Thursday, March 18, 2010

Google Chrome 4.1.249.1036

(2010.03.17)

The stable channel has been updated to 4.1.249.1036 for Windows, and includes the following features and security fixes (since 4.0):

* Translate infobar.
* Privacy features: content settings (cookies, images, JavaScript, plug-ins, pop-ups).
* Disabling experimental new anti-reflected-XSS feature called "XSS Auditor". The feature is still experimental, and we're disabling it while we look into some serious performance issues in rare cases. Please see this post for more details about what the XSS Auditor is.

Please see this feature announcment post for more info about translate and privacy.

Security Fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

Congratulations to Sergey Glazunov on receiving the first $1337 Chromium Security Reward for bug 35724.

* [28804] [31880] High Race conditions and pointer errors in the sandbox infrastructure. Credit to Mark Dowd, under contract to Google Chrome Security Team.
* [30801] [33445] Low Delete persisted metadata such as Web Databases and STS. Credit to Google Chrome Security Team (Chris Evans) and RSnake of ha.ckers.org.
* [33572] Medium HTTP headers processed before SafeBrowsing check. Credit to Mike Dougherty of dotSyntax, LLC.
* [$500] [34978] High Memory error with malformed SVG. Credit to wushi of team509.
* [$1337] [35724] High Integer overflows in WebKit JavaScript objects. Credit to Sergey Glazunov.
* [36772] Medium HTTP basic auth dialog URL truncation.Credit to Google Chrome Security Team (Inferno).
* [37007] Medium Bypass of download warning dialog. Credit to kuzzcc.
* [$1000] [37383] High Cross-origin bypass. Credit to kuzzcc.
* [$500] [Affected BETA only] [37061] High Memory error with empty SVG element. Credit to Aki Helin of OUSPG.

List of all changes: http://build.chromium.org/buildbot/perf/dashboard/ui/changelog.html?url=/branches/249/src&range=38071:41527&mode=html

-DOWNLOAD-
Google Chrome 4.1.249.1036

No comments:

Post a Comment

Related Posts with Thumbnails