showing download bar in fullscreen mode. (Issue: 99673)
  • Mac:
  • Fixed issue where Cmd-W would close the whole window in fullscreen mode. (Issue: 109793)
  • Fixed best-fit-window-zoom. (Issue: 104170)

New in version 17.0.963.33 Beta (January 12th, 2012)

  • This update fixes a number of stability and UI issues.

New in version 18.0.1003.1 Dev (January 11th, 2012)

  • Updated V8 - 3.8.4.1
  • Fixed several crashes (Issues 106869, 104046, 106989, 107574, 106891, 108687, 107171, 109002)
  • When a profile is synced, use GAIA name + GAIA photo for avatar - Use Google OAuth userinfo API to get profile information (Issue: 91241)
  • Added support for manifest_version attribute for extensions (Issue: 62897)
  • Eliminate drawing glitch on WebUI radio controls. (Issue: 105755)
  • Fixed regression with extension omnibox API where whitespace would get trimmed (Issue: 106355)
  • Fix page zoom for plug-in documents (Issues: 106013, 106228)
  • Fix race condition in extension service that causes extensions installed (Issue: 101935)
  • Folders in the wrench menu and application menu are greyed out (Issue: 109196)
  • Better error handling in audio wave out. (Issue: 108685)
  • Made URL filter for web request API mandatory (Issue: 106590)
  • Reject weak RSA and DSA keys when validating certificate chains for HTTPS; related UI (r114879, r116442, r115924)

New in version 17.0.963.26 Beta (January 6th, 2012)

  • New Extensions APIs
  • Updated Omnibox Prerendering
  • Download Scanning Protection
  • Many other small changes

New in version 16.0.912.75 (January 6th, 2012)

  • Security fixes and rewards:
  • [$1000] [106672] High CVE-2011-3921: Use-after-free in animation frames. Credit to Boris Zbarsky of Mozilla.
  • [$1000] [107128] High CVE-2011-3919: Heap-buffer-overflow in libxml. Credit to Jüri Aedla.
  • [108006] High CVE-2011-3922: Stack-buffer-overflow in glyph handling. Credit to Google Chrome Security Team (Cris Neckar).

New in version 17.0.963.26 Dev (January 5th, 2012)

  • All:
  • Updated V8 - 3.7.12.12
  • Make webstore installs work when the Downloads folder is missing. (Issue: 108812)
  • Mac:
  • Fixed crashes when running on top of Apple's software OpenGL renderer. (Issue: 106891)
  • Fix the fullscreen exit bubble's shadow on lion. (Issue: 106798)

New in version 17.0.963.12 Dev (December 16th, 2011)

  • This release contains stability and feature improvements.

New in version 16.0.912.63 (December 13th, 2011)

  • [81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to David Holloway of the Chromium development community.
  • [95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team (Inferno).
  • [$500] [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit to Aki Helin of OUSPG.
  • [$1000] [99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit to Mitja Kolsek of ACROS Security.
  • [100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to Aki Helin of OUSPG.
  • [101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property array. Credit to Google Chrome Security Team (scarybeasts) and Chu.
  • [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling. Credit to Google Chrome Security Team (Cris Neckar).
  • [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF. Credit to Google Chrome Security Team (scarybeasts) and Robert Swiecki of the Google Security Team.
  • [$1000] [102359] High CVE-2011-3912: Use-after-free in SVG filters. Credit to Arthur Gerkis.
  • [$1000] [103921] High CVE-2011-3913: Use-after-free in Range handling. Credit to Arthur Gerkis.
  • [$1000] [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling. Credit to Sławomir Błażek.
  • [$1000] [104529] High CVE-2011-3915: Buffer overflow in PDF font handling. Credit to Atte Kettunen of OUSPG.
  • [$500] [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross references. Credit to Atte Kettunen of OUSPG.
  • [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to Google Chrome Security Team (Marty Barbella).
  • [107258] High CVE-2011-3904: Use-after-free in bidi handling. Credit to Google Chrome Security Team (Inferno) and miaubiz.

New in version 17.0.963.2 Dev (December 9th, 2011)

  • Fixing background mode manager to correctly display the name of the profile in the status icon. Previously it was not being updated when Chrome first started up and it was also using the incorrect name. Now it gets the correct name from the profile info cache and also updates based on changes to the profile info cache.

New in version 16.0.912.63 Beta (December 8th, 2011)

  • Fix crash bug in SpdyProxyClientSocket.GetPeerAddress where spdy_stream_ was used when NULL. We now copy the peer address and local address from spdy_stream_ when we connect.

New in version 17.0.963.0 Dev (December 7th, 2011)

  • All Platforms:
  • Updated V8 - 3.7.12.6
  • r113121 Omnibox suggestions will now be prerendered if our confidence of the user following the suggestion is high.
  • Support for
  • Content Settings (in Options, Under the Hood) now has UI for “Mouse Cursor”, which controls the Mouse Lock API permissions.
  • r110556 Fixed a renderer crash that could happen when opening a new tab with many tabs open.
  • WebKit Issue 73056 - Small fix for BiDi selection.
  • WebKit Issue 63903 - Fixed WebKit's implementation of bdo, bdi, and output elements to match HTML5 spec section 10.3.5.
  • Mac:
  • The PDF viewer now renders nicer looking text.
  • r111426 - Plugins using the Core Animation rendering model are now rendered through Chrome’s compositor rather than directly to the screen. This should have no user visible side effects; please file bugs and cc: kbr@chromium.org if any unexpected issues are seen with plugin rendering on Mac.

New in version 17.0.942.0 Dev (November 18th, 2011)

  • All:
  • Updated V8 - 3.7.7.0.
  • Fixed New Tab page apps re-ordering issue.
  • Policy support for disabling the Cloud Print Connector has been added.

New in version 15.0.874.121 (November 17th, 2011)

  • Updated V8 - 3.5.10.24
  • This build contains the fix to a regression: SVG in iframe doesn't use specified dimensions (Issue: 98951)

New in version 17.0.938.0 Dev (November 15th, 2011)

  • Updated V8 - 3.7.6.0. This release includes the new garbage collector.

New in version 15.0.874.120 (November 10th, 2011)

  • All:
  • Updated V8 - 3.5.10.23
  • Fix small print sizing issues (issues: 102186, 82472, 102154)
  • This new build also contains a new version of Flash which contains security fixes.
  • Mac:
  • Fixed the "certificate is not yet valid" error for server certificate issued by a VeriSign intermediate CA. (issue 101555)
  • Security fixes and rewards:
  • [$500] [100465] High CVE-2011-3892: Double free in Theora decoder. Credit to Aki Helin of OUSPG.
  • [$500] [100492] [100543] Medium CVE-2011-3893: Out of bounds reads in MKV and Vorbis media handlers. Credit to Aki Helin of OUSPG.
  • [101172] High CVE-2011-3894: Memory corruption regression in VP8 decoding. Credit to Andrew Scherkus of the Chromium development community.
  • [$1000] [101458] High CVE-2011-3895: Heap overflow in Vorbis decoder. Credit to Aki Helin of OUSPG.
  • [101624] High CVE-2011-3896: Buffer overflow in shader variable mapping. Credit to Ken “strcpy” Russell of the Chromium development community.
  • [102242] High CVE-2011-3897: Use-after-free in editing. Credit to pa_kt reported through ZDI (ZDI-CAN-1416).
  • [102461] Low CVE-2011-3898: Failure to ask for permission to run applets in JRE7. Credit to Google Chrome Security Team (Chris Evans).

New in version 17.0.932.0 Dev (November 8th, 2011)

  • Fixed possible hang when using the GPU (Issue: 102214).

New in version 17.0.928.0 Dev (November 4th, 2011)

  • Updated V8 - 3.6.6.3
  • Prompt the user if they want to cancel downloads occurring when the last Incognito Window of a profile is closed.
  • Panels are enabled by default (extensions-only, “Tasky” in Web Store is one example)
  • Adjustable margins supported in Print Preview.
  • Mouse Lock “Allow” permission (given via a prompt) is now saved in content settings per domain.

New in version 16.0.912.21 Beta (November 3rd, 2011)

  • Signing in to Chrome enables sync and brings your Chrome bookmarks and other personalized settings to all of your computers. Just go to the Wrench menu and select “Sign in to Chrome.”
  • Added a new feature that lets people who use a shared computer each have their own personalized Chrome, and lets them each sign in to Chrome to sync their stuff. To try it out, go to Options (Preferences on Mac), click Personal Stuff, and click "Add new user."

New in version 16.0.912.21 Dev (November 2nd, 2011)

  • This release contains stability fixes.

New in version 16.0.912.15 Dev (October 28th, 2011)

  • This release contains fixes for stability.

New in version 16.0.912.12 Dev (October 27th, 2011)

  • Add a special UAM to isolate kills on the 912 branch

New in version 15.0.874.106 (October 26th, 2011)

  • This release fixes login issues to Barrons Online and The Wall Street Journal

New in version 15.0.874.102 (October 26th, 2011)

  • [$500] [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to Jordi Chancel.
  • [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit to Jordi Chancel.
  • [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of download filenames. Credit to Marc Novak.
  • [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to Google Chrome Security Team (Tom Sepez) plus independent discovery by Juho Nurminen.
  • [94487] Medium CVE-2011-3878: Race condition in worker process initialization. Credit to miaubiz.
  • [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to Masato Kinugawa.
  • [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit to Vladimir Vorontsov, ONsec company.
  • [$12174] [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin policy violations. Credit to Sergey Glazunov.
  • [96292] High CVE-2011-3882: Use-after-free in media buffer handling. Credit to Google Chrome Security Team (Inferno).
  • [$1000] [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to miaubiz.
  • [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to Brian Ryner of the Chromium development community.
  • [$6337] [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale style bugs leading to use-after-free. Credit to miaubiz.
  • [$2000] [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to Christian Holler.
  • [$1500] [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to Sergey Glazunov.
  • [$1000] [99138] High CVE-2011-3888: Use-after-free with plug-in and editing. Credit to miaubiz.
  • [$2000] [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
  • [99553] High CVE-2011-3890: Use-after-free in video source handling. Credit to Ami Fischman of the Chromium development community.
  • [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to Steven Keuchel of the Chromium development community plus independent discovery by Daniel Divricean.

New in version 15.0.874.102 Beta (October 22nd, 2011)

  • Includes a crash fix (75604) and a fix to crash reporting on Linux.

New in version 16.0.912.4 Dev (October 21st, 2011)

  • Updated V8 - 3.6.6.5
  • Fixed stability issue in Print and Instant
  • Fixed bugs introduced in the last Dev Channel release with Pepper 3D on Mac OS X, primarily affecting Native Client applications using OpenGL.(Issue: 100507)

New in version 15.0.874.100 Beta (October 20th, 2011)

  • Updated V8 - 3.5.10.22
  • Numerous buffering fixes and optimizations for HTML5 media elements. (99775, 99749, 100439)
  • Tuned the omnibox to recognize more types of inputs as intranet navigations (99131, 94806)
  • Fixed several crashes and hangs (98975, 98948, 98955, 96861)
  • Fixed Omnibox enters keyword search mode incorrectly (95454)

New in version 16.0.912.0 Dev (October 19th, 2011)

  • All:
  • Updated V8 - 3.6.6.3
  • Native Client and Pepper plug-ins will be able to go use First Person controls for games and other applications after they go full screen and lock the mouse cursor. See PPB_MouseLock::LockMouse.
  • Mac:
  • Chrome now offers improved battery life on Mac laptops with dual (integrated and discrete) GPUs. Currently the improvement is present on 2011 MacBook Pros running OS X 10.7.1, but will take effect on more machines as OS software updates are released.
  • Known Issues:
  • Printing does not work - crashes the tab.
  • Crash in Instant (Issue 100521). Fixed on trunk; workaround is to disable Instant (if it’s already disabled and still crashes, please re-enable and disable, using the checkbox in Preferences -> Basics).

New in version 15.0.874.92 Beta (October 13th, 2011)

  • Updated V8 - 3.5.10.17
  • Fixed crash during Print Preview (96063)
  • Fixed excessive margins in printing (92000)
  • Fixed large downloads don't show progress (94468)
  • Fixed Netflix/Silverlight error (97319)
  • Disabled acceleration for background pages (96006)
  • Restored the old bookmark menus (93674)
  • Added support for an optional "requirements" section in extension/app manifests (99241)

New in version 16.0.904.0 Dev (October 11th, 2011)

  • More polish to the avatar menu bubble
  • [r103959] Restored the old bookmark menus (Issue 93674)

New in version 15.0.874.83 Beta (October 7th, 2011)

  • All:
  • Updated V8 - 3.5.10.16
  • Only deliver extension messages to contexts that care (96544, 76571)
  • Fix scrolling of full-frame pdf docs in accelerated compositing mode (93482)
  • Mac:
  • Fixed PDF printing so headers and footers will only be added for HTML pages. (95225)
  • Fix speech input keyboard shortcut (97902)

New in version 14.0.835.202 (October 5th, 2011)

  • This release contains Adobe Flash Player 11, along with the stability and security fixes listed below:
  • [$1000] [93788] High CVE-2011-2876: Use-after-free in text line box handling. Credit to miaubiz.
  • [$1000] [95072] High CVE-2011-2877: Stale font in SVG text handling. Credit to miaubiz.
  • [$2000] [95671] High CVE-2011-2878: Inappropriate cross-origin access to the window prototype. Credit to Sergey Glazunov.
  • [96150] High CVE-2011-2879: Lifetime and threading issues in audio node handling. Credit to Google Chrome Security Team (Inferno).
  • [$4500] [97451] [97520] [97615] High CVE-2011-2880: Use-after-free in the v8 bindings. Credit to Sergey Glazunov.
  • [$1500] [97784] High CVE-2011-2881: Memory corruption with v8 hidden objects. Credit to Sergey Glazunov.
  • [98089] Critical CVE-2011-3873: Memory corruption in shader translator. Credit to Zhenyao Mo of the Chromium development community.

New in version 15.0.874.81 Beta (October 5th, 2011)

  • All:
  • Updated V8 - 3.5.10.15
  • Match main window notification subscription/unsubscription in BookmarkBarController
  • Fixed a deadlock induced by this pref being set in response to bookmark sync events (97955)
  • Enable floating bookmarks bar for NTP4 for M15 beta branch (98572)
  • Mac:
  • Fixed bug where dragging bookmark-lets containing mixed character escape sequences (89394,86643,82283)
  • Fixed bug where previously minimized windows will re-minimize (97238)

New in version 16.0.899.0 Dev (October 4th, 2011)

  • All:
  • Updated V8 - 3.6.4.1
  • FTP: fixed compatibility issue with ftp.comconlink.co.za, issue 98212
  • HTML5 audio uses faster method of communications between host and renderer, thus reducing lag for Javascript objects; should be most noticeable in games, issue 61022
  • Fixed many known stability issues.
  • Mac:
  • Tweaks to the multiuser avatar menu

New in version 15.0.874.58 Beta / 14.0.835.187 (October 3rd, 2011)

  • These updates should help repair Chrome installs that were broken due to the issue with Microsoft Security Essentials,

New in version 15.0.874.54 Beta (September 30th, 2011)

  • All:
  • Updated V8 - 3.5.10.14
  • Notification promos work with New Tab Page (Issue: 93201)
  • Mac:
  • Follow the system preferences for session restore on Lion (Issue: 75814)
  • Chrome Frame:
  • Resolved Chrome Frame leaving itself in user agent after uninstallation (Issue: 94848)
  • IE Security protected mode warning when opening link in gmail (Issue: 95810)

New in version 15.0.874.51 Beta (September 28th, 2011)

  • All:
  • Updated V8 - 3.5.10.13
  • Several crash fixes (including 96727, 93314, 97165, 96282)
  • Intranet URLs don't inline autocomplete (Issue 94805)
  • The New Tab Page bookmark pane has been reverted to the detached bar pending future improvements to the pane version. Thanks for all the feedback! (Issue: 92609)
  • Only show NTP4 info bubble for upgrading users (Issue 97103)
  • Sync not enforcing server legal bookmark names when migrating to new specifics (Issue 96623)

New in version 16.0.891.0 Dev (September 27th, 2011)

  • Linux: Enabled Native Client for 32-bit Linux and also addresses a performance issue for Native Client on Intel Atom CPUs. [Issue: 92964], [nativeclient: 480]
  • Linux: Fixed fetching proxy settings on Gnome 3 systems when glib2-dev package is not installed. [Issue: 91744]
  • All: Fixed many known stability issues.

New in version 15.0.874.24 Beta (September 23rd, 2011)

  • A brand new New Tab Page
  • Javascript Fullscreen API is now enabled by default
  • Chrome Web Store items can now be installed inline by their verified site (more information for developers can be found here.)
  • Omnibox History is now an additional sync data type

New in version 16.0.889.0 Dev (September 23rd, 2011)

  • Updated V8 - 3.6.4.0
  • FTP: fixed compatibility with servers which send 451 response for CWD command. (Issue 96401)
  • Enabled multi-users (multi-profiles) by default.
  • Fixed many known stability issues.

New in version 15.0.874.21 Dev (September 21st, 2011)

  • All:
  • Fixed a bug that caused a crash if you tried to use the speech input keystroke (Ctrl+Shift+Period) on a (non-speech-enabled) textarea.
  • Fixed many known stability issues.
  • Mac:
  • Added bubble UI to notify the user when a page requests fullscreen mode.
  • Fixed a bug where pages requesting fullscreen mode on OS X Lion would put the browser into fullscreen mode rather than presentation mode.

New in version 14.0.835.186 (September 21st, 2011)

  • This release includes an update to Flash Player that addresses a zero-day vulnerability.

New in version 15.0.874.15 Dev (September 16th, 2011)

  • Updated V8 3.5.10.9
  • JavaScript fullscreen API now enabled by default.
  • Bug fixes and visual improvements for the New Tab Page.
  • Fixed many known stability issues.

New in version 14.0.835.163 Beta (September 15th, 2011)

  • This release re-enables the enhanced completion functionality and takes some additional stability patches.

New in version 15.0.874.12 Dev (September 14th, 2011)

  • Updated V8 3.5.10.7
  • Print preview issues with self-closing popups have been fixed.
  • Fixed many known stability issues.

New in version 14.0.835.162 Beta (September 13th, 2011)

  • Re-enables chrome:flags and disables some of the enhanced completion functionality, that we introduced in 13.0, for the omnibox.

New in version 14.0.835.159 Beta (September 9th, 2011)

  • This release disables chrome:flags. We are currently investigating some stability issues and are looking to see how greatly flags usage contributes to our stability metrics, hence we are temporarily disabling them.

New in version 15.0.874.3 Dev (September 8th, 2011)

  • All:
  • Updated V8 3.6.0.0
  • Fixed a possible sync crash triggered by encryption of all sync data.
  • The --enable-accelerated-plugins flag was changed to --disable-accelerated-plugins. Pepper Plugins are now accelerated by default.
  • Fixed a crash when deleting cookies from chrome://settings/clearBrowserData.
  • Enable new client-side phishing detection for non-UMA users (previously UMA-only). When local heuristics trigger, sends only limited information that does not identify the page, such as a prefix of the hash of the URL, and other non-identifiable features such as whether you've visited the page before. [r99582]
  • Fixed many known stability issues.
  • Mac:
  • Fixed dragging of apps on NTP [r99110]

New in version 14.0.835.157 Beta (September 7th, 2011)

  • This release has a number of stability fixes, along with revoking trust for SSL certificates issued by DigiNotar-controlled intermediate CAs used by the Dutch PKIoverheid program.

New in version 13.0.782.220 (September 5th, 2011)

  • We're revoking trust for SSL certificates issued by DigiNotar-controlled intermediate CAs used by the Dutch PKIoverheid program.

New in version 14.0.835.126 Beta (September 2nd, 2011)

  • This release has disabled accelerated 2D canvas for Windows, along with other stability fixes.

New in version 14.0.835.124 Beta (September 1st, 2011)

  • This release contains fixes for a number of plugin stability issues and other bugs.

New in version 14.0.835.122 Beta (August 31st, 2011)

  • This release contains fixes for a number of stability issues along with other bugs, and an updated version of Adobe Flash Player.

New in version 13.0.782.218 (August 30th, 2011)

  • These releases contain an updated version of the Adobe Flash Player.

New in version 15.0.865.0 Dev (August 30th, 2011)

  • All:
  • Updated V8 3.5.8.0
  • r98474: Fixed some downloads crashers occurring due to over-aggressive consistency checks.
  • Print Preview is working once again.
  • Fixed issue where turning on sync encryption could remove bookmark titles.

New in version 15.0.861.0 Dev (August 25th, 2011)

  • All:
  • Updated V8 3.5.7.0
  • Fixes a blank popup issue for extensions (Issue: 92669).
  • Windows:
  • Fixed many of the common crashes.
  • Mac:
  • Fixed many of the common crashes.
  • Workaround put in place for crashes in Chrome’s GPU process with some NVIDIA hardware (Issue: 89557).
  • Linux:
  • Fixes being unable to close tabs by clicking the ‘x’ button on the tab (Issue: 92771).

New in version 14.0.835.109 Beta (August 24th, 2011)

  • This release contains fixes for a number of stability issues along with other bugs.

New in version 13.0.782.215 (August 23rd, 2011)

  • [$1000] [Windows only] [72492] Medium CVE-2011-2822: URL parsing confusion on the command line. Credit to Vladimir Vorontsov, ONsec company.
  • [82552] High CVE-2011-2823: Use-after-free in line box handling. Credit to Google Chrome Security Team (SkyLined) and independent later discovery by miaubiz.
  • [$1000] [88216] High CVE-2011-2824: Use-after-free with counter nodes. Credit to miaubiz.
  • [88670] High CVE-2011-2825: Use-after-free with custom fonts. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1283), plus indepdendent later discovery by miaubiz.
  • [$1000] [89402] High CVE-2011-2821: Double free in libxml XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
  • [$1000] [87453] High CVE-2011-2826: Cross-origin violation with empty origins. Credit to Sergey Glazunov.
  • [$1337] [Windows only] [89836] Critical CVE-2011-2806: Memory corruption in vertex handing. Credit to Michael Braithwaite of Turbulenz Limited.
  • [$1000] [90668] High CVE-2011-2827: Use-after-free in text searching. Credit to miaubiz.
  • [91517] High CVE-2011-2828: Out-of-bounds write in v8. Credit to Google Chrome Security Team (SkyLined).
  • [$1500] [32-bit only] [91598] High CVE-2011-2829: Integer overflow in uniform arrays. Credit to Sergey Glazunov.
  • [$1000] [Linux only] [91665] High CVE-2011-2839: Buggy memset() in PDF. Credit to Aki Helin of OUSPG.

New in version 15.0.854.0 Dev (August 17th, 2011)

  • All:
  • Updated V8 3.5.5.0
  • [r96420] Fixed uninstalls for forced install extensions [Issue 86519]
  • Fixed many known stability issues
  • Mac:
  • [r96851] New multi-profile UI
  • [r96393] Fixed bookmark menu translation [Issue 92410]

New in version 14.0.835.94 Beta (August 16th, 2011)

  • This release contains fixes for a number of stability issues along with other bugs.

New in version 15.0.849.1 Dev (August 12th, 2011)

  • All:
  • Updated V8 3.5.2.0
  • [r96275] FTP: added directory listing parser for OS/2 format, Issue 92154
  • [r96073] FTP: fix directory listing parsing for Hylafax, Issue 90807
  • Large speed improvement for print preview
  • This release also contains fixes for many known stability issues.
  • Mac:
  • [r95609] Replace the bookmark folder menus with native menus
  • [r96244] No overlay scrollbar in PDF on Lion, Issue 90530

New in version 14.0.835.35 Dev (August 11th, 2011)

  • This release contains an updated version of full screen mode for Mac OS X Lion, along with fixes for a number of stability issues on Lion and other platforms.

New in version 13.0.782.112 (August 9th, 2011)

  • Updated version of Flash Player.

New in version 14.0.835.29 Dev (August 9th, 2011)

  • This release contains fixes for a number of issues, along with increased stability on Mac OS X Lion.

New in version 14.0.835.18 Dev (August 5th, 2011)

  • This release contains fixes for print preview and other stability issues

New in version 13.0.782.107 (August 2nd, 2011)

  • [75821] Medium CVE-2011-2358: Always confirm an extension install via a browser dialog. Credit to Sergey Glazunov.
  • [$1000 each] [78841] High CVE-2011-2359: Stale pointer due to bad line box tracking in rendering. Credit to miaubiz and Martin Barbella.
  • [79266] Low CVE-2011-2360: Potential bypass of dangerous file prompt. Credit to kuzzcc.
  • [79426] Low CVE-2011-2361: Improve designation of strings in the basic auth dialog. Credit to kuzzcc.
  • [Linux only] [81307] Medium CVE-2011-2782: File permissions error with drag and drop. Credit to Evan Martin of the Chromium development community.
  • [83273] Medium CVE-2011-2783: Always confirm a developer mode NPAPI extension install via a browser dialog. Credit to Sergey Glazunov.
  • [83841] Low CVE-2011-2784: Local file path disclosure via GL program log. Credit to kuzzcc.
  • [84402] Low CVE-2011-2785: Sanitize the homepage URL in extensions. Credit to kuzzcc.
  • [84600] Low CVE-2011-2786: Make sure the speech input bubble is always on-screen. Credit to Olli Pettay of Mozilla.
  • [84805] Medium CVE-2011-2787: Browser crash due to GPU lock re-entrancy issue. Credit to kuzzcc.
  • [85559] Low CVE-2011-2788: Buffer overflow in inspector serialization. Credit to Mikołaj Małecki.
  • [$500 each] [85808] Medium CVE-2011-2789: Use after free in Pepper plug-in instantiation. Credit to Mario Gomes and kuzzcc.
  • [$1000] [86502] High CVE-2011-2790: Use-after-free with floating styles. Credit to miaubiz.
  • [$1000] [86900] High CVE-2011-2791: Out-of-bounds write in ICU. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.
  • [$1000] [87148] High CVE-2011-2792: Use-after-free with float removal. Credit to miaubiz.
  • [$1000] [87227] High CVE-2011-2793: Use-after-free in media selectors. Credit to miaubiz.
  • [$500] [87298] Medium CVE-2011-2794: Out-of-bounds read in text iteration. Credit to miaubiz.
  • [$500] [87339] Medium CVE-2011-2795: Cross-frame function leak. Credit to Shih Wei-Long.
  • [87548] High CVE-2011-2796: Use-after-free in Skia. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community.
  • [$1000] [87729] High CVE-2011-2797: Use-after-free in resource caching. Credit to miaubiz.
  • [87815] Low CVE-2011-2798: Prevent a couple of internal schemes from being web accessible. Credit to sirdarckcat of the Google Security Team.
  • [$1000] [87925] High CVE-2011-2799: Use-after-free in HTML range handling. Credit to miaubiz.
  • [$500] [88337] Medium CVE-2011-2800: Leak of client-side redirect target. Credit to Juho Nurminen.
  • [$1000] [88591] High CVE-2011-2802: v8 crash with const lookups. Credit to Christian Holler.
  • [88827] Medium CVE-2011-2803: Out-of-bounds read in Skia paths. Credit to Google Chrome Security Team (Inferno).
  • [$1000] [88846] High CVE-2011-2801: Use-after-free in frame loader. Credit to miaubiz.
  • [$1000] [88889] High CVE-2011-2818: Use-after-free in display box rendering. Credit to Martin Barbella.
  • [$500] [89142] High CVE-2011-2804: PDF crash with nested functions. Credit to Aki Helin of OUSPG.
  • [$1500] [89520] High CVE-2011-2805: Cross-origin script injection. Credit to Sergey Glazunov.
  • [$1500] [90222] High CVE-2011-2819: Cross-origin violation in base URI handling. Credit to Sergey Glazunov.

New in version 14.0.835.15 Dev (August 2nd, 2011)

  • This release contains fixes for sync and stability.

New in version 14.0.835.8 Dev (July 29th, 2011)

  • All:
  • Updated V8 - 3.4.14.2
  • [r94125] Unable to open PDF files (bug 90535)
  • Mac:
  • [r94122] Respect natural/inverted scroll direction on Lion when gesturing (bug 90342)

New in version 14.0.835.0 Dev (July 27th, 2011)

  • Please note, PDF viewing is broken in this release, a fix will be release for this later in the week.
  • All:
  • Updated V8 - 3.4.13.0
  • Implemented WebSocket HyBi 10 handshake and framing.
  • Mac:
  • [r93720] Add two-finger gesture support for Lion, which respects the system preference (Issue 78676)
  • [r93080, 93446] Multi-profile UI improvements (Issues 86179, 90026)
  • Native Client has been disabled for official releases of OS X 10.6.7 and earlier using a 64-bit kernel (Native Client Issue 1712)

New in version 14.0.825.0 Dev (July 19th, 2011)

  • Updated V8 - 3.4.12.1

New in version 13.0.782.55 Beta / 12.0.742.122 (July 13th, 2011)

  • These releases contain an updated version of the Adobe Flash Player.

New in version 14.0.814.0 Dev (July 12th, 2011)

  • Updated V8 - 3.4.7.0

New in version 12.0.742.112 (June 29th, 2011)

  • [$1000] [77493] Medium CVE-2011-2345: Out-of-bounds read in NPAPI string handling. Credit to Philippe Arteau.
  • [$1000] [84355] High CVE-2011-2346: Use-after-free in SVG font handling. Credit to miaubiz.
  • [$1000] [85003] High CVE-2011-2347: Memory corruption in CSS parsing. Credit to miaubiz.
  • [$500] [85102] High CVE-2011-2350: Lifetime and re-entrancy issues in the HTML parser. Credit to miaubiz.
  • [$500] [85177] High CVE-2011-2348: Bad bounds check in v8. Credit to Aki Helin of OUSPG.
  • [$1000] [85211] High CVE-2011-2351: Use-after-free with SVG use element. Credit to miaubiz.
  • [$1000] [85418] High CVE-2011-2349: Use-after-free in text selection. Credit to miaubiz.

New in version 14.0.803.0 Dev (June 28th, 2011)

  • All:
  • Updated V8 - 3.4.6.2
  • [r90216] Change the meaning of third-party cookie blocking to allow whitelists (Issue 82039)
  • Mac:
  • Relaunches do not work in this release. You will need to manually relaunch Chrome following a forced update, an about:flags change, or any other action that attempts to relaunch the browser. (Issue 87646)

New in version 14.0.797.0 Dev (June 21st, 2011)

  • All:
  • Updated V8 - 3.4.4.0
  • Mac:
  • Improved support for the textarea element with VoiceOver.
  • Resolved Issues:
  • Print workflow: Chrome Frame displays both Print Dialog and Print Preview (Issue: 86226)
  • Crash when canceling print (Issue: 86229)
  • Mouse back and forward buttons stopped working (Issue: 84836)

New in version 14.0.794.0 Dev (June 17th, 2011)

  • All:
  • Updated V8 - 3.4.3.0
  • When installing items from the chrome webstore, we now always prompt with a native confirmation dialog.
  • Fix for failing navigation with chrome://newtab showing.
  • Mac:
  • Fixed “invalid server certificate” errors for some secure websites whose CRLs or OCSP responses are signed by untrusted root CAs.
  • Security:
  • DNSSEC authenticated HTTPS supported.
  • Intermittent connectivity issues with broken SSLv3 servers fixed.

New in version 13.0.782.24 Dev (June 16th, 2011)

  • This release contains a number of stability fixes and the Flash update.

New in version 12.0.742.100 (June 15th, 2011)

  • This release contains an updated version of Adobe Flash.

New in version 13.0.782.20 Dev (June 14th, 2011)

  • This release contains a number of stability fixes and we put hardware accelerated Canvas 2D back behind a flag.

New in version 13.0.782.15 Dev (June 10th, 2011)

  • Contains a number of stability fixes.

New in version 13.0.782.13 Dev (June 9th, 2011)

  • This release contains a number of UI tweaks and stabilities fixes.

New in version 13.0.782.11 Dev (June 8th, 2011)

  • This release contains a number of UI tweaks and stabilities fixes.

New in version 12.0.742.91 Beta (June 7th, 2011)

  • Includes a number of new features and updates, including:
  • Hardware accelerated 3D CSS
  • New Safe Browsing protection against downloading malicious files
  • Ability to delete Flash cookies from inside Chrome
  • Launch Apps by name from the Omnibox
  • Integrated Sync into new settings pages
  • Improved screen reader support
  • New warning when hitting Command-Q on Mac
  • Removal of Google Gears
  • Security fixes and rewards:
  • [$2000] [73962] [79746] High CVE-2011-1808: Use-after-free due to integer issues in float handling. Credit to miaubiz.
  • [75496] Medium CVE-2011-1809: Use-after-free in accessibility support. Credit to Google Chrome Security Team (SkyLined).
  • [75643] Low CVE-2011-1810: Visit history information leak in CSS. Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability Research (MSVR).
  • [76034] Low CVE-2011-1811: Browser crash with lots of form submissions. Credit to “DimitrisV22”.
  • [$1337] [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to kuzzcc.
  • [78516] High CVE-2011-1813: Stale pointer in extension framework. Credit to Google Chrome Security Team (Inferno).
  • [79362] Medium CVE-2011-1814: Read from uninitialized pointer. Credit to Eric Roman of the Chromium development community.
  • [79862] Low CVE-2011-1815: Extension script injection into new tab page. Credit to kuzzcc.
  • [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit to kuzzcc.
  • [$500] [81916] Medium CVE-2011-1817: Browser memory corruption in history deletion. Credit to Collin Payne.
  • [$1000] [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to miaubiz.
  • [$1000] [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages. Credit to Vladislavas Jarmalis, plus subsequent independent discovery by Sergey Glazunov.
  • [$3133.7] [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey Glazunov.
  • [$1000] [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey Glazunov.

New in version 13.0.782.10 Dev (June 6th, 2011)

  • This release contains an updated version of Adobe Flash.

New in version 13.0.782.4 Dev (June 4th, 2011)

  • Fixes a start-up crash regression.

New in version 12.0.742.77 Beta (June 3rd, 2011)

  • This release contains a small number of UI updates and performance fixes.

New in version 13.0.782.1 Dev (June 2nd, 2011)

  • Print preview refinements
  • IndexedDB+LevelDB made available in about:flags
  • Canvas 2D moved out from behind a flag (on by default)

New in version 12.0.742.68 Beta (May 26th, 2011)

  • This release contains a small number of UI updates and performance fixes.

New in version 11.0.696.71 (May 25th, 2011)

  • [72189] Low CVE-2011-1801: Pop-up blocker bypass. Credit to Chamal De Silva.
  • [$1000] [82546] High CVE-2011-1804: Stale pointer in floats rendering. Credit to Martin Barbella.
  • [82873] Critical CVE-2011-1806: Memory corruption in GPU command buffer. Credit to Google Chrome Security Team (Cris Neckar).
  • [82903] Critical CVE-2011-1807: Out-of-bounds write in blob handling. Credit to Google Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium development community.
  • The following bugs were fixed:
  • REGRESSION: selection extended by arrow keys flickers on LinkedIn.com. (Issue 83197).
  • Have ConnectBackupJob try IPv4 first to hide potential long IPv6 connect timeout (Issue 81686).
  • Mac plugin crashes are too low in stats (Issue 82172).
  • Incorrect ACLs on the archived copy of setup.exe (Issue 82424)

New in version 13.0.772.0 Dev (May 24th, 2011)

  • Updated V8 - 3.3.8.1
  • Continued work on Print Preview
  • Making progress on rel:preload
  • Crash fixes

New in version 12.0.742.60 Beta (May 19th, 2011)

  • This release contains a number of UI tweaks and performance fixes.

New in version 13.0.767.1 Dev (May 18th, 2011)

  • Print preview work continues
  • Omnibox string matching improvements

New in version 12.0.742.53 Beta (May 14th, 2011)

  • This release contains a number of UI tweaks and performance fixes.

New in version 11.0.696.68 (May 13th, 2011)

  • Security fixes and rewards:
  • Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
  • [64046] High CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit to Google Chrome Security Team (SkyLined).
  • [80608] High CVE-2011-1800: Integer overflows in SVG filters. Credit to Google Chrome Security Team (Cris Neckar).
  • This version also contains Flash Player 10.3 which is an incremental release with improved stability, enhanced security and user privacy protection, and new capabilities for enterprises and developers. For more information, see the Adobe Flash Player release notes.

New in version 12.0.742.30 Beta (May 9th, 2011)

  • Hardware accelerated 3D CSS
  • New Safe Browsing protection against downloading malicious files
  • Ability to delete Flash cookies from inside Chrome
  • Launch Apps by name from the Omnibox
  • Integrated Sync into new settings pages
  • Improved screen reader support
  • New warning when hitting Command-Q on Mac
  • Removal of Google Gears

New in version 12.0.742.30 Dev (May 7th, 2011)

  • This release contains an updated version of Flash.

New in version 11.0.696.65 Beta (May 7th, 2011)

  • After deleting bookmarks on the Bookmark managers, the bookmark bar doesn't display properly with existing bookmarks. (Issue 80580).
  • About Google Chrome window shows unknown channel for 11.0.696.57 (Issue 80683).
  • Chrome/Mac seems to clobber focus when uploading attachments to Gmail with the flash-based uploader (Issue 77172).
  • Also included is an updated version of Flash Player 10.2.

New in version 12.0.742.21 Dev (May 6th, 2011)

  • This release contains fixes for a number of UI, performance, and stability issues. It also contains an update for Mac [bug 80602] that fixes garbage being displayed when the accelerated compositor was active. This primarily affected 3D CSS transforms and WebGL content.

New in version 12.0.742.16 Dev (May 3rd, 2011)

  • This release continues to address UI and performance issues, as well as a fix for non-Aero themes on Windows.

New in version 12.0.742.12 Dev (April 29th, 2011)

  • This release continues to address UI and performance issues, as well as updates the Sync preferences UI.

New in version 11.0.696.60 (April 29th, 2011)

  • REGRESSION: Windows painting issue while switching Chrome 11 window with overlapped app. (Issue 74604).

New in version 11.0.696.57 (April 27th, 2011)

  • [61502] High CVE-2011-1303: Stale pointer in floating object handling. Credit to Scott Hess of the Chromium development community and Martin Barbella.
  • [70538] Low CVE-2011-1304: Pop-up block bypass via plug-ins. Credit to Chamal De Silva.
  • [Linux / Mac only] [70589] Medium CVE-2011-1305: Linked-list race in database handling. Credit to Kostya Serebryany of the Chromium development community.
  • [71586] Medium CVE-2011-1434: Lack of thread safety in MIME handling. Credit to Aki Helin.
  • [72523] Medium CVE-2011-1435: Bad extension with ‘tabs’ permission can capture local files. Credit to Cole Snodgrass.
  • [73526] High CVE-2011-1437: Integer overflows in float rendering. Credit to miaubiz.
  • [74653] High CVE-2011-1438: Same origin policy violation with blobs. Credit to kuzzcc.
  • [75186] High CVE-2011-1440: Use-after-free with tag and CSS. Credit to Jose A. Vazquez.
  • [75347] High CVE-2011-1441: Bad cast with floating select lists. Credit to Michael Griffiths.
  • [75801] High CVE-2011-1442: Corrupt node trees with mutation events. Credit to Sergey Glazunov and wushi of team 509.
  • [76001] High CVE-2011-1443: Stale pointers in layering code. Credit to Martin Barbella.
  • [76646] Medium CVE-2011-1445: Out-of-bounds read in SVG. Credit to wushi of team509.
  • [76666] [77507] [78031] High CVE-2011-1446: Possible URL bar spoofs with navigation errors and interrupted loads. Credit to kuzzcc.
  • [76966] High CVE-2011-1447: Stale pointer in drop-down list handling. Credit to miaubiz.
  • [77130] High CVE-2011-1448: Stale pointer in height calculations. Credit to wushi of team509.
  • [77346] High CVE-2011-1449: Use-after-free in WebSockets. Credit to Marek Majkowski.
  • [77349] Low CVE-2011-1450: Dangling pointers in file dialogs. Credit to kuzzcc.
  • [77463] High CVE-2011-1451: Dangling pointers in DOM id map. Credit to Sergey Glazunov.
  • [77786] Medium CVE-2011-1452: URL bar spoof with redirect and manual reload. Credit to Jordi Chancel.
  • [79199] High CVE-2011-1454: Use-after-free in DOM id handling. Credit to Sergey Glazunov.
  • [79361] Medium CVE-2011-1455: Out-of-bounds read with multipart-encoded PDF. Credit to Eric Roman of the Chromium development community.
  • [79364] High CVE-2011-1456: Stale pointers with PDF forms. Credit to Eric Roman of the Chromium development community.

New in version 11.0.696.57 Beta (April 27th, 2011)

  • The following bugs were fixed:
  • REGRESSION: left property broken with position:fixed elements in RTL documents. (Issue 80216).
  • REGRESSION: Bottom of window Border is drawn 1 Pixel Higher than it should be (Issue 79640).
  • REGRESSION: Chromium window goes beyond the screen for non-Aero themes (Issue 80391

New in version 12.0.742.9 Dev (April 26th, 2011)

  • Continues to address UI and performance issues, as well as updates the Sync preferences UI.

New in version 12.0.742.5 Dev (April 23rd, 2011)

  • This release fixes a regression with sync along with other bugs.

New in version 12.0.742.0 Dev (April 21st, 2011)

  • This release contains stability and performance fixes.

New in version 11.0.696.50 Beta (April 19th, 2011)

  • The following bugs were fixed:
  • Flash does not load until the tab gets activated. (Issue 71591).
  • Going to settings from notification popup crashes Chrome (Issue 78938).
  • Disable speech input for readonly and disabled input fields (Issue 58540 ).
  • Renamed Blob.slice to Blob.webkitSlice and changed it to take start and end parameters. Also renamed BlobBuilder to WebKitBlobBuilder

New in version 10.0.648.205 (April 15th, 2011)

  • [75629] Critical CVE-2011-1301: Use-after-free in the GPU process. Credit to Google Chrome Security Team (Inferno).
  • [$1000] [78524] Critical CVE-2011-1302: Heap overflow in the GPU process. Credit to Christoph Diehl.

New in version 12.0.733.0 Dev (April 13th, 2011)

  • Contains updates focused on stability and UI tweaks.

New in version 11.0.696.43 Beta (April 13th, 2011)

  • Passwords sync: passwords sync commits after EVERY browser restart (Issue 78548).
  • Autofill fails to fill forms (Issue 78509).
  • a few known crashes (Issue 78688, Issue 68350, Issue 77665, Issue 74585, Issue 76092, Issue 77219 and Issue 77447).
  • Redirect to my site without CFInstall.js (Issue 60018).
  • Update Silverlight v3 version metadata (Issue 78005).
  • Blocked plug-in dialog: make sure "Run this time" button is the first one (Issue 78120).
  • Policy: Proxy configuration over policy does not work. (Issue 78016).
  • Editing style adds the word "initial" for any property value that uses a paren (Issue 75302).
  • Google Chrome Helper doesn't quit, killing it relaunches a new helper process (Issue 74983).

New in version 12.0.725.0 Dev (April 6th, 2011)

  • All:
  • Updated V8 - 3.2.6.0
  • Spring cleaning in the code, lots of code cleanup and refactoring under the covers
  • Windows:
  • Continued work on tab multi-select
  • Known Issues:
  • 78475 Regression: Bidi Chrome UI lost directional diplay in menu and DOMUI and about: page functions
  • 78501 Regression: NACL apps are no longer working
  • 78509 Regression: Autofill fails on certain forms
  • 78073 Regression: Autocomplete sometimes pops up in the upper left corner

New in version 11.0.696.34 Beta (April 5th, 2011)

  • The following bugs were fixed:
  • Duplicate desktop icon is created using First Run UI even if it's present (Issue 5073).
  • FLACEncoder::Encode has mismatched free (Issue 77653).
  • Switch from using Speex to FLAC for speech input requests (Issue 61677).
  • Chrome hangs on form submit with lots of stored Autofill profiles (Issue 75862).
  • Browser crash if tab is closed while page is being downloaded (Issue 76963).

New in version 11.0.696.28 Beta (April 1st, 2011)

  • Added localized translations.

New in version 11.0.696.25 Beta (March 29th, 2011)

  • The following bugs were fixed:
  • cloud print: Error running service on the headless machine (Issue 76991).
  • sync: Not registering for NIGORI data types (Issue 76268).
  • A known crash (Issue 76998 ).
  • REGRESSION: img of extensions not displayed in chrome://extensions within an incognito window (Issue 74905).
  • Cloud policy fetch loop upon POLICY_NOT_FOUND answer from the server (Issue 77232).
  • Token fetcher doesn't correctly enter unmanaged state (Issue 77185).
  • Memory Leak in ChromeFrame in the AutomationResourceMessageFilter::SetCookiesForUrl function (Issue 77421).
  • REGRESSION: Arrows not showing up on tabstrip while dropping links (Issue 74764).
  • Java: Direct users to the right download page (Issue 76634).
  • add es-419, fr-Foo and en-Foo and zh_HK/zh_Hant_HK to Accept-Language list(Issue 62715).

New in version 10.0.648.204 (March 25th, 2011)

  • [$500] [72517] High CVE-2011-1291: Buffer error in base string handling. Credit to Alex Turpin.
  • [$1000] [73216] High CVE-2011-1292: Use-after-free in the frame loader. Credit to Sławomir Błażek.
  • [$2000] [73595] High CVE-2011-1293: Use-after-free in HTMLCollection. Credit to Sergey Glazunov.
  • [$1500] [74562] High CVE-2011-1294: Stale pointer in CSS handling. Credit to Sergey Glazunov.
  • [$2000] [74991] High CVE-2011-1295: DOM tree corruption with broken node parentage. Credit to Sergey Glazunov.
  • [$1500] [75170] High CVE-2011-1296: Stale pointer in SVG text handling. Credit to Sergey Glazunov.

New in version 12.0.712.0 Dev (March 25th, 2011)

  • All:
  • Updated V8 - 3.2.3.1
  • Tab Multi-Select - The ability to select multiple tabs, using the ctrl key, and applying actions (e.g. reload) to them all.
  • Mac:
  • New and improved bookmark bar animations.

New in version 11.0.696.16 Beta (March 23rd, 2011)

  • HTML5 speech input API
  • GPU-accelerated 3D CSS
  • The brand new shiny Chrome icon

New in version 11.0.696.16 Dev (March 22nd, 2011)

  • cclicking on the labels of checkboxes / radio buttons closes content settings dialog box (Issue 76115).
  • Unlock Keyring makes chrome unusable (Issue 72499 ).
  • Sample extension for chrome.experimental.proxy API (Issue 62700 ).
  • Several known crashes (Issue 76401 and Issue 75264 ).

New in version 10.0.648.151 (March 18th, 2011)

  • This release blacklists a small number of HTTPS certificates.

New in version 11.0.696.14 Dev (March 18th, 2011)

  • about:gpu can still launch GPU process even though GPU is blocked by software rendering list (Issue 76115).
  • REGRESSION: After crash, Restore infobar shows up everytime you open a link from external app (Issue 75654 ).
  • App context-menu doesn't disappear even after uninstalling the extension, causes crash when selected (Issue 75662).
  • A known crash (Issue 74777).
  • Fails SPDY-related check (Issue 77893).

New in version 11.0.696.12 Dev (March 16th, 2011)

  • New York Times Chrome app crashes on the Chorme Dev Channel (Issue 75563).
  • Sync login dlg is truncated (Issue 72490 ).
  • Status bar / target URL not shown when hovering over links(Issue 75268).
  • Several known crashes (Issues 75171 and 75443 and 75828).
  • Bookmark focus is not lost when moved away from the bookmark bar (Issue 75367).
  • Tooltips from browser tabs are persisting for too long (Issue 75334 ).
  • Content settings updates don't reflect the current Incognito session(Issue 74466).
  • NewTabPage is not updating when a new theme is applied (Issue 74311).
  • fixed download requests in chrome frame which occur in response to top level POSTs (Issue 73985 ).
  • Chrome locks up on form submit, constantly duplicating autofill settings to blame(Issue 74911).

New in version 10.0.648.134 (March 16th, 2011)

  • Contains an updated version of the Adobe Flash player.

New in version 10.0.648.133 (March 12th, 2011)

  • [$1337] CVE-2011-1290 [75712] High Memory corruption in style handling. Credit to Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers reported through ZDI.

New in version 11.0.696.3 Dev (March 11th, 2011)

  • Can not select omnibox auto suggested entries by clicking at it (Issue 75366).
  • Linux: "Behavior " string is not externalized on the Exceptions page(Issue 74080).
  • Chromium not loading some plugins (Issue 75351).
  • POST omits body after NTLM authentication (Issue 62687).

New in version 11.0.696.0 Dev (March 9th, 2011)

  • All:
  • Updated V8 - 3.2.0.1
  • New “cookies and other data” page in tabbed settings (Issue 64154).
  • Mac:
  • Turned confirm to quit on by default (Issue 60591)
  • Tweak the Tab Overview UI (Issue 50307)
  • Cloud Print connector UI enabled.

New in version 10.0.648.127 Beta (March 4th, 2011)

  • [Bug 74709] Clicking "Disable individual plug-ins" in Options causes crash

New in version 10.0.648.126 Beta (March 3rd, 2011)

  • [Bug 74709] Clicking "Disable individual plug-ins" in Options causes crash

New in version 11.0.686.1 Dev (March 2nd, 2011)

  • This new build fixes the 74451 issue: "HTML5 videos don't play on Vimeo.com".

New in version 11.0.686.0 Dev (March 1st, 2011)

  • Updated V8 - 3.1.6.1
  • Accelerated compositing turned on by default (use --disable-accelerated-layers to disable).
  • Fixed a bug affecting the bookmark manager and other extensions. (Issue 43448)
  • FTP: fixed a compatibility issue. (Issue 72060)
  • Fix bugs related to the new infobar UI (Issue 73357) and Issue 73590))

New in version 9.0.597.107 (March 1st, 2011)

  • [54262] High URL bar spoof. Credit to Jordi Chancel.
  • [63732] High Crash with javascript dialogs. Credit to Sergey Radchenko.
  • [68263] High Stylesheet node stale pointer. Credit to Sergey Glazunov.
  • [68741] High Stale pointer with key frame rule. Credit to Sergey Glazunov.
  • [70078] High Crash with forms controls. Credit to Stefan van Zanden.
  • [70244] High Crash in SVG rendering. Credit to Sławomir Błażek.
  • [70376] Medium Out-of-bounds read in pickle deserialization. Credit to Evgeniy Stepanov of the Chromium development community.
  • [71114] High Stale node in table handling. Credit to Martin Barbella.
  • [71115] High Stale pointer in table rendering. Credit to Martin Barbella.
  • [71296] High Stale pointer in SVG animations. Credit to miaubiz.
  • [71386] High Stale nodes in XHTML. Credit to wushi of team509.
  • [71388] High Crash in textarea handling. Credit to wushi of team509.
  • [71595] High Stale pointer in device orientation. Credit to Sergey Glazunov.
  • [71717] Medium Out-of-bounds read in WebGL. Credit to miaubiz.
  • [71855] High Integer overflow in textarea handling. Credit to miaubiz.
  • [71960] Medium Out-of-bounds read in WebGL. Credit to Google Chrome Security Team (Inferno).
  • [72214] High Accidental exposure of internal extension functions. Credit to Tavis Ormandy of the Google Security Team.
  • [72437] High Use-after-free with blocked plug-ins. Credit to Chamal de Silva.
  • [73235] High Stale pointer in layout. Credit to Martin Barbella.

New in version 10.0.648.114 Beta (February 24th, 2011)

  • This release contains stability improvements and UI tweaks.

New in version 11.0.672.2 Dev (February 18th, 2011)

  • All:
  • Updated V8 - 3.1.4.0
  • Fixed the crash when loading tabbed options in some cases.
  • Fixed a crash triggered when canceling a download. (Issue 70592)
  • Fixed a crash triggered by form resubmissions. (Issue 70315)
  • FTP: fixed a compatibility issue. (Issue 70394)
  • XSS Auditor re-designed and enabled by default. It’s still experimental (and there are known bypasses), but we’re looking for feedback about false positives.
  • Mac:
  • Fixed a crash during plugin shutdown
  • Tab overview mode is on by default.
  • Added unspoofable infobars. (Issue 57106)
  • Accelerometer data is more reliable.

New in version 10.0.648.82 Beta (February 18th, 2011)

  • New version of V8 - Crankshaft - which greatly improves javascript performance
  • New settings pages that open in a tab, rather than a dialog box
  • Improved security with malware reporting and disabling outdated plugins by default
  • Password sync as part of Chrome Sync now enabled by default
  • GPU Accelerated Video
  • Background WebApps
  • webNavigation extension API

New in version 10.0.648.82 Dev (February 17th, 2011)

  • This release primarily contains stability fixes from the last dev channel.

New in version 10.0.648.45 Dev (February 9th, 2011)

  • This build contains the following updates:
  • Updated V8 - 3.0.12.12
  • Update Flash - 10.2
  • Many Crash fixes
  • Background applications UI cleanup
  • Additional settings UI cleanup
  • Fix for differential installers not applying cleanly
  • [r74051] Horizontal scroll should not move the options behind Settings. (Issue 71689)
  • [r74060] No sound in extension with Chromium (Issue 57263)

New in version 9.0.597.94 (February 8th, 2011)

  • Contains an updated version of Flash player (10.2), along with the following security fixes.
  • This release incorporates a new version of Flash (10.2), which is a security update.
  • [67234] High Stale pointer in animation event handling. Credit to Rik Cabanier.
  • [$1000] [68120] High Use-after-free in SVG font faces. Credit to miaubiz.
  • [$1000] [69556] High Stale pointer with anonymous block handling. Credit to Martin Barbella.
  • [69970] Medium Out-of-bounds read in plug-in handling. Credit to Bill Budge of Google.
  • [$1000] [70456] Medium Possible failure to terminate process on out-of-memory condition. Credit to David Warren of CERT/CC.

New in version 10.0.648.18 Dev (February 4th, 2011)

  • All:
  • Updated V8 - 3.0.12.8
  • [73562] Removed icon from View Background Pages menu item in wrench menu. (Issue: 71489)
  • [r73158] Fix crash on closing Download Manager (Issue: 71027)
  • [r73207] Auto-scroll while drag and dropping apps on the New Tab Page (Issue: 70965)
  • webNavigation extension API ready for testing (Issue: 60100)
  • Mac/Linux:
  • [r73163] Find bug where web text input would sometimes trigger find-in-page (Issue: 70644)

New in version 10.0.648.11 Dev (February 1st, 2011)

  • This build contains stability fixes and refinements to the new settings pages.

New in version 10.0.648.6 Dev (January 27th, 2011)

  • This build primarily contains stability fixes from the previous dev channel release.

New in version 9.0.597.83 Beta (January 26th, 2011)

  • This is primarily a stability/ minor bug fix release.

New in version 10.0.642.2 Dev (January 21st, 2011)

  • Updated V8 - 3.0.7.0
  • Many polish changes and fixes for the new tabbed preferences dialog
  • Several tweaks to Instant
  • [r71435] Integrate about:sync with the new tabbed preference dialog (Issue: 69500)
  • [r71519] Add “Save” and “Print” to the context menu of PDFs in frames (Issue: 50285)
  • [r71232] Make thumbnails closable in tab overview mode (Issue: 50307)
  • [71208] Fix color of favicon and tab overview thumbnails (Issues: 24267, 50307)
  • [r71575] Fix crash in translation code (Issue: 67594)
  • [r71324] Fix unable to re-open extension popups that were closed by clicking the browser action button (Issue: 56340)

New in version 9.0.597.67 Beta (January 19th, 2011)

  • Due to stability issues Flash Player sandboxing has been put behind a flag for 9.0. Accelerated composting and WebGL will remain on. The remaining set of changes for this release constituted bug and stability fixes.

New in version 8.0.552.237 (January 13th, 2011)

  • [58053] Medium Browser crash in extensions notification handling. Credit to Eric Roman of the Chromium development community.
  • [$1337] [65764] High Bad pointer handling in node iteration. Credit to Sergey Glazunov.
  • [66334] High Crashes when printing multi-page PDFs. Credit to Google Chrome Security Team (Chris Evans).
  • [$1000] [66560] High Stale pointer with CSS + canvas. Credit to Sergey Glazunov.
  • [$500] [66748] High Stale pointer with CSS + cursors. Credit to Jan Tošovský.
  • [67100] High Use after free in PDF page handling. Credit to Google Chrome Security Team (Chris Evans).
  • [$1000] [67208] High Stack corruption after PDF out-of-memory condition. Credit to Jared Allar of CERT.
  • [$1000] [67303] High Bad memory access with mismatched video frame sizes. Credit to Aki Helin of OUSPG; plus independent discovery by Google Chrome Security Team (SkyLined) and David Warren of CERT.
  • [$500] [67363] High Stale pointer with SVG use element. Credited anonymously; plus indepdent discovery by miaubiz.
  • [$1000] [67393] Medium Uninitialized pointer in the browser triggered by rogue extension. Credit to kuzzcc.
  • [$1000] [68115] High Vorbis decoder buffer overflows. Credit to David Warren of CERT.
  • [$1000] [68170] High Buffer overflow in PDF shading. Credit to Aki Helin of OUSPG.
  • [$1000] [68178] High Bad cast in anchor handling. Credit to Sergey Glazunov.
  • [$1000] [68181] High Bad cast in video handling. Credit to Sergey Glazunov.
  • [$1000] [68439] High Stale rendering node after DOM node removal. Credit to Martin Barbella; plus independent discovery by Google Chrome Security Team (SkyLined).
  • [$3133.7] [68666] Critical Stale pointer in speech handling. Credit to Sergey Glazunov.

New in version 10.0.634.0 Dev (January 12th, 2011)

  • Updated V8 - 3.0.6.1
  • Chrome no longer says "restart required" when there's no update (Issue 67478)

New in version 9.0.597.44 Beta (January 6th, 2011)

  • Flash Player sandboxing has been temporarily moved behind a flag --enable-flash-sandbox.

New in version 10.0.612.3 Dev (December 21st, 2010)

  • Correct a RegEx regression.

New in version 10.0.612.1 Dev (December 17th, 2010)

  • Updated V8 - 3.0.2.1
  • Updated WebKit - 534.15
  • Various minor tweaks to tab overview mode (Issue 50307)
  • 25% less logspew when loading the PDF plugin
  • Sandbox the GPU process (Issue 48607)
  • Experimental popup blocker animation
  • Fix stuck hover state in bookmark button (Issue 27073)

New in version 8.0.552.231 (December 16th, 2010)

  • This release contains a stability fix for web forms.

New in version 9.0.597.19 Dev (December 14th, 2010)

  • This was primarily a crash fix release, in particular resolving a sync related crash issue (Issue: 57898).

New in version 8.0.552.224 (December 13th, 2010)

  • [60761] Medium Bad extension can cause browser crash in tab handling. Credit to kuzzcc.
  • [63529] Low Browser crash with NULL pointer in web worker handling. Credit to Nathan Weizenbaum of Google.
  • [$1000] [63866] Medium Out-of-bounds read in CSS parsing. Credit to Chris Rohlf.
  • [$1000] [64959] High Stale pointers in cursor handling. Credit to Sławomir Błażek and Sergey Glazunov.

New in version 9.0.597.16 Dev (December 11th, 2010)

  • The scrolling regression has been fixed (Issue: 66079).

New in version 9.0.597.15 Dev (December 10th, 2010)

  • There is a regression in 9.0.597.15 where scrolling up does not work using the mouse wheel (Issue: 66133) a fix is underway and will be released in short order.

New in version 9.0.597.10 Dev (December 7th, 2010)

  • Primarily stability fixes and minor UI tweaks, no new features or functionality have been added.

New in version 8.0.552.215 (December 3rd, 2010)

  • In addition to the over 800 bug fixes and stability improvements, Chrome 8 now contains a built in PDF viewer that is secured in Chrome’s sandbox.
  • Security fixes and rewards:
  • [17655] Low Possible pop-up blocker bypass. Credit to Google Chrome Security Team (SkyLined).
  • [55745] Medium Cross-origin video theft with canvas. Credit to Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR).
  • [56237] Low Browser crash with HTML5 databases. Credit to Google Chrome Security Team (Inferno).
  • [58319] Low Prevent excessive file dialogs, possibly leading to browser crash. Credit to Cezary Tomczak (gosu.pl).
  • [$500] [59554] High Use after free in history handling. Credit to Stefan Troger.
  • [Linux / Mac] [59817] Medium Make sure the “dangerous file types” list is uptodate with the Windows platforms. Credit to Billy Rios of the Google Security Team.
  • [61701] Low Browser crash with HTTP proxy authentication. Credit to Mohammed Bouhlel.
  • [61653] Medium Out-of-bounds read regression in WebM video support. Credit to Google Chrome Security Team (Chris Evans), based on earlier testcases from Mozilla and Microsoft (MSVR).
  • [$1000] [62127] High Crash due to bad indexing with malformed video. Credit to miaubiz.
  • [62168] Medium Possible browser memory corruption via malicious privileged extension. Credit to kuzzcc.
  • [$1000] [62401] High Use after free with SVG animations. Credit to Sławomir Błażek.
  • [$500] [63051] Medium Use after free in mouse dragging event handling. Credit to kuzzcc.
  • [$1000] [63444] High Double free in XPath handling. Credit to Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences.

New in version 9.0.597.0 Dev (December 2nd, 2010)

  • Ongoing work on IndexDB and GPU
  • Tweaks/Fixes to Google Chrome Instant
  • Extensions/Apps work
  • Autofill related fixes

New in version 8.0.552.208 Beta (November 19th, 2010)

  • This release contains a number of stability and UI improvements.

New in version 9.0.587.0 Dev (November 19th, 2010)

  • GPU Related Fixes
  • Crash Fixes
  • Instant Fixes
  • [r65953] Move click-to-play to about:flags. (Issue: 62091)

New in version 9.0.576.0 Dev (November 10th, 2010)

  • Typing on a form with highlighted profile, keeps its highlighted value. (Issue 58774)
  • Handle selection changes due to AutoFill more carefully. (Issue 58774)
  • Autofill popup labels should reflect the contents of the HTML form. (Issue 58887)

New in version 9.0.572.1 Dev (November 9th, 2010)

  • This release contains a new version of Flash.

New in version 8.0.552.28 Beta (November 5th, 2010)

  • Contains a number of bug fixes, as well as features like the new bundled PDF viewer, more sync services, and improved plug-in handling.
  • This release also contains a new version of Flash.

New in version 9.0.572.0 Dev (November 5th, 2010)

  • Contains a new version of Flash and fixes one of the top crashers.

New in version 7.0.517.44 (November 4th, 2010)

  • [51602] High Use-after-free in text editing. Credit to David Bloom of the Google Security Team, Google Chrome Security Team (Inferno) and Google Chrome Security Team (Cris Neckar).
  • [$1000] [55257] High Memory corruption with enormous text area. Credit to wushi of team509.
  • [$1000] [58657] High Bad cast with the SVG use element. Credit to the kuzzcc.
  • [$1000] [58731] High Invalid memory read in XPath handling. Credit to Bui Quang Minh from Bkis (www.bkis.com).
  • [$500] [58741] High Use-after-free in text control selections. Credit to “vkouchna”.
  • [$1000] [Linux only] [59320] High Integer overflows in font handling. Credit to Aki Helin of OUSPG.
  • [$1000] [60055] High Memory corruption in libvpx. Credit to Christoph Diehl.
  • [$500] [60238] High Bad use of destroyed frame object. Credit to various developers, including “gundlach”.
  • [$500] [60327] [60769] [61255] High Type confusions with event objects. Credit to “fam.lam” and Google Chrome Security Team (Inferno).
  • [$1000] [60688] High Out-of-bounds array access in SVG handling. Credit to wushi of team509.

New in version 9.0.570.0 Dev (November 3rd, 2010)

  • Mac:
  • Make sure the dock icon is updated after closing an incognito window with an in-progress download (Issue 48391)
  • Security:
  • Require a user gesture when opening file choose dialog and make sure file choose dialog from invisible windows can not be displayed (Issue 58319)

New in version 8.0.552.23 Dev (October 30th, 2010)

  • Various fixes for browser sign-in
  • [r64308] Fix importing from Firefox on first run on Mac when it’s the default browser. (Issue 61112)
  • Disable accelerated 2D canvas

New in version 8.0.552.18 Dev (October 27th, 2010)

  • This release addresses a number of stability and polish issues found in the previous release.

New in version 8.0.552.11 Dev (October 22nd, 2010)

  • about:labs moved to about:flags
  • New Tab Page cleanup
  • Various Chrome Frame fixes for non-en-US locales

New in version 7.0.517.41 (October 20th, 2010)

  • Hundreds of bug fixes
  • An updated HTML5 parser
  • File API
  • Directory upload via input tag

New in version 8.0.552.5 Dev (October 19th, 2010)

  • Contains a number of stability and other improvements.

New in version 7.0.517.41 Beta (October 14th, 2010)

  • There were only a few minor fixes in this release, specifically around plugin loading and crashes.

New in version 8.0.552.0 Dev (October 13th, 2010)

  • Contains a number of stability and other improvements.

New in version 7.0.517.36 Beta (October 8th, 2010)

  • The majority of fixes in this release were related to stability and polish. Of particular note, we also landed fixes for NTLM authentication and restored the ability to hide the most visited sites on the new tab page.

New in version 7.0.544.0 Dev (October 7th, 2010)

  • All:
  • Make it possible to completely hide sections in the NTP (hit close button that appears on hover of section header)
  • Numerous stability fixes
  • Mac:
  • [r61077] Add ‘Page Info Bubble’ lab (Issue 52916)
  • [r60984] Fix deadlock in the accelerated drawing code (Issue 55754)

New in version 7.0.536.2 Dev (October 1st, 2010)

  • All:
  • Fixed saving passwords containing non-ASCII characters (Issue 54065).
  • Accelerated compositing and support for 3D CSS transforms enabled by default (Issue 54469)
  • WebGL support enabled by default (Issue 54469)
  • Regression fix: keep the download shelf visible when multiple sites are saved. (Issue 54149)
  • Add a lab for the Page Info Bubble for Windows and Linux; Mac coming shortly.
  • Mac:
  • More keyboard shortcuts for Tab Overview.(Issue 52834)
  • Add sqlite and javascript memory columns to task manager

New in version 7.0.517.24 Beta (October 1st, 2010)

  • This release is focused on resolving minor bug fixes or crashes.

New in version 7.0.517.13 Dev (September 25th, 2010)

  • This release focused on resolving minor bug fixes or crashes.

New in version 6.0.472.63 (September 23rd, 2010)

  • This version contains a fix in V8 for direct loading of global function prototypes [V8 r5483].

New in version 6.0.472.62 (September 18th, 2010)

  • [$500] [55114] High Bad cast with malformed SVG. Credit to wushi of team 509.
  • [55119] Critical Buffer mismanagement in the SPDY protocol. Credit to Ron Ten-Hove of Google.
  • [$1000] [55350] High Cross-origin property pollution. Credit to Stefano Di Paola of MindedSecurity.

New in version 7.0.517.8 Dev (September 17th, 2010)

  • This release focused on resolving minor bug fixes or crashes.

New in version 6.0.472.59 (September 15th, 2010)

  • [$500] [50250] High Use-after-free when using document APIs during parse. Credit to David Weston of Microsoft + Microsoft Vulnerability Research (MSVR) and wushi of team 509 (independent discoveries).
  • [$1000] [50712] High Use-after-free in SVG styles. Credit to kuzzcc.
  • [$500] [51252] High Use-after-free with nested SVG elements. Credit to kuzzcc.
  • [Linux only] [51709] Low Possible browser assert in cursor handling. Credit to “magnusmorton”.
  • [$500] [51919] High Race condition in console handling. Credit to kuzzcc.
  • [53176] Low Unlikely browser crash in pop-up blocking. Credit to kuzzcc.
  • [$500 x 2] [Mac only] [53361] Critical Fix bug 45400 properly on the Mac. Credit to Sergey Glazunov and “remy.saissy”.
  • [$500] [53394] High Memory corruption in Geolocation. Credit to kuzzcc.
  • [Linux only] [53930] High Memory corruption in Khmer handling. Credit to Google Chrome Security Team (Chris Evans).
  • [54006] Low Failure to prompt for extension history access. Credit to “adriennefelt”.

New in version 7.0.517.5 Dev (September 14th, 2010)

  • All:
  • about:labs (Issue: 53399)
  • Fewer wstrings in the bookmark code!
  • Problems visiting http://localhost in various network configurations should be resolved (Issues: 42058, 49024, 32522).
  • Mac:
  • Support for Services (Issue 20868)
  • Support for AppleScript (Issue 27468)
  • Find bar and fullscreen overlay are now drawn correctly on top of plugins that use the CoreAnimation drawing model (Issue 44087)
  • Remove superfluous Console logging (Issue 26621)

New in version 6.0.472.55 (September 8th, 2010)

  • [r58038] [r58039] Failures when using autocomplete (issue 51727, 52940)
  • [r58106] Default search engine settings wiped out (issue 10913)
  • Shift reload not working (issue 1906)

New in version 6.0.472.53 (September 2nd, 2010)

  • Updated UI
  • Form Autofill
  • Syncing of extensions and Autofill data
  • Increased speed and stability
  • Security fixes and rewards:
  • [34414] Low Pop-up blocker bypass with blank frame target. Credit to Google Chrome Security Team (Inferno) and “ironfist99”.
  • [37201] Medium URL bar visual spoofing with homographic sequences. Credit to Chris Weber of Casaba Security.
  • [41654] Medium Apply more restrictions on setting clipboard content. Credit to Brook Novak.
  • [45659] High Stale pointer with SVG filters. Credit to Tavis Ormandy of the Google Security Team.
  • [45876] Medium Possible installed extension enumeration. Credit to Lostmon.
  • [46750] [51846] Low Browser NULL crash with WebSockets. Credit to Google Chrome Security Team (SkyLined), Google Chrome Security Team (Justin Schuh) and Keith Campbell.
  • [$1000] [50386] High Use-after-free in Notifications presenter. Credit to Sergey Glazunov.
  • [50839] High Notification permissions memory corruption. Credit to Michal Zalewski of the Google Security Team and Google Chrome Security Team (SkyLined).
  • [$1337] [51630] [51739] High Integer errors in WebSockets. Credit to Keith Campbell and Google Chrome Security Team (Cris Neckar).
  • [$500] [51653] High Memory corruption with counter nodes. Credit to kuzzcc.
  • [51727] Low Avoid storing excessive autocomplete entries. Credit to Google Chrome Security Team (Inferno).
  • [52443] High Stale pointer in focus handling. Credit toVUPEN Vulnerability Research Team (VUPEN-SR-2010-249).
  • [$1000] [52682] High Sandbox parameter deserialization error. Credit to Ashutosh Mehra and Vineet Batra of the Adobe Reader Sandbox Team.
  • [$500] [53001] Medium Cross-origin image theft. Credit to Isaac Dawson.

New in version 7.0.503.0 Dev (August 26th, 2010)

  • All - [r56615] IP addresses typed into the omnibox now work when offline. (Issue: 39830)
  • Mac - More tweaks and polish to the Wrench menu (Issues 48679, 51643)
  • Chrome Frame - Many stability fixes

New in version 6.0.472.41 Beta (August 21st, 2010)

  • Contains additional stability fixes, UI updates, and an updated set of translations.

New in version 5.0.375.127 (August 20th, 2010)

  • [$1337] [45400] Critical Memory corruption with file dialog. Credit to Sergey Glazunov.
  • [$500] [49596] High Memory corruption with SVGs. Credit to wushi of team509.
  • [$500] [49628] High Bad cast with text editing. Credit to wushi of team509.
  • [$1000] [49964] High Possible address bar spoofing with history bug. Credit to Mike Taylor.
  • [$2000] [50515] [51835] High Memory corruption in MIME type handling. Credit to Sergey Glazunov.
  • [$1337] [50553] Critical Crash on shutdown due to notifications bug. Credit to Sergey Glazunov.
  • [51146] Medium Stop omnibox autosuggest if the user might be about to type a password. Credit to Robert Hansen.
  • [$1000] [51654] High Memory corruption with Ruby support. Credit to kuzzcc.
  • [$1000] [51670] High Memory corruption with Geolocation support. Credit to kuzzcc.

New in version 6.0.495.0 Dev (August 18th, 2010)

  • [r55669] Fixed some minor issues with css custom cursor rendering (Issue: 51709)
  • Re-enable the link to disable individual plug-ins in a group. (Issue: 51597)
  • [r55596] Fixed playback rate for WebM/VP8 on certain content. (Issue: 51014)
  • [r56026] Opening downloaded items from the download shelf now behaves as expected (Issues 32921, 50263)

New in version 6.0.472.36 Beta (August 17th, 2010)

  • All:
  • More UI Polish
  • Stability Fixes
  • [r55562] Re-enable the link to disable individual plug-ins in a group. (Issue: 51597)
  • Mac:
  • [r55585] Insert the Update Chrome item to existing Wrench menus when notified. (Issue: 50659)
  • Chrome Frame:
  • [r55941] Fix Chrome Frame upgrade from old to new beta. (Issue: 51620)

New in version 6.0.490.1 Dev (August 13th, 2010)

  • All:
  • Late binding enabled for SSL sockets: High priority SSL requests are now always sent to the server first.
  • Fixed focus problems with restoring from minimize (Issue 48917)
  • Fixed Cannot add an address properly in the "AutoFill options" dialog box (Issue 50047)
  • Several fixes and checks relating to syncing extensions (Issue 46516, Issue 49346, Issue 46516, Issue 49346, Issue 50567)
  • Click-to-play is now behind the --enable-click-to-play command line switch.
  • Fixed several issues with click-to-play (Issue 49686, Issue 49836)
  • Mac:
  • Various tweaks and fixes to the Wrench menu (Issue 49356, Issue 49996, Issue 49716, Issue 49448)
  • Fix a bug with the Custom Homepages preference (Issue 49320)

New in version 6.0.472.33 Beta (August 12th, 2010)

  • Updated UI
  • Form Autofill
  • Syncing of extensions and Autofill data
  • Increased speed and stability

New in version 5.0.375.126 (August 11th, 2010)

  • This version contains an updated version of the Flash plugin.

New in version 6.0.472.25 Dev (August 7th, 2010)

  • All:
  • UI Updates
  • Stability Fixes

New in version 6.0.472.22 Dev (August 5th, 2010)

  • All Platforms:
  • UI Updates
  • Stability Fixes (Issue 49493) Fix some problems with SSL connections through HTTP proxies.

New in version 6.0.472.14 Dev (July 31st, 2010)

  • UI tweaks and clean up
  • Additional stability fixes
  • PDF plugin does not load - Issue 49800

New in version 6.0.472.11 Dev (July 29th, 2010)

  • UI tweaks and clean up
  • Additional stability fixes

New in version 5.0.375.125 (July 27th, 2010)

  • [$500] [42736] Medium Memory contents disclosure in layout code. Credit to Michail Nikolaev.
  • [$500] [43813] High Issue with large canvases. Credit to sp3x of SecurityReason.com.
  • [$500] [47866] High Memory corruption in rendering code. Credit to Jose A. Vazquez.
  • [$500] [48284] High Memory corruption in SVG handling. Credit to Aki Helin of OUSPG.
  • [48597] Low Avoid hostname truncation and incorrect eliding. Credit to Google Chrome Security Team (Inferno).

New in version 6.0.472.4 Dev (July 23rd, 2010)

  • All:
  • [r52790] Chromium stops saving files for any large downloads (Issue 49216)
  • [r52693] Fix crash with SSL client auth (Issue 49197)
  • [r52850] Option clicking a link now saves a resource directly without triggering a “Save As...” dialog (Issue 36775)
  • Mac:
  • [r52911] Implement the upgrade available notification on the Wrench menu (Issue 45147)
  • [r52485] Implement the new, unified Wrench menu (Issue 47848)

New in version 6.0.458.1 Dev (July 9th, 2010)

  • All:
  • InfoBar should not be shown when the user first submits a form
. (Issue: 47426)
  • AutoFill should continuously update profile data as the user submits forms with new data
AutoFill: Aggregate profile data. Remove the AutoFill InfoBar. Remove more remnants of shipping address and CVV. (Issue: 47423)
  • When editing a field in a previously auto-filled form, only display unique suggestions
AutoFill: Remove duplicate suggestions when providing suggestions for a field (Issue: 47436)
  • Enabling sync freezes Chromium
Remove NIGORI from the sync routing info. (Issue: 47766)
  • Windows:
  • Chrome unable to start if other FFmpeg DLLs are present on the system (Issue: 35857)

New in version 5.0.375.99 (July 3rd, 2010)

  • This release fixes the following security issues:
  • [42396] Low OOB read with WebGL. Credit to Sergey Glazunov; Google Chrome Security Team (SkyLined).
  • [42575] [42980] Medium Isolate sandboxed iframes more strongly. Credit to sirdarckcat of Google Security Team.
  • [$500] [43488] High Memory corruption with invalid SVGs. Credit to Aki Hekin of OUSPG; wushi of team509.
  • [$500] [44424] High Memory corruption in bidi algorithm. Credit to wushi of team509.
  • [45164] Low Crash with invalid image. Credit to javg0x83.
  • [$1000] [45983] High Memory corruption with invalid PNG (libpng bug). Credit to Aki Helin of OUSPG.
  • [$500] [46360] High Memory corruption in CSS style rendering. Credit to wushi of team509.
  • [46575] Low Annoyance with print dialogs. Credit to Mats Ahlgren.
  • [47056] Low Crash with modal dialogs. Credit to Aki Helin of OUSPG.

New in version 6.0.453.1 Dev (July 3rd, 2010)

  • Continued feature parity work

New in version 5.0.375.86 (June 25th, 2010)

  • The following security issues were resolved:
  • [38105] Medium XSS via application/json response (regression). Credit to Ben Davis for original discovery and Emanuele Gentili for regression discovery.
  • [43322] Medium Memory error in video handling. Credit to Mark Dowd under contract to Google Chrome Security Team.
  • [43967] High Subresource displayed in omnibox loading. Credit to Michal Zalewski of Google Security Team.
  • [45267] High Memory error in video handling. Credit to Google Chrome Security Team (Cris Neckar).
  • [$500] [46126] High Stale pointer in x509-user-cert response. Credit to Rodrigo Marcos of SECFORCE.

New in version 6.0.447.0 Dev (June 25th, 2010)

  • Both:
  • PDFs are now shown centered.
  • [r50274] Ctrl-clicking links opens them to the right of the current tab again (Issue 46917)
  • Mac:
  • [r49830] Unified page/wrench menus into a single item.
  • [r50134] Fix a crash when closing tabs (Issue 46289)
  • [r50201] Fix a crash when deleting large numbers of bookmarks (Issue 46175)

New in version 5.0.375.86 Beta (June 24th, 2010)

  • The integrated flash player has been re-enabled by default.

New in version 6.0.437.2 Dev (June 18th, 2010)

  • [r49492] Detach Reload from omnibox, combine with Stop, and eliminate Go. (Issue: 45745).
  • [r49712] Implemented initial version of extension syncing. (Issue (with instructions on how to enable): 32413, but see 46742).
  • The onChanged event is now working in the extensions experimental cookies API.
  • [r49442] Faster scrolling on 10.6 (Issue: 45553).
  • [r49536] Fix a bug where menu items would be disabled if no windows were open. (Issue: 46355)

New in version 6.0.427.0 Dev (June 9th, 2010)

  • No preview is seen in empty form fields when Autofill profile is in focus. (Issue 38582)
  • Chrome Frame - Fixed sad-tab showing briefly during switch to Chrome Frame. Sometimes, navigating to a page in Chrome Frame within IE would display the sad tab page briefly until the navigation was initiated from IE.

New in version 5.0.375.55 (May 26th, 2010)

  • This release contains some minor crash and stability fixes, in addition, we have also temporarily put our internal version of Flash Player back behind a flag. We plan on re-enabling our internal version of Flash Player by default on the beta channel in the near future.
  • We have also fixed a regression so that we no longer remember incognito zoom changes (Issue: 43107).

New in version 5.0.375.53 Beta (May 21st, 2010)

  • This release contains some minor crash and stability fixes, in addition, we have also temporarily put our internal version of Flash Player back behind a flag.

New in version 6.0.408.1 Dev (May 21st, 2010)

  • [r47063] Fix possible deadlock in PluginChannel. (Issue: 43617)
  • Localization UI Resizing

New in version 6.0.401.1 Dev (May 15th, 2010)

  • Don’t prepend scheme on copying an incomplete hostname. (Issue 43585)

New in version 5.0.375.38 Beta (May 11th, 2010)

  • In addition to crash and stability fixes, this release also includes a localization refresh of our strings.

New in version 5.0.396.0 Dev (May 7th, 2010)

  • All:
  • The toolbar, omnibox and other UI changes reverted for Chrome 5 have been restored in this build.
  • Fixed bug related to scheme stripping that could cause URLs of the form "http://ftp.foo.com" to be misnavigated, by not stripping the scheme in this case.
  • Many bugs fixed relating to stripping "http://" and its interaction with the clipboard. Chrome should now prepend schemes onto the pasted text in a variety of situations.
  • Mac:
  • Continual polish to main frame UI, including the bookmark bar

New in version 5.0.375.29 Dev (May 5th, 2010)

  • Incorporates one of Chrome’s most significant speed and performance increases to date, with 30% and 35% improvement on the V8 and SunSpider benchmarks over the previous beta channel release.
  • Includes a handful of new features. Not too long ago, we introduced bookmark sync into the browser, which allows you to keep your bookmarks synchronized on multiple computers using your Google Account. Beta users can now synchronize not only bookmarks, but also browser preferences including themes, homepage and startup settings, web content settings, and language. By popular demand especially from avid Chrome extensions users, you can now install and use Chrome extensions while in incognito mode.
  • Under the hood, today’s release contains the goodness of some new HTML5 features, namely Geolocation APIs, App Cache, web sockets, and file drag-and-drop capabilities. Additionally, this is the first Chrome beta that features initial integration of the Adobe Flash Player plug-in with Chrome, so that you can browse a rich, dynamic web with added security and stability -- you’ll automatically receive security and feature updates for Flash Player with Chrome’s auto-update mechanism.

New in version 5.0.375.23 Dev (April 28th, 2010)

  • Disabled profile based Autofill (this will return in a future release)
  • Various UI features related to the url bar/ omnibox have been removed from this release (e.g. http:// truncation, star icon, etc...)
  • We are currently examining ways to address the usability issues that were raised and plan to reintroduce in the near future
  • Various crash fixes

New in version 5.0.375.17 Dev (April 23rd, 2010)

  • Disabled profile based Autofill (this will return in a future release)
  • Various UI features related to the url bar/ omnibox have been removed from this release (e.g. http:// truncation, star icon, etc...)
  • We are currently examining ways to address the usability issues that were raised and plan to reintroduce in a future release
  • Various crash fixes

New in version 5.0.375.9 Dev (April 17th, 2010)

  • Flash enabled by default
  • Implement patterns for content setting exceptions.
  • A nicer looking video scaling algorithm is now used

New in version 5.0.375.6 Dev (April 14th, 2010)

  • Flash enabled by default
  • Implement patterns for content setting exceptions.
  • A nicer looking video scaling algorithm is now used

New in version 5.0.371.0 Dev (April 9th, 2010)

  • All:
  • Geolocation support (Issue 11246 and many others)
  • Fixed bug where HTML5 audio/video elements stopped firing timeupdate events (Issue 25185)
  • WebGL is running inside the sandbox under the --enable-webgl flag (i.e. this no longer requires the --no-sandbox flag to run). Browsing with the --no-sandbox is dangerous and we strongly recommend that you not do it.
  • Changes to the Omnibox (e.g. the bookmark star has moved, icon changes, etc...)
  • Mac:
  • More omnibox reshuffling work-in-progress (Issue: 37865)

New in version 5.0.342.9 Beta (April 8th, 2010)

  • This update fixes issue 38220: some extensions cannot be installed.

New in version 5.0.366.2 Dev (April 2nd, 2010)

  • [r42843] Fixed a bug with incognito extensions like RSS Subscription. (Issue: 39351)
  • [r42400] Will no longer automatically offer to translate in incognito mode. (Issue: 38107)
  • [r42981] Fix file upload code to not hang the HTTP session when the file is unreadable. (Issue: 30850)

New in version 5.0.360.4 Dev (March 30th, 2010)

  • An integrated Adobe Flash Player Plug-in. We're integrating Adobe Flash Player 10.1.51.95 (10.1 beta 3) with Google Chrome so that you don't have to install it or worry about keeping it up-to-date. See the blog post on the Chromium blog for more details.
  • To use the bundled Flash Player plug-in, add --enable-internal-flash to your command line or shortcut for starting Google Chrome.
  • A basic plug-in manager. The about:plugins page now lets you disable any plug-in from loading on all web pages. See the Known Issues section: this doesn't work in all cases yet if you already have Adobe Flash Player for Windows Firefox, Safari, or Opera installed.

New in version 5.0.360.0 Dev (March 27th, 2010)

  • All:
  • Tabbed bookmark manager (Issue 4890)
  • Several Translate improvements
  • Fixed several AutoFill features (Issues 38218, 38009, 38538, 38104, 38681)
  • Fixed long timeout when navigating away from slow pages (Issue 11007)
  • Security:
  • Updated libpng for CVE-2010-0205

New in version 5.0.342.7 Beta (March 26th, 2010)

  • Automatic translations and greater control over content for privacy. The Google Chrome 4.1 Beta announcement for Windows explains these features in more detail.
  • Full screen mode
  • Really, really reload. A normal reload causes the browser to check with the server before reusing its cached content. The server can decide whether or not the browser should use its cached content. A force reload causes the browser to ignore its cached content and ask the server for a fresh copy of the page. Use Shift+Reload to force a reload (the reload keyboard shortcut varies by platform).

New in version 5.0.356.2 Dev (March 20th, 2010)

  • Fix an issue where dragging anything with your mouse would freeze the tab.

New in version 5.0.356.0 Dev (March 19th, 2010)

  • [r41041] Implement Mac Address Book "me" card integration with Autofill. (Issue: 36496)
  • Various improvements to the bookmark folder menus.
  • [r40444] Fix beach ball/performance issues with the cookie manager. (Issue: 35134)
  • [r41595] Better integration with host (InternetExplorer) popup blocker. (Issue: 34823)

New in version 5.0.342.5 Dev (March 17th, 2010)

  • A lot of improvements to the bookmark bar on the Mac.
  • Note that there’s still an issue with folders with a lot of bookmarks. When you open the folder on the bookmarks bar, the list may extend below the bottom of the screen and you won’t be able to access the bookmarks at the bottom. A fix is coming soon. A workaround is to use the bookmark menu in the menu bar.
  • A lot of improvements to the quality of form Autofill.

New in version 5.0.342.1 Dev (March 5th, 2010)

  • All:
  • Extension content scripts no longer run multiple times after fragment (ie #hash) navigations (Issue:35924)
  • Early version of Geolocation API now available with following caveats:
  • To enable, run the browser with --enable-geolocation
  • Wifi based location is only supported on Windows and Mac (not OSX 10.6 for now)
  • Permissions are not persisted (will re-prompt every time) and associated UI is incomplete.
  • Mac:
  • Improved plugin stability (Issue:35081,36928)
  • AutoFill Preferences UI Updates
  • Translate infobars are now implemented (Issue:34466)
  • Mac History menu now has favicons andno longer lists duplicates of Recently Closed sites (Issues: 20464 and 21314)
  • Added HTML5 databases to the Mac cookie manager (Issue: 35191)

New in version 5.0.307.11 Beta (February 27th, 2010)

  • [Mac, Linux] Fixed an issue where an error resolving a proxy server would not try a direct connection. (Issue 32316)
  • [Mac, Linux] Fixed an extensions bug that could crash the entire browser. (Issue 34778)
  • [Mac, Linux] Fixed an issue in the cross-site scripting auditor that could prevent Google translate from working on sites. (Issue 33115)

New in version 5.0.335.0 Dev (February 24th, 2010)

  • Support "cache-bypassing reload"; this is hooked to various accelerators on different platforms (e.g. shift-reload, ctrl-reload, etc.) (Issue 1906)
  • [r38877, r39018, r39040, r39133, r39346, r39524] Fix numerous issues relating to new Content Settings functionality (Issues 34633, 34668, 35011, 35775, 36021)
  • [r39285] Fix crash when alert() is called from extension popup (Issue 33698)
  • [r39365] When a single tab is open, "Close other tabs" context menu option should be grayed out (Issue 35576)
  • [r39381] Remove all infobars from a tab when its renderer crashes (Issue 36035)
  • [r39412] Fix crash adding/deleting bookmark/folder when browser sync is on and the network is not available (Issue 36200)
  • [r39670] Do not send extra blur and focus events if popup menu is showing (Issue 23499)
  • [r39682] Fix crash when dragging bookmarks (Issue 36473)
  • [r39240] Fix Mac startup theme perf regression (Issue 34775)
  • [r39389, r39467, r39485] Add client SSL certificate support for Mac (Issue 16831)
  • Enable Full Screen mode (Issue 31638)
  • [r39231] Adds grippys to the left side of the Browser Actions container to resize the container (they do not work yet) (Issue 26990)
  • [r39158] Show icon in omnibox when popups were blocked (Issue 35594)
  • Security:
  • [r39503, r39635] Be more careful about size calculations in GPU code (Issue: 35931)
  • Notable behavior change: every HTML document hosted on a local file:// URI now lives in a unique domain. Old behavior can be re-enabled with the new flag --allow-file-access-from-files. For a cross-browser discussion on background, please see http://blog.chromium.org/2008/12/security-in-depth-local-web-pages.html

New in version 5.0.307.9 Beta (February 17th, 2010)

  • Fixed a tab crash that could be triggered by visiting wordpress.com, http://acid3.acidtests.org/, and many other sites.
  • Fixed a tab crash in image loading.

New in version 5.0.322.2 Dev (February 13th, 2010)

  • All:
  • [r38242] Don't crash when a theme specifies a nonexistent image. (Issue: 31719)
  • Mac:
  • [r38319] Honor modifiers for clicks on home button – cmd-clicking the home button now opens your home page in a new tab. (Issue: 34900)
  • [r38204] Implemented writing direction context menu in text input fields.
  • [r38504] Add local storage nodes to the cookie manager (Issue: 33068)
  • Native Client:
  • Chrome for Linux and Mac OS 10.6 can now run Native Client modules directly, no plugin required. To enable this features, run Chrome with the following command line flags--internal-nacl --enable-gpu-plugin --no-sandbox.
  • Platform-independent NPAPI extensions for 2D, 3D, and mouse/keyboard events are now available.
  • We'd like to hear from you. Please send feedback tonative-client-discuss@googlegroups.com,
  • Extensions:
  • [r38239] Don't crash when extensions use cookie. (Issue: 34649)
  • [r38407] Preserve order of browser actions across extension autoupdate. (Issue: 33401)
  • Implemented overflow and reordering of browser actions (this was actually in the last update, but missed the release notes)

New in version 5.0.307.7 Beta (February 11th, 2010)

  • What's new on Mac since the last Beta update?
  • Extensions (finally!)
  • Bookmark sync
  • Bookmark manager
  • Cookie manager
  • Task manager
  • Highlights of Mac Fixes
  • [r36016] Support pinch to zoom on the Mac. (Issue: 16305)
  • [r35440] Cmd-three finger swipe opens prev/next page in new tab. (Issue: 29804)

New in version 5.0.307.5 (February 4th, 2010)

  • [r37760] Fix themes being corrupted after upgrade (bad colors, extra wrench menu, etc). (Issue 33416)
  • [r37440] Fix a crash when the page is closed or navigates while a popup menu is open. (Issue 33250)
  • [r37445] Bookmark manager: restore focus when people press Esc. (Issue 32734)
  • [r37522] Bookmark manager: Fix a crash on deleting a folder (Issue 33083)
  • [r37542] Fix a crash when plugins are scrolled or multiple plugins frames load (Issue 33467)
  • [r37549] Prevent tabs from closing when a popup window is open (Issue 31716)
  • [r37738] Fix a crash when opening a menu while the browser starts. (Issue 33890)
  • [r37853] Fix cookie management dialog being slow to load (Issue 33248)

New in version 5.0.307.1 (January 30th, 2010)

  • Improved plugin stability.
  • [r37204][r37210] Cocoa NPAPI plugins will now get NPCocoaEventMouseDragged and NPCocoaEventFlagsChanged events (Issues: 32996, 31846)
  • [r37010] Fix crash that sometimes happened when dragging tabs (Issue: 29906)
  • [r37004] Fix %cpu in task manager. (Issue: 32464)
  • [r37139] Give the cookies manager a search field. (Issue: 32328)
  • [r37247] Make copying of big images more robust (Issue: 26822)
  • [r37114] Improve task manager resizing behavior (Issues: 33134, 33133)

New in version 4.0.302.2 (January 23rd, 2010)

  • All:
  • [r36632] We now only use our own FTP parsing code; please file bugs if you encounter any problems while navigating FTP sites. (Issue: 25520)
  • Mac:
  • [r35949, r36195, r36432, r36437, r36562, r36582] Various improvements to the bookmark manager.
  • [r35959] Fix mis-sized download shelf close button. (Issue: 31785)
  • [r35977, r36087, r36088, r36096, r36557] Enable the task manager. (Issue: 13156)
  • [r36016] Support pinch to zoom on the Mac. (Issue: 16305)
  • [r36021] Implements context menus for Page and Browser Actions. (Issue: 30655)
  • [r36124] Eliminate Helper zombies. (Issue: 32001)
  • [r36242] Quake Live Plugin will now load. (Issue: 24788)
  • [r36259, r36370] Fix issues with browser action popups. (Issues: 32161, 31097, 32162)
  • [r36416, r36533, r36554] Support plugin cursors, and fix cursor flicker with fullscreen plugins. (Issue: 20717)
  • [r36422] Improve scroll performance on some sites, e.g. http://www.starcraft2.com/faq.xml (Issues: 502056, 28954)
  • [r36182] Controls in QuickTime content now work. (Issue: 24952)
  • [r36361] Double-clicking a plugin will no longer select it. (Issue: 31358)

New in version 4.0.295.0 dev (January 15th, 2010)

  • Several crash fixes.
  • Add a rudimentary bookmark manager (Issue: 13149, 31844)
  • Fix stuck hover states on tab close buttons (Issue: 31279)
  • Make devtools window dockable. (Issue: 17368)
  • Implement the cookie manager (Issue: 15360)
  • Cmd-three finger swipe opens prev/next page in new tab. (Issue: 29804)

New in version 4.0.288.1 (January 7th, 2010)

  • All Platforms:
  • [r33999] Fixed an issue which caused html5 audio/video content to not load. (Issue: 25859)
  • [r34122] Fixed a bug where content scripts would get run twice in some cases. (Issue: 29644)
  • Mac:
  • IMPORTANT: Use this build to switch back to the Dev channel. If you were running Chrome Dev builds before you must manually install this build to get back on the Dev channel. Previous 4.0.249.x builds are on the Beta channel and will not auto update to new Dev channel releases.
  • Extensions are enabled
  • Bookmark sync is enabled. Please note issue 31015 below.
  • [r34585] Add Learn more link to "Aw Snap" crash page. (Issue: 27212)
  • [r34942] Add Esc as another keyboard shortcut for "stop page load." (Issue: 20916)
  • [r34757] Don't show location bar in devtools and other popup windows. (Issues: 13148, 20244, 26757, 29103)
  • [r34762] Implement "Pin Tab" tab context menu item

New in version 4.0.249.49 (January 5th, 2010)

  • This release includes a relatively minor update that corrects a potential issue with our auto-update processes for Mac users.

New in version 4.0.249.43 (December 17th, 2009)

  • Fixed several common crashes.

New in version 4.0.249.27 (December 5th, 2009)

  • [r33490] Disabled extensions. (Issue: 29086)
  • [r33556] [r33768] Added more localized string translations.
  • [r33803] Fixed download dialog truncation in German locale. (Issue: 23178)

New in version 4.0.249.22 (December 3rd, 2009)

  • All:
  • [r33013] Disable --enable-user-scripts. (Issue: 27520)
  • NOTE: You can now install user scripts by navigating to them. You will have to reinstall your current scripts (they aren't migrated).
  • [r33086] Remove toolstrips API. (Issue: 24475)
  • [r32875] Turn on HTML5 DBs by default.
  • Mac:
  • [r32793] Omnibox no longer becomes too long for window after installing a few themes (Issue: 28476)
  • [r32843] Display a warning dialog if there was a problem reading the profile (Issue: 26377)
  • [r32943] Switch "Save" and "Discard" buttons on dangerous download warning to match platform standard. (Issue: 28638)
  • [r33105] Show feedback while dragging bookmarks (Issue: 17608)
  • [r33243] Implement non-admin autoupdate (Issue: 16360)

New in version 4.0.249.12 (November 25th, 2009)

  • [r32659] Improved plugin focus handling (Issue: 26585).
  • [r32663] Improved plugin stability (Issues: 28190, 24173).

New in version 4.0.249.4 (November 21st, 2009)

  • Fixed - Issue 27897: [Extension] Some extensions crash after installing 4.0.249.0
  • Fixed - Issue 27900: [Extension] Reload on crash infobar causes more crashes
  • Silverlight plugin support. (Issues: 28019, 27788, 25105)
  • Bookmark bar improvements. (Issues: 17608, 25600, 25655, 26643, 26647, 26718, 27634, 27692, 27693, 27795, 28203)
  • Pasting some text into the Omnibox should no longer crash Google Chrome. (Issue: 27698)

New in version 4.0.249.0 (November 17th, 2009)

  • All Platforms:
  • [r31779] Introduced Timeline and Storage panels in Chrome's Developer Tools
  • Mac:
  • [r31785] Support undo in the omnibox (Issue: 18084).
  • Extensions:
  • [r32008] Mostly fixes black flashing that happens during popup resize. (Issue: 25459)
  • [r31996] Re-enable database storage for extensions. (Issue: 27216)
  • [r31844] Fix a crash in ExtensionMessageService when a source renderer closed. (Issue: 27554)
  • [r31840] Fix a crash in BrowserActionButton::OnImageLoaded. (Issue: 27167)
  • [r31826] Fix a crash in ExtensionsService::ReloadExtension (Issue: 27199)

New in version 4.0.245.0 (November 13th, 2009)

  • [r31412] Kiosk Mode implementation. (Issue: 23145 – doesn't work on OS X yet)
  • [r31428], [r31429], [r31432], [r31462] Download shelf polish.
  • [r31156] Download shelf animates out (Issue: 25602)
  • [r31200] Bookmark All Tabs... works (Issue: 25099)
  • [r31227] Engooden SSL code – saving on google docs should no longer hang forever (Issue: 21268)
  • [r31369, r31197] More keyboard handling fixes (Issue: 25856, 26115)
  • [r31287] Send keypress() events for more keys – ctrl-1 now works in docs (Issue: 25249)
  • [r31316] New Tab button has "pressed" and "hover" states (Issue: 26205)
  • [r31330] "Paste and Match Style" now has shortcut cmd-opt-shift-v instead of cmd-shift-v (Issue: 25205)
  • [r31297] Mouse tracking now works correctly on full-window plugins (Issue: 25288)
  • [r31561] Transparent plugins now draw correctly (Issue: 25820)
  • [r31585] PDFs downloaded again instead of being opened by the QuickTime plugin (Issue: 26075)
  • Extensions:
  • [r31157] Don't reload extensions management page to refresh after install/uninstall/disable (Issue: 26163)
  • [r31179] User scripts not installed depending on download settings (Issue: 26801)
  • [r31204] Implement alert(), prompt(), and confirm() for extensions (Issue: 12126)
  • [r31285] Installed extensions should not have the 'reload' option (Issue: 26901)
  • [r31335] Make inspector for background page stay open across reloads (Issue: 25287)
  • [r31365] Add an info bubble after extension installation (Issue: 21412)
  • [r31540] Added a confirmation on extension uninstallation. (Issue: 27162)

New in version 4.0.237.0 (November 7th, 2009)

  • Mac:
  • Significant bookmark bar improvements.
  • Extensions:
  • Lots of work to polish and stabilize the browser and page action APIs:
  • [r29556] Add badge text color API. Also change color APIs from ARGB to RGBA (breaking change, sorry!) (Issues: 24635, 24644, 25215)
  • [r29152, r29785] Browser actions (buttons, popups) are now implemented. (Issue: 23882, 23897)
  • [r29997] Add support for tab-specific state to browser actions. Also, fix the bug where only the first call to setIcon() works. (Issues: 24669,24472)
  • [r30346] Constrain browser action popups to a min/max size. Also fix some glitches in popup sizing. (Issue 25214)
  • [r30499] Use a better signature for the new page actions API (chrome.pageAction.* instead of chrome.pageActions.*). This is technically a breaking change, but hopefully not too many people had gotten around to using the new API yet. (Issue 25833)
  • [r29665] Remove toolstrips on linux. They were causing lots of crashes and are going away soon anyway. (Issue 25106)
  • [r29911] Add chrome.extension.sendRequest() -- a simpler way to do content script messaging. (Issue 23865)
  • [r30341] Add new event chrome.tabs.onStatusChange. This makes the common case of wanting to know when tabs load much easier. (Issue 21729)
  • Other miscellaneous cleanup:
  • [r29498] Correctly handle reloading in the task manager (Issue 18693)
  • [r29555] Fix bug where content scripts did not always apply to first page load (Issue 11547)
  • [r29714, r29922, r29935, r30219] Various cleanup for the extension management page (Issues 12119, 25509, 25471)
  • [r30091] Improve install UI on mac (Issue 19654)
  • [r30312] Filter out hidden files when loading and packing extensions (Issue 23004)
  • [r30326] Copy chrome.extension.getTabContentses() to chrome.extension.getExtensionTabs(). Nobody liked the old name. (Issue 21433)
  • [r30384] Use the puzzle piece as the default extension icon. (Issue 25906)
  • [r30481] Hide the theme install bubble a little earlier. It was overlapping with the install dialog on linux. (Issue 26130)

New in version 4.0.229.1 (November 5th, 2009)

  • [r30050] Use new renderer process for cross-site links with rel=noreferrer and target=_blank (Issue: 24447).
  • [r29848] Video/audio tags now support data:// protocol (Issue: 24357).
  • [r29121] Show "Loading" bubble while loading a theme. (Issue: 22219).
  • [r29229, r29270, r29396, r29458, r29660, r29877, r30045, r30209] Various keyboard handling fixes (Issues: 24817, 25000, 24921, 25396, 25330, 25254).
  • [r30032] Do not send some keyboard shortcuts to the renderers; e.g. cmd-w, cmd-t, ctrl-tab (Issues: 24877, 5496, 15090).
  • [r29812] "Copy image" now works (Issue: 13099).
  • [r30016] Cmd-clicking back button now opens history page in new background tab (Issue: 25319).
  • [r30100] If auto-update happens, About box now says "update is available" and "restart needed for latest version" (Issue: 13165).
  • [r30547] Form resubmission warning dialog implemented (Issue: 23526).
  • [r30189, r30190] Use Helvetica rather than Arial for several things (Issue: 21458).

New in version 4.0.223.11 (October 24th, 2009)

  • Fixes a crash when running extensions like the Subscribe in Feed Reader sample.
  • It also fixes a problem in Google Calendar where overlapping calendar items were invisible because they were being displayed with 0 width.
  • This update is being released for Windows, Mac and Linux.

New in version 4.0.223.8 (October 22nd, 2009)

  • All Platforms:
  • CSS rounded corners are now antialiased on Windows and Linux. (They were already on Mac.)
  • Mac:
  • Printing now works. (Issue: 13158)
  • [r28871] Autoupdates no longer cause problems if Chrome is already running. (Issue: 14610)
  • [r29388] Hitting backspace while IME is active does no longer go back in history. (Issue: 25000)
  • [r28837] QuickTime plugin no longer crashes, and often displays properly (though there are still bugs to be ironed out).
  • [r28837] Plugin whitelist has been removed, so that Chrome will attempt to load all NPAPI plugins. Expect more plugin crashes.
  • [r29396] Ctrl-tab switches tabs again. (Issue: 24921)
  • [r29458] Cmd-` switches windows again. (Issue: 24817)
  • Chrome Frame:
  • Fixes persistent IE 8 crashes. (Issue: 22768)
  • Fixed crashes when navigating with Web Inspector open. (Issue: 22993)
  • Fixes spurious errors when re-installing Chrome Frame. (Issue: 23444)
  • Fixes a crash in comctl32.dll, triggered by Google Wave. (Issue: 24115)
  • Fixes empty referrer issue for initial link navigations. (Issue: 22994)
  • Preview support for accessibility via MSAA, including ARIA role and state information. (Issues 23669, others)
  • Improved keyboard and accelerator handling.
  • IE text-size menu items now change text size in Chrome Frame.
  • Navigating to a site marked as restricted is now disabled in Chrome Frame. Chrome frame now updates the zone UI on the task bar.
  • Chrome Frame will now work for all other users on the machine, not just the user who installs it. (Issue: 23989)
  • Fixes for SSL certificate error issue.
  • Disables sending 'chromeframe' in the User-Agent if the Chrome Frame addon is disabled. (Issue: 22760)
  • Disables the 'Chrome has crashed - Restart?' message box.
  • Limited support for JavaScript history object for back/forward from content.
  • Extensions:
  • [r29068] *Breaking Change* Finalize browser actions API (Issue: 23879)
  • [r29284] *Breaking Change* Only one browser action or one page actions is now allowed per-extension. We are experimenting with the idea of a direct correspondence between extensions and visible UI features. We think this may improve managability. (Issue: 24473)
  • [r29335] Update page actions API to improve usability. Old API still supported. (Issue: 24635)
  • [r29495] Browser actions and page actions: Add chrome.browserAction.setIcon({path:...}). No longer need to prespecify images in manifest. (Issue: 22575)
  • [r29297] Add an options_page to the manifest. (Issue: 23801)
  • [r29365] You can now use (slightly) bigger icons in browser actions and page actions. Up to 19px square are now allowed (up from 16px). (Issue: 24881)
  • [r29046] Fix extension canceling. (Issue: 23405)
  • [r29143] Browser action button disappears when loading a new extension. (Issue: 23593)

New in version 4.0.222.5 (October 16th, 2009)

  • [r28121] Fix bookmark bar resize issues. (Issue: 23949)
  • [r28145] Support OS X's url handlers. (Issue: 15546)
  • [r28260, r28600] Make content area a drop target for dragging images, etc. (Issues: 23517, 19529)
  • [r28453] Enable "Edit Search Engines" in Omnibox context menu. (Issues: 22512, 22648)
  • [r28505, r28528] Make cmd-left/right and backspace/shift-backspace navigate history if the focus is not in a text box. (Issue: 12557)
  • [r28613] Fix a ton of theming bugs. (Issues: 22213, 20295, 18547, 19851, 23651, 24338, 18438)
  • [r28749] Status bubble now fades in and out after a delay. (Issue: 24495)
  • [ r28709 ] Key equivalents sent to renderer: Cmd-s etc. should now work on e.g. google docs. (Issue: 15090)
  • [ r28813 ] Chrome's and Safari's ideas of "default browser" now agree. (Issue: 24401)

New in version 4.0.221.8 (October 8th, 2009)

  • All:
  • Theme change should automatically update New Tab Page background again. [r27841] (Issue: 20392)
  • Mac:
  • No longer crash when selecting closed window from Dock menu. [r27769] (Issue: 14003)
  • Fix several issues with dragging tabs and quickly letting go. [r27861] (Issues: 22266, 13594, 22538)
  • Fixes for full screen plugins: keystrokes are now sent to full screen plugins and the Menu Bar is properly hidden. [r27755] (Issues: 19534, 21020)
  • Known Issues:
  • Mac: Bookmark bar looks weird, and hurts you when you resize the window (hit cmd-shift-b twice after window resizing as workaround).

New in version 4.0.220.1 (October 3rd, 2009)

  • All Platforms:
  • [r27300] Remove "Remove Item" from download item context menu. (Issue: 23078)
  • [r26976] Omnibox now understands Zeroconf .local hosts. (Issue: 19957)
  • Mac:
  • [r27015] cmd-f, cmd-g, cmd-e now use the system-wide find pasteboard. (Issue: 14562)
  • [r27464] cmd-up/cmd-down now work correctly. (Issue: 22585)
  • [r27378] Sheets should be positioned between the content and everything above it, no matter if they are window- or tab-modal. (Issue: 17615)
  • [r27185] Download item name no longer displayed in white in Incognito window. (Issue: 22664)
  • [r27405] about:ipc page enabled. (Issue: 22664)
  • [r27064] Omnibox now draws red bar over "https" for bad site certificates. (Issue: 22558)
  • [r27127] Typing option-return in the Omnibox now opens a new foreground tab. (Issue 22822)
  • Extensions:
  • [r27599] Extensions menu item now in 'wrench' menu. (Issue 22883)
  • [r27319] Introduce Browser Actions. (Issue 22099 and others) (still a work in progress)
  • [r27163] Implemented extension packing on Linux.
  • [r27290] Toolstrip dragging now restricted to extension shelf.
  • [r27262] Themes and extensions now install if you have "ask for destination" option set in download options.
  • [r27376] Content scripts can now see their own functions in setTimeout.
  • [r27440] Fix crash when using non-extension iframe.
  • [r27393] Some initial i18n API (still a work in progress). (Issue: 12131)

New in version 4.0.212.1 (September 29th, 2009)

  • All Platforms:
  • [r26815] New-FTP: Requires re-authentication when navigating around. (Issue: 21184)
  • [r26860] [DEPS] Move FTP LIST parsing code to the renderer process, limiting potential damage from security issues.
  • Mac:
  • Extension shelf (that weird gray box at the bottom) is only displayed if you have extensions installed.
  • [r26495] Add Command-0..8 shortcuts to "select Nth tab" and Command-9 to "select last tab".
  • [r26694] Basic emacs key bindings in text fields should work. (e.g., ctrl-e, ctrl-a, ctrl-d) (Issue: 12538)
  • [r26603] Paste-and-Go for Mac omnibox, cleaned up omnibox context menu. (Issues: 13021, 10937)
  • [r26471] Form controls now draw correctly in 10.6. (Issue: 19604)
  • [r26646] Search Engine Manager UI improved.
  • [r26567] Find bar now animates open and close.
  • [r26527] Pressing Up/Down arrows in find bar now scrolls page.
  • [r26853] Empty bookmark bar should show IDS_BOOKMARKS_NO_ITEMS. (Issue: 17360)
  • [r26792] Add favicons to items in folders on the bookmark bar. (Issue: 22601)
  • Extensions:
  • [r26526] Fix crashy toolstrips. (Issues: 22070, 22135)
  • [r26532] Audio and video tag doesn't work for extension resources. (Issue 22152)
  • [r26685] Fix an issue where we do not initiate the extension install UI with certain combinations of HTTP headers.
  • [r26556] Introduce chrome.tabs.executeScriptInTab() and chrome.tabs.insertCSSInTab(). (Issue: 12465)
  • [r26706] Hide the mole handle by default. (Issue: 15494)
  • [r26658] Remove the right-click devtools behavior. (Issue: 20634)
  • [r26654] Add CSS classes to the document when switching between toolstrip and mole mode.
  • --show-extensions-on-top works pretty well now (on windows). Try it out!
  • Sync:
  • Sync library now built entirely from trunk.

New in version 4.0.207.0 (September 11th, 2009)

  • Reflective XSS filter for better security against a common attack. See the mailing list post for more information.
  • Fixed extraneous horizontal scrollbars in Gmail (Issue: 7976)
  • [r25560], [r25475], [r25478] Tweaks to the Omnibox look.
  • [r25182] Fix zoom (green maximize) button. (Issue: 17472)
  • [r25380] Adjust color spaces so that Mac Chrome renders colors properly. (Issues: 20552, 19951)
  • [r25167] Don't show favicons or throbbers for the New Tab page on the Mac. (Issues: 13337, 20378)
  • Uploading images with "Hide extension" set does now work. (Issue: 20857)
  • Extensions:
  • [r25293] Added an auto-update now button to chrome://extensions page. (Issue: 17853)
  • [r25253] Fix crash on Mac when pressing "load unpacked extension" in chrome://extensions page. (Issue: 20860)

New in version 4.0.206.1 (September 5th, 2009)

  • [r24663] Closing the download shelf removes all completed and cancelled downloads from it. (Issue: 15712)
  • [r24331] Fixes various audio/video events which were not firing. (Issues: 20152, 16768)
  • [r24519] Saved passwords for proxy servers are now correctly labeled. (Issue: 12992)
  • [r24384] Add single line of tips to New New Tab Page. (Issue: 19162)
  • [r24241] HTTP Auth dialog autofills passwords.
  • New Tab Page displays much faster. (Issue 13337)
  • [r23722, r23955] Improved scrolling and display performance, particularly on machines without powerful graphics hardware (such as laptops)
  • [r24621] Plugins starting offscreen will draw correctly when they scroll into view (Issue 20234)
  • Extensions:
  • Two breaking changes (see mailing list post for more information):
  • [r24816] Enforce granular permissions
  • [r24770] Modified several APIs to be more consistent
  • [r24539] Polish the look of Linux extension shelf. (Issue: 16759)
  • [r24599] Polish extension install UI.
  • [r24864] Allow extension toolstrip to detach. (ctrl+alt+b)
  • [r24871, r24877] Polish chrome://extensions/ page. Add convenience developer tools to load an extension and pack an extension.

New in version 4.0.203.4 (September 1st, 2009)

  • [r23636, r23693] Add modifier key support (e.g. cmd-clicking, shift-clicking) throughout the Mac UI. (Issues: 17301, 17912)
  • [r23667] Sometimes cmd-w wouldn't close the last tab in a window. (Issue: 19447)
  • [r23702] Korean IME didn't work in the Omnibox. (Issue: 19421)
  • [r23715, r23733, r23740, r23821, r24213] Improve appearance of various UI components. (Issue: 14898, 18902, 19115, 19943)
  • [r23741, r24006] Favicon lost in various circumstances. (Issue: 18352, 18359)
  • [r23886] Add bubble when user clicks the star button. (Issue: 14929)
  • [r23964] Implement tab-to-search. (Issues: 10943, 10944, 12285)
  • [r23975, r24209, r24234] Crash fixes. (Issue: 19837, 19958, 19728)
  • [r24030] Text could appear garbled on 10.6. (Issue: 11269)

New in version 4.0.202.0 (August 20th, 2009)

  • Bugs 16020, 16768, 17415, 17970, 17973, 18208, 18362, 18433, 18677, 18726, 18846, 19521: Many fixes for video and audio tags [r23037, r23038, r23067, r23255, r23274, r23455, r23471, r23598]
  • Bugs 18471, 18720, 18722: Make more New Tab Page items themeable [r23081, r23205]
  • Bugs 10706, 18697: Crash fixes [r23190, r23568]
  • Bug 19200: Cannot enter HTTP auth credentials in Omnibox if password has an @ sign [r23403]
  • Bug 9103: Import passwords from Firefox 3.1 and above [r23503]
  • Bug 13065: Change Live Search to Bing (only for U.S. right now) [r23571]
  • Bug 19353: Attempt to reduce memory footprint [r23584]
  • HTTP Auth dialog added.
  • Chrome binary smaller, starts up faster.

New in version 3.0.198.1 (August 13th, 2009)

  • Both:
  • (Bug 18427) Make New Tab Page load faster with custom themes [r22462].
  • (Bug 18160) Ensure downloads really stop when a user cancels [r22557].
  • (Bug 13649, Bug 18456) Don't show themes in chrome://extensions/, since that page doesn't work well with them [r22578].
  • (Bug 18480) Theme the New Tab Page in incognito mode too [r22613].
  • (Bug 15247) Add a way to restore blacklisted thumbnails on the New Tab Page [r22704].
  • (Bug 18093) App mode and popup windows should not be themed [r22783].
  • Mac:
  • Flash gets mouse and key events so you can pause/play video.
  • (Bug 13203) Forward/backward buttons now have history dropdown menus.
  • (Bug 18353) Arrow keys work again.

New in version 3.0.197.12 (August 8th, 2009)

  • Mac:
  • Bug 17555: Fix for a particularly common crash on Mac.
  • Bug 11952: Support input method editors (IMEs).
  • Enabled plugin support by default [r22209].
  • Extensions:
  • Bugs 18140 and 18472: Fix for crashes.
  • Added a mole expand/collapse API, callable from a toolstrip [r22382].
  • Fix a bug where content scripts that are supposed to match all pages don't match hosts that are IP addresses [r22260].
  • Delay loading of toolstrips until the background page is ready [r22302].
  • First cut at the final extension installation prompt on Windows [r22368].
  • Experimental support for Databases and DOM Storage when extensions are enabled [r22452 and r22407].
  • Beginnings of extension shelf for linux [r22439].
  • Known issues:
  • (Mac) Flash can use a lot of CPU.
  • (Mac) Bug 18203: Mouse clicks on Flash content often doesn't work. (Try middle-click as a workaround.)
  • (Mac) Bug 18666: Page Up/Down and Cursor Up/Down no longer scroll page content.

New in version 3.0.196.0 (August 6th, 2009)

  • Crash fixes
  • Trackpad scrolling on maps works again.
  • First stab at history menu.
  • Download shelf now has real download items.
  • Lots of polish bugs.
  • Extensions:
  • Introduce moles! These are a new extra area that can pop up above toolstrips.
  • Themes now work with --load-extension.
  • You can now reload extensions from a button on chrome://extensions.
  • Fix bug where bookmarks.getTree() doesn't return any bookmarks.
  • Minimum auto-update frequency from command line is now 30 seconds.
  • (Re-)enable content scripts executing in isolated worlds.