[Google Chrome Releases] Beta release: 0.2.149.29
20 views
Skip to first unread message
Mark Larson (Google)
Sep 8, 2008, 4:36:06 PM9/8/08
to chromium...@googlegroups.com
Google Chrome version 0.2.149.29 was released on 5 September 2008, and all users are being automatically updated. Automatic updates are a key security feature in helping to ensure the safety of Google Chrome users.
This is a security and bug fix update, with no new functionality.
Security Updates:
- Fix a buffer overflow vulnerability in handling long filenames that display in the Save As... dialog. This is a critical risk that could lead to execution of arbitrary code.
- Issue: http://code.google.com/p/chromium/issues/detail?id=1414
- Fix: http://src.chromium.org/viewvc/chrome?view=rev&revision=1766
- Fix a buffer overflow vulnerability in handling link targets displayed in the status area when the user hovers over a link. This is a critical risk that could lead to execution of arbitrary code.
- Issue: reported internally to Google
- Fix: http://src.chromium.org/viewvc/chrome?view=rev&revision=1797
- Fix an out-of-bounds memory read when parsing URLs ending with :%. This is a low risk that can be used to crash the entire browser, possibly causing loss of data in the current session.
- Issue: http://code.google.com/p/chromium/issues/detail?id=122
- Fix: http://src.chromium.org/viewvc/chrome?view=rev&revision=1760
- Change the default Downloads directory if it is set to Desktop, and ensure that Desktop cannot be the default. This mitigates the risk of malicious cluttering of the desktop with unwanted downloads, which can lead to executing unwanted files.
Other changes:
- Fix a couple of data transfer issues with the Safe Browsing service causing unnecessary traffic.
- Fix a JavaScript bug that affected facebook.com. The fix properly handles negative indicies when using for...in.
- Fix search suggestions not working properly for http://search.daum.net/, http://search.empas.com/, http://meta.ua/, http://search.naver.com/, and http://search.yahoo.com/ on several non-United States sites.
--
Posted By Mark Larson (Google) to Google Chrome Releases at 9/08/2008 01:33:00 PM
Mark Larson (Google)
Sep 8, 2008, 4:52:00 PM9/8/08
to Chromium-Announce
Pardon the text here... a formatting problem from a blog post. I'll
have an update shortly.
On Sep 8, 1:36 pm, "Mark Larson (Google)" <m...@chromium.org> wrote:
> Google Chrome version 0.2.149.29 was released on 5 September 2008, and
> all users are being automatically updated. Automatic updates are a key
> security feature in helping to ensure the safety of Google Chrome
> users.This is a security and bug fix update, with no new
> functionality.Security Updates:Fix a buffer overflow vulnerability in
have an update shortly.
On Sep 8, 1:36 pm, "Mark Larson (Google)" <m...@chromium.org> wrote:
> Google Chrome version 0.2.149.29 was released on 5 September 2008, and
> all users are being automatically updated. Automatic updates are a key
> security feature in helping to ensure the safety of Google Chrome
> functionality.Security Updates:Fix a buffer overflow vulnerability in
> handling long filenames that display in the Save As... dialog. This is
> a critical risk that could lead to execution of arbitrary code. Issue:http://code.google.com/p/chromium/issues/detail?id=1414Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1766Fixa
> buffer overflow vulnerability in handling link targets displayed in the
> status area when the user hovers over a link. This is a critical risk
> that could lead to execution of arbitrary code.Issue: reported
> internally to GoogleFix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1797Fixan
> out-of-bounds memory read when parsing URLs ending with :%. This is a
> low risk that can be used to crash the entire browser, possibly causing
> loss of data in the current session.Issue:http://code.google.com/p/chromium/issues/detail?id=122Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1760Changethe
> default Downloads directory if it is set to Desktop, and ensure that
> Desktop cannot be the default. This mitigates the risk of malicious
> cluttering of the desktop with unwanted downloads, which can lead to
> executing unwanted files. Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1793Other
> changes:Fix a couple of data transfer issues with the Safe Browsing
> service causing unnecessary traffic.Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1762Fixa
> JavaScript bug that affected facebook.com. The fix properly handles
> negative indicies when using for...in.Issue:http://code.google.com/p/chromium/issues/detail?id=131Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1763Fixsearch
> suggestions not working properly forhttp://search.daum.net/,http://search.empas.com/,http://meta.ua/,http://search.naver.com/,
> andhttp://search.yahoo.com/on several non-United States sites. Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1759
> a critical risk that could lead to execution of arbitrary code. Issue:http://code.google.com/p/chromium/issues/detail?id=1414Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1766Fixa
> buffer overflow vulnerability in handling link targets displayed in the
> status area when the user hovers over a link. This is a critical risk
> that could lead to execution of arbitrary code.Issue: reported
> internally to GoogleFix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1797Fixan
> out-of-bounds memory read when parsing URLs ending with :%. This is a
> low risk that can be used to crash the entire browser, possibly causing
> loss of data in the current session.Issue:http://code.google.com/p/chromium/issues/detail?id=122Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1760Changethe
> default Downloads directory if it is set to Desktop, and ensure that
> Desktop cannot be the default. This mitigates the risk of malicious
> cluttering of the desktop with unwanted downloads, which can lead to
> executing unwanted files. Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1793Other
> changes:Fix a couple of data transfer issues with the Safe Browsing
> service causing unnecessary traffic.Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1762Fixa
> JavaScript bug that affected facebook.com. The fix properly handles
> negative indicies when using for...in.Issue:http://code.google.com/p/chromium/issues/detail?id=131Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1763Fixsearch
> suggestions not working properly forhttp://search.daum.net/,http://search.empas.com/,http://meta.ua/,http://search.naver.com/,
Mark Larson (Google)
Sep 8, 2008, 5:05:50 PM9/8/08
to Chromium-Announce
The blog is live here: http://googlechromereleases.blogspot.com/
Aesthetic improvements to come later.
--Mark Larson, Google Chrome Program Manager
On Sep 8, 1:52 pm, "Mark Larson (Google)" <m...@chromium.org> wrote:
> Pardon the text here... a formatting problem from a blog post. I'll
> have an update shortly.
>
> On Sep 8, 1:36 pm, "Mark Larson (Google)" <m...@chromium.org> wrote:
>
> > Google Chrome version 0.2.149.29 was released on 5 September 2008, and
> > all users are being automatically updated. Automatic updates are a key
> > security feature in helping to ensure the safety of Google Chrome
> > users.This is a security and bug fix update, with no new
> > functionality.Security Updates:Fix a buffer overflow vulnerability in
> > handling long filenames that display in the Save As... dialog. This is
> > a critical risk that could lead to execution of arbitrary code. Issue:http://code.google.com/p/chromium/issues/detail?id=1414Fix:http://src...
> > suggestions not working properly forhttp://search.daum.net/,http://search.empas.com/,http://meta.ua/,http...,
> > andhttp://search.yahoo.com/onseveral non-United States sites. Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1759
Aesthetic improvements to come later.
--Mark Larson, Google Chrome Program Manager
On Sep 8, 1:52 pm, "Mark Larson (Google)" <m...@chromium.org> wrote:
> Pardon the text here... a formatting problem from a blog post. I'll
> have an update shortly.
>
> On Sep 8, 1:36 pm, "Mark Larson (Google)" <m...@chromium.org> wrote:
>
> > Google Chrome version 0.2.149.29 was released on 5 September 2008, and
> > all users are being automatically updated. Automatic updates are a key
> > security feature in helping to ensure the safety of Google Chrome
> > users.This is a security and bug fix update, with no new
> > functionality.Security Updates:Fix a buffer overflow vulnerability in
> > handling long filenames that display in the Save As... dialog. This is
> > buffer overflow vulnerability in handling link targets displayed in the
> > status area when the user hovers over a link. This is a critical risk
> > that could lead to execution of arbitrary code.Issue: reported
> > internally to GoogleFix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1797Fixan
> > out-of-bounds memory read when parsing URLs ending with :%. This is a
> > low risk that can be used to crash the entire browser, possibly causing
> > loss of data in the current session.Issue:http://code.google.com/p/chromium/issues/detail?id=122Fix:http://src....
> > status area when the user hovers over a link. This is a critical risk
> > that could lead to execution of arbitrary code.Issue: reported
> > internally to GoogleFix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1797Fixan
> > out-of-bounds memory read when parsing URLs ending with :%. This is a
> > low risk that can be used to crash the entire browser, possibly causing
> > default Downloads directory if it is set to Desktop, and ensure that
> > Desktop cannot be the default. This mitigates the risk of malicious
> > cluttering of the desktop with unwanted downloads, which can lead to
> > executing unwanted files. Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1793Other
> > changes:Fix a couple of data transfer issues with the Safe Browsing
> > service causing unnecessary traffic.Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1762Fixa
> > JavaScript bug that affected facebook.com. The fix properly handles
> > negative indicies when using for...in.Issue:http://code.google.com/p/chromium/issues/detail?id=131Fix:http://src....
> > Desktop cannot be the default. This mitigates the risk of malicious
> > cluttering of the desktop with unwanted downloads, which can lead to
> > executing unwanted files. Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1793Other
> > changes:Fix a couple of data transfer issues with the Safe Browsing
> > service causing unnecessary traffic.Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1762Fixa
> > JavaScript bug that affected facebook.com. The fix properly handles
> > suggestions not working properly forhttp://search.daum.net/,http://search.empas.com/,http://meta.ua/,http...,
> > andhttp://search.yahoo.com/onseveral non-United States sites. Fix:http://src.chromium.org/viewvc/chrome?view=rev&revision=1759
Reply all
Reply to author
Forward
0 new messages