Google has released version 30 of its Chrome web browser. Google Chrome is available in three different versions: stable, beta and dev, and this time the stable version has been updated. Version 30 has made it easier to search for images, several new extensions and apps have been added and, of course, the necessary stability and performance improvements have been made. The full changelog for this release can be found below.
Stable Channel Release
The Chrome team is excited to announce the promotion of Chrome 30 to the Stable channel for Windows, Mac, Linux and Chrome Frame. Chrome 30.0.1599.66 contains a number of fixes and improvements, including:
- Easier searching by image
- A number of new apps/extension APIs
- Lots of under the hood changes for stability and performance
You can read more about these changes at the Google Chrome Blog.
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.This update includes 50 security fixes. Below, we highlight some fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.
-  Medium CVE-2013-2906: Races in Web Audio.
-  Medium CVE-2013-2907: Out of bounds read in Window.prototype object.
-  Medium CVE-2013-2908: Address bar spoofing related to the “204 No Content” status code.
-  High CVE-2013-2909: Use after free in inline-block rendering. Credit to Atte Kettunen or OUSPG.
-  Medium CVE-2013-2910: Use after free in Web Audio.
-  High CVE-2013-2911: Use after free in XSLT.
-  High CVE-2013-2912: Use after free in PPAPI.
-  High CVE-2013-2913: Use-after-free in XML document parsing.
-  High CVE-2013-2914: Use after free in the Windows color chooser dialog.
-  Low CVE-2013-2915: Address bar spoofing via a malformed scheme.
-  High CVE-2013-2916: Address bar spoofing related to the “204 No Content” status code.
-  Medium CVE-2013-2917: Out of bounds read in Web Audio.
-  High CVE-2013-2918: Use after free in DOM.
-  High CVE-2013-2919: Memory corruption in V8.
-  Medium CVE-2013-2920: Out of bounds read in URL parsing.
-  High CVE-2013-2921: Use after free in resource loader.
-  High CVE-2013-2922: Use-after-free in template element.
As usual, our ongoing internal security work responsible for a wide range of fixes:
-  CVE-2013-2923: Various fixes from internal audits, fuzzing and other initiatives (Chrome 30).
-  Medium CVE-2013-2924: Use after free in ICU. Upstream bug here.
|Operating systems||Windows 7, Linux, Windows XP, macOS, Windows Vista, Windows 8|