Software Update: Google Chrome 33.0.1750.146

Google has released an update to version 33 of its Chrome web browser. Google Chrome is available in three versions: stable, beta and dev, and this time the stable version has been updated. In version 33 no new features have been added, but the necessary bug fixes and security updates have been made. Version 33 also marks the end of Google Chrome Frame as it has been retired. The release notes for this release can be found below.

Stable Channel Update

The Stable Channel has been updated to 33.0.1750.146 for Windows, Mac, and Linux.

Security Fixes and Rewards

This update includes 19 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.

• [344492] high CVE-2013-6663: Use after free in svg images.
• [326854] high CVE-2013-6664: Use after free in speech recognition.
• [337882] high CVE-2013-6665: Heap buffer overflow in software rendering.
• [332023] Medium CVE-2013-6666: Chrome allows requests in flash header request.

As usual, our ongoing internal security work responsible for a wide range of fixes:

• [348175] CVE-2013-6667: Various fixes from internal audits, fuzzing and other initiatives.
• [343964, 344186, 347909] CVE-2013-6668: Multiple vulnerabilities in V8 fixed in version 3.24.35.10.

Many of the above bugs were detected using AddressSanitizer.

This release fixes a number of crashes and other bugs. A full list of changes is available in the SVN log. If you find a new issue, please let us know by filing a bug.