Chrome Releases: Stable Channel Release

Tuesday, May 21, 2013

Stable Channel Release

The Chrome team is excited to announce the promotion of Chrome 27 to the Stable Channel. Chrome 27.0.1453.93 for Windows, Mac, Linux, and Chrome Frame contains number of new items including:

Web pages load 5% faster on average
chrome.syncFileSystem API
Improved ranking of predictions, improved spell correction, and numerous fundamental improvements for Omnibox predictions. Please see the Help Center for more information on our updated policies.

Security fixes and rewards:

Please see the Chromium security page for more information. (Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.)

This automatic update includes security fixes. We’d like to highlight the following fixes for various reasons (crediting external researchers, issuing rewards, or highlighting particularly interesting issues):

[$1000] [235638] High CVE-2013-2837: Use-after-free in SVG. Credit to Sławomir Błażek.

[$500] [235311] Medium CVE-2013-2838: Out-of-bounds read in v8. Credit to Christian Holler.

[$1500] [230176] High CVE-2013-2839: Bad cast in clipboard handling. Credit to Jon of MWR InfoSecurity.

[$1000] [230117] High CVE-2013-2840: Use-after-free in media loader. Credit to Nils of MWR InfoSecurity.

[$1000] [227350] High CVE-2013-2841: Use-after-free in Pepper resource handling. Credit to Chamal de Silva.

[$2000] [226696] High CVE-2013-2842: Use-after-free in widget handling. Credit to Cyril Cattiaux.

[$1000] [222000] High CVE-2013-2843: Use-after-free in speech handling. Credit to Khalil Zhani.

[$1000] [196393] High CVE-2013-2844: Use-after-free in style resolution. Credit to Sachin Shinde (@cons0ul).

[$3133.7] [188092] [179522] [222136] [188092] High CVE-2013-2845: Memory safety issues in Web Audio. Credit to Atte Kettunen of OUSPG.

[$1000] [177620] High CVE-2013-2846: Use-after-free in media loader. Credit to Chamal de Silva.

[$1000] [176692] High CVE-2013-2847: Use-after-free race condition with workers. Credit to Collin Payne.

[$500] [176137] Medium CVE-2013-2848: Possible data extraction with XSS Auditor. Credit to Egor Homakov.

[171392] Low CVE-2013-2849: Possible XSS with drag+drop or copy+paste. Credit to Mario Heiderich.

In addition, our ongoing internal security work was as usual responsible for a wide range of fixes:

[241595] High CVE-2013-2836: Various fixes from internal audits, fuzzing and other initiatives.

Many of the above bugs were detected using AddressSanitizer.

This build also contains a new Adobe Flash build. You can find more information here.

Full details about what changes are in this build are available in the SVN revision log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Karen Grunberg
Google Chrome

25 comments:

madhunt3r said...: Still on OS X 10.8.3 is laggy scrolling during page is loading.

Please fix this issue.; 9:59 AM, May 21, 2013
Sérgio Meneses said...: finaly :); 9:59 AM, May 21, 2013
brian said...: Why do I still get error 12 on my Mac when trying to update via Chrome? I've had this error for at least 4 years. I thought it was being addressed???; 10:05 AM, May 21, 2013
genius said...: great update. Thanks.; 10:10 AM, May 21, 2013
Rafael Hilário said...: Even with a lag of a few pages boring pages crash during loading and after loading.; 10:57 AM, May 21, 2013
Chris said...: I have noticed that contrary to the previous version's warning - this version runs in Debian Squeeze. When will support for these distros really be dropped?; 1:01 PM, May 21, 2013
Dave said...: I see that Chrome is back to warning that this will be the last update for RHEL6 users.

Disappointing if this is true - there are quite a few people who rely on enterprise distros for desktops. I'm sure Google has the analytics data...; 2:02 PM, May 21, 2013
teswiki said...: Back when I was adding a new bookmark, pressing Tab the focus get in the folder, then press the first letter of folder name and it was selected. Then only press Enter and new bookmark created.

Now I add new bookmark, press tab, press the first letter and the letter is written in Name field. Can not do the "quick selection" folder "action".; 5:11 PM, May 21, 2013
Felix Itzenplitz said...: This comment has been removed by the author.; 11:48 PM, May 21, 2013
Steve said...: error 12, bollocks; 2:19 AM, May 22, 2013
andrey said...: I just updated today to the stable ver.27 and now Chrome crashes up to 2 min after I open it even without loading a page. Windows Vista 32bit. Removed all extensions just in case - still doing it.
I can't even submit the bug from Chrome.
I am with it since the first version - never happened before.; 5:26 AM, May 22, 2013
GREG BATMARX said...: Nice release on my kubuntu 13.04!
Yet, when I try to do the conversational search it says no internet connection! Please fix this!; 10:47 AM, May 22, 2013
Cursor said...: Unable to visit the bug report link, I get a 'website is temporarily unavailable'.

On Ubuntu 13.04 with Cinnamon 1.8 desktop, when playing video on an HDMI screen, the audio cracks. Issue was not replicated with the previous version of Chrome (26), nor the current version of Chromium or Firefox. Please look into it. I have default Ubuntu drivers for ATI Radeon HD 5000 series.; 12:38 AM, May 23, 2013
Lacky said...: Update from Version 26 to 27 is not working via Scheduled Tasks. Only if i install manually or via Services. How can this be?; 2:18 AM, May 23, 2013
Seahfhchhg said...: error 12...; 6:30 AM, May 23, 2013
Solerman Kaplon said...: @felix kill and restart the pulseaudio process when that happens; 10:52 AM, May 23, 2013
FreeMan said...: just crash just reopen... it's very bad version to me after long love story with chrome.; 3:30 PM, May 23, 2013
anonymous said...: This is clearly the worse version ever released! Cannot launch Chrome anymore since the update, tried everything, cannot uninstall Chrome either (error) so I'm just stuck!

Now I'm on another computer and I'm preventing the update by not restarting Chrome, but whenever I turn it off or restart my computer it will switch to Chrome 27 and block everything on this computer as well!

How can we disable automatic update or uninstall Chrome 27 and install Chrome 26 back on?

Please help; 11:00 AM, May 24, 2013
Kate Hepberger said...: Hi, we are having problems with posting webforms since this update. Anybody else got these problems?; 1:18 AM, May 28, 2013
M.K. Means said...: I have been having trouble, too, since this update. I play games on Pogo and the pages won't load and the Chrome freezes. Very frustrating. I too, would like to go back to version 26, because obviously 27 has many bugs!!!!; 7:40 AM, May 28, 2013
Julian Haupt said...: Our (HTML5 based) IDE for SpellJS is completely broken in Chrome 27 (it was running fine in Chrome 26).

We're experiencing "black box" artefacts which are never redrawn after opening a context menu

See:

https://dl.dropboxusercontent.com/u/47203203/Screenshot%20from%202013-05-28%20182750.png

Is this a known problem or should we file a bug for this?; 9:32 AM, May 28, 2013
Danny Cohn said...: Seeing same black box artifacts with ExtJS context menus; 11:49 AM, May 28, 2013
Rohan said...: i was streaming swf files...with the chrome 27 update....some of the swf loads some doesnt...sometimes none of the swf loads....; 9:34 AM, May 30, 2013
Escort said...: Really a good blog I like these types of blogs. London Escort Busty London escort 24/7 with beautiful london escorts at PalaceVIP. We are the leading escorts London agency, providing world class booking services. Call:0750 8580 736.; 4:22 AM, May 31, 2013
Soloyman Sojib said...: this site i like i already visit i come back again; 5:30 AM, June 01, 2013