The Stable channel has been updated to 21.0.1180.89 for Linux, Mac,
Windows and Chrome Frame
This build fixes the following issues:
- Several Pepper Flash fixes (Issue 140577, 144107, 140498, 142479).
- Microphone issues with tinychat.com (Issue: 143192)
- devtools regression with "save as" of edited source (issue: 141180)
- mini ninjas shaders fails (Issue: 142705)
- page randomly turns red/green gradient boxes (Issue: 110343)
Security fixes and rewards:
- [$500] [121347] Medium CVE-2012-2865: Out-of-bounds read in line breaking. Credit to miaubiz.
- [$1000] [134897] High CVE-2012-2866: Bad cast with run-ins. Credit to miaubiz.
- [135485] Low CVE-2012-2867: Browser crash with SPDY.
- [$500] [136881] Medium CVE-2012-2868: Race condition with workers and XHR. Credit to miaubiz.
- [137778] High CVE-2012-2869: Avoid stale buffer in URL loading. Credit to Fermin Serna of the Google Security Team.
- [138672] [140368] Low CVE-2012-2870: Lower severity memory management issues in XPath. Credit to Nicolas Gregoire.
- [$1000] [138673] High CVE-2012-2871: Bad cast in XSL transforms. Credit to Nicolas Gregoire.
- [$500] [142956] Medium CVE-2012-2872: XSS in SSL interstitial. Credit to Emmanuel Bronshtein.
Many of the above bugs were detected using AddressSanitizer.
projects / packages / chromium-browser.git / commit