What’s new in Google Chrome 4.0.266.0 Dev:
· Initial implementation of the HTML5 sandbox attribute for iframes [WebKit@51577]
· [r33376] Copying an image from a web page and pasting into Gmail now works (Issue: 27708)
· Spellchecker moved to renderer. (Issue: 25677)
· [r33803] Fixed download dialog truncation in German locale. (Issue: 23178)
· [r33855] Fixed options panel truncation in various locales. (Issue: 24821)
· [r33793] Implement keyboard access between bookmarks and main toolbar. (issue 3510 issue 8329 issue 10942 issue 15228 issue 21211).
What’s new in Google Chrome 4.0.249.30 Beta:
· In addition to introducing our first Beta versions on Mac and Linux, this update introduces Google Chrome extensions on Windows and Linux. This release is the same as 4.0.249.25 with a fix to make the HTML video tag work.
What’s new in Google Chrome 4.0.249.25 Dev:
· All
· [r33602] Delete old version directories of installed extensions during garbage collection. (Issue: 28884)
· Win
· Fixes for two top crashes. (Issues: 28994 and 27068)
What’s new in Google Chrome 4.0.249.22 Dev:
· All
· [r33013] Disable –enable-user-scripts. (Issue: 27520)
· NOTE: You can now install user scripts by navigating to them. You will have to reinstall your current scripts (they aren’t migrated).
· [r33086] Remove toolstrips API. (Issue: 24475)
· [r32875] Turn on HTML5 DBs by default.
· Known Issue
· [MAC] (Issue: 29121) If a user clicks “Set Up Automatic Updates for All Users” and later clicks “Update Now” from the About Box, an error 12 will be displayed. The product is updated successfully; restarting the browser will apply the update.
What’s new in Google Chrome 4.0.249.11 Dev:
· Windows
· Make the char encoding indicator visible again on Windows (Issue: 26438).
· Extensions
· Extension popups shrink when their contents shrink. (Issue: 26471)
What’s new in Google Chrome 4.0.249.4 Dev:
· All Platforms
· Fixed – Issue 27897: [Extension] Some extensions crash after installing 4.0.249.0
· Fixed – Issue 27900: [Extension] Reload on crash infobar causes more crashes
· Windows
· Fixed top windows crasher.(Issues: 27856, 28096)
· Fixed a crashing race condition in bookmark synchronization. (Issue: 2325)
· Make the character encoding indicator visible again on Windows. (Issue: 26438)
· Extensions
· Tab traversal in popups fixed on Windows, also a few other focus-related bugs. (Issues: 22654, 28086, 28087)
Known Issues:
· Issue 27902: [Extension] Extension link on new tab page doesn’t work properly
What’s new in Google Chrome 4.0.249.0 Dev:
· All Platforms
· [r31779] Introduced Timeline and Storage panels in Chrome’s Developer
· Tools
· Windows
· Covered by All Platforms and Extensions.
· Extensions
· [r32008] Mostly fixes black flashing that happens during popup resize. (Issue: 25459)
· [r31996] Re-enable database storage for extensions. (Issue: 27216)
· [r31844] Fix a crash in ExtensionMessageService when a source renderer closed. (Issue: 27554)
· [r31840] Fix a crash in BrowserActionButton::OnImageLoaded. (Issue: 27167)
· [r31826] Fix a crash in ExtensionsService::ReloadExtension (Issue: 27199)
Known Issues:
· Issue 27897: [Extension] Some extensions crash after installing 4.0.249.0
· Issue 27900: [Extension] Reload on crash infobar causes more crashes
· Issue 27902: [Extension] Extension link on new tab page doesn’t work properly
What’s new in Google Chrome 4.0.245.0 Dev:
· All Platforms
· [r31412] Kiosk Mode implementation. (Issue: 23145– doesn’t work on OS X yet)
· Windows
· Update covered by extensions and all platforms.
· Extensions
· [r31157] Don’t reload extensions management page to refresh after install/uninstall/disable (Issue: 26163)
· [r31179] User scripts not installed depending on download settings (Issue: 26801)
· [r31204] Implement alert(), prompt(), and confirm() for extensions (Issue: 12126)
· [r31285] Installed extensions should not have the ‘reload’ option (Issue: 26901)
· [r31335] Make inspector for background page stay open across reloads (Issue: 25287)
· [r31365] Add an info bubble after extension installation (Issue: 21412)
· [r31540] Added a confirmation on extension uninstallation. (Issue: 27162)
Known Issues:
· Crash when closing a browser window when page action extensions are installed on Linux. (Issue: 25558)
· Crash when clicking on the “Reload” button on the extension crashed info bar (Issue: 27199).
· WebDatabase has been temporarily disabled.
What’s new in Google Chrome 3.0.195.33 Stable:
Security Fix:
· CVE-2009-2816 Custom headers incorrectly sent for CORS OPTIONS request
· A malicious web site operator could set custom HTTP headers on cross-origin OPTIONS requests.
What’s new in Google Chrome 4.0.237.0 Dev:
· The focus on this release has been feature polish, stability improvement, and extensions work.
· Extensions
Lots of work to polish and stabilize the browser and page action APIs:
· [r29556] Add badge text color API. Also change color APIs from ARGB to RGBA (breaking change, sorry!)(Issues: 24635, 24644, 25215)
· [r29152, r29785] Browser actions (buttons, popups) are now implemented. (Issue: 23882, 23897)
· [r29997] Add support for tab-specific state to browser actions. Also, fix the bug where only the first call to setIcon() works. (Issues: 24669,24472)
· [r30346] Constrain browser action popups to a min/max size. Also fix some glitches in popup sizing. (Issue 25214)
· [r30499] Use a better signature for the new page actions API (chrome.pageAction.* instead of chrome.pageActions.*). This is technically a breaking change, but hopefully not too many people had gotten around to using the new API yet. (Issue 25833)
· [r29665] Remove toolstrips on linux. They were causing lots of crashes and are going away soon anyway. (Issue 25106)
· [r29911] Add chrome.extension.sendRequest() — a simpler way to do content script messaging. (Issue 23865)
· [r30341] Add new event chrome.tabs.onStatusChange. This makes the common case of wanting to know when tabs load much easier. (Issue 21729)
Other miscellaneous cleanup:
· [r29498] Correctly handle reloading in the task manager (Issue 18693)
· [r29555] Fix bug where content scripts did not always apply to first page load (Issue 11547)
· [r29714, r29922, r29935, r30219] Various cleanup for the extension management page (Issues 12119, 25509, 25471)
· [r30091] Improve install UI on mac (Issue 19654)
· [r30312] Filter out hidden files when loading and packing extensions (Issue 23004)
· [r30326] Copy chrome.extension.getTabContentses() to chrome.extension.getExtensionTabs(). Nobody liked the old name. (Issue 21433)
· [r30384] Use the puzzle piece as the default extension icon. (Issue 25906)
· [r30481] Hide the theme install bubble a little earlier. It was overlapping with the install dialog on linux. (Issue 26130)
Known Issues:
· [r26861] – Autocomplete/ select box values are not being correctly populated in Linux. As a work around you can use the up/down arrow keys to view the current selection.
· [r26600] – Task bar icon in Windows does not update/ display correctly.
What’s new in Google Chrome 3.0.195.32 Stable:
The stable channel has been updated to 3.0.195.32, and includes the following security and stability fixes:
· Resolved a history issue that affected going back from queries in Google Maps. (Issue: 21353)
· Fixed issue with Adobe Acrobat Reader 9.2, where no content would be displayed. (Issue: 24883)
· Fixed an infinite loop in acc decoding. (Webkit Issue: 27239)
· Fixed a top crasher. (Issue: 22205)
· Fix issues where setInterval sometimes eating 100% CPU. (Issue: 25892)
Security Fixes:
· CVE-2009-XXXX User not warned for some file types that can execute JavaScript
· The user was not warned about certain possibly dangerous file types such as SVG, MHT and XML files. In some browsers, JavaScript can execute within these types of files. Because the JavaScript runs in the local context, it may be able to access local resources.
· More info: http://code.google.com/p/chromium/issues/detail?id=23979
· (This issue will be made public once a majority of users are up to date with the fix.)
· Severity: Medium
· Credit: Inferno of SecureThoughts.com
Mitigations:
· A victim would need to visit a page under an attacker’s control.
· The victim would furthermore need to open a malicious file.
· CVE-2009-XXXX Possible memory corruption in the Gears plugin
· A malicious site could use the Gears SQL API to put SQL metadata into a bad state, which could cause a subsequent memory corruption. This may lead to a Gears plugin crash or possibly arbitrary code execution.
· More info: http://code.google.com/p/chromium/issues/detail?id=26179
· (This issue will be made public once a majority of users are up to date with the fix.)
· Severity: High
· Credit: This issue was found by the Google Chrome security team.
Mitigations:
· A victim would need to visit a page under an attacker’s control.
· The victim would furthermore need to “click-through” the Gears dialog confirming that they trust the attacker’s evil page.
What’s new in Google Chrome 4.0.223.16 Beta:
· The Beta Channel is being updated to 4.0.223.16 which is our first Beta release for 4.0. This release includes many bug fixes and for the first time Bookmark Sync is enabled. Extensions are disabled until the final API changes arrive. Please use the dev channel for the latest extension API.
What’s new in Google Chrome 4.0.223.11 Dev:
· This release fixes a crash when running extensions like the Subscribe in Feed Reader sample.
· It also fixes a problem in Google Calendar where overlapping calendar items were invisible because they were being displayed with 0 width.
What’s new in Google Chrome 4.0.222.12 Dev:
· Extensions
· [r28095] Extensions loaded “Load unpacked extension” (and –load-extension) will no longer change id’s when they’re reloaded (Issue: 21281)
· Browser Actions (windows only at the moment)
· [r28130, r28136] Can now set an image dynamically with an ImageData from a canvas. (Issue:23269)
· [r28115] Can close popups using window.close. (Issue: 23832)
· [r28187] Popups now have a bubble border. (Issue: 23833)
· some sample extensions converted to use browser actions. (gmail checker, buildbot, mappy)
· a number of other misc bug fixes.
· [r28135] Extension packing now works on Linux and Mac. (Issue: 20669)
What’s new in Google Chrome 3.0.195.27 Stable:
· Fixed an issue where menu items for certain Indian languages were not properly visible. (Issue: 18042)
· Add support to blacklist the faux http://www.paypal.com certificate. (Issue:24038)
· Added NTLMv2 support on Windows. (Issue: 14206)
· FFmpeg files now properly have NX/DBCompat enabled. (Issue: 23189 – Will be made public once this release is fully deployed)
· V8 crash fix. (Issue: 22913)
What’s new in Google Chrome 4.0.221.6 Dev:
· All
· Theme change should automatically update New Tab Page background again. [r27841] (Issue: 20392)
· Extensions
· More features for browser actions (still in progress, still Windows-only)
· badges [r27951] (Issue: 23268)
· popups [r27889] (Issue: 23596)
· Fix bug on Linux where directory cruft was accidentally created. (Issue: 23327)
· Known Issues
· Linux: Google Chrome fails to collect zombie processes from closed tabs. (Issue: 23778)
· Mac: Bookmark bar looks weird, and hurts you when you resize the window (hit cmd-shift-b twice after window resizing as workaround).
What’s new in Google Chrome 3.0.195.25 Stable:
· The beta and stable channels have been updated to 195.25. This release includes only a single change that adds an image link to the new tab page which directs new users to the themes gallery.
What’s new in Google Chrome 4.0.220.1 Dev:
· All Platforms
· [r27300] Remove “Remove Item” from download item context menu. (Issue: 23078)
· [r26976] Omnibox now understands Zeroconf .local hosts. (Issue: 19957)
· Windows
· [r27445] Native Client is now built into the renderer but disabled by default. For info on how to enable please see this page.
· Extensions
· [r27599] Extensions menu item now in ‘wrench’ menu. (Issue 22883)
· [r27319] Introduce Browser Actions. (Issue 22099 and others) (still a work in progress)
· [r27163] Implemented extension packing on Linux.
· [r27290] Toolstrip dragging now restricted to extension shelf.
· [r27262] Themes and extensions now install if you have “ask for destination” option set in download options.
· [r27376] Content scripts can now see their own functions in setTimeout.
· [r27440] Fix crash when using non-extension iframe.
· [r27393] Some initial i18n API (still a work in progress). (Issue: 12131)
What’s new in Google Chrome 3.0.195.24 Stable:
· CVE-2009-0689 dtoa() error parsing long floating point numbers
· The v8 engine uses a common dtoa() implementation to parse strings into floating point numbers. We have applied a patch to fix a recent bug in this component.
· Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.
· Credit: Original discovery by Maksymilian Arciemowicz of SecurityReason. The Google Chrome security team determined that Chrome was affected.
What’s new in Google Chrome 3.0.195.24 Beta:
· A fix to two significant history related crashing bugs 16591 and 21377.
· A fix where PAC scripts would fail to parse if they ended with a comment and no new line 22864.
· Corrected an issue where tabs would flash,for a split second, if multiple tabs were opened at the same time 20831.
· Fixed an issue which prevented proper logins to CNET 22181.
What’s new in Google Chrome 4.0.213.1 Dev:
· All Platforms
· [r26815] New-FTP: Requires re-authentication when navigating around. (Issue: 21184)
· [r26860] [DEPS] Move FTP LIST parsing code to the renderer process, limiting potential damage from security issues.
· Windows
· Issues with drop down select boxes fixed.
· [r26359] BiDi-language filenames now displayed correctly in download shelf. (Issue: 10860)
· Extensions
· [r26526] Fix crashy toolstrips. (Issues: 22070, 22135)
· [r26532] Audio and video tag doesn’t work for extension resources. (Issue 22152)
· [r26685] Fix an issue where we do not initiate the extension install UI with certain combinations of HTTP headers.
· [r26556] Introduce chrome.tabs.executeScriptInTab() and chrome.tabs.insertCSSInTab(). (Issue: 12465)
· [r26706] Hide the mole handle by default. (Issue: 15494)
· [r26658] Remove the right-click devtools behavior. (Issue: 20634)
· [r26654] Add CSS classes to the document when switching between toolstrip and mole mode.
· –show-extensions-on-top works pretty well now (on windows). Try it out!
· Sync
· Sync library now built entirely from trunk.
What’s new in Google Chrome 4.0.211.7 Dev:
· It contains 2 fixes, the first resolves the issue which prevented large downloads and the second is a stability fix which should resolve a number of crashes
What’s new in Google Chrome 4.0.211.2 Dev:
· All
· Fixed a bug that prevented some Dailymotion videos from playing. [r25220]
· Bug fixes in NewFTP. [r25624][r25729][r25750][r25771]
· Improved New Tab page load performance. [r25232]
· Win
· Ensure that tips change when the Chrome language changes. [r25834]
· Extensions
· Enable/disable extension button on chrome://extensions
· Update extensions now button to force autoupdate check on chrome://extensions
· chrome.window and chrome.tab APIs can now reference relative URLs inside an extension
What’s new in Google Chrome 3.0.195.21 Final:
Security Fixes:
· We would like to extend special thanks to Will Dormann of CERT for working with us to improve the security of the new audio and video codecs in this release.
· CVE-2009-XXXX Content-Type: application/rss+xml being rendered as active content
· Previously, we rendered RSS and Atom feeds as XML. Because most other browsers render these documents with dedicated feed previewers, some web sites do not sanitize their feeds for active content, such as
· JavaScript. In these cases, an attacker might be able to inject JavaScript into a target web site.
What’s new in Google Chrome 3.0.195.21 Beta:
· A fix for issue 3380which caused the browser to lose focus in certain conditions after installing a theme.
· Fix About box truncation in some locales when a new version is available.
What’s new in Google Chrome 3.0.195.20 Beta:
· This release includes better international support and stability/bug fixes for the New Tab page and themes support.
What’s new in Google Chrome 3.0.195.17 Beta:
· More stability/ bug fixes pertaining to the New Tab page, the omnibox, video tag, and themes support.
What’s new in Google Chrome 4.0.206.1 Dev:
· All Platforms
· [r24663] Closing the download shelf removes all completed and cancelled downloads from it. (Issue: 15712)
· [r24331] Fixes various audio/video events which were not firing. (Issues: 20152, 16768)
· [r24519] Saved passwords for proxy servers are now correctly labeled. (Issue: 12992)
· [r24384] Add single line of tips to New New Tab Page. (Issue: 19162)
· Extensions
Two breaking changes (see mailing list post for more information):
· [r24816] Enforce granular permissions
· [r24770] Modified several APIs to be more consistent
· [r24539] Polish the look of Linux extension shelf. (Issue: 16759)
· [r24599] Polish extension install UI.
· [r24864] Allow extension toolstrip to detach. (ctrl+alt+b)
· [r24871, r24877] Polish chrome://extensions/ page. Add convenience developer tools to load an extension and pack an extension.
What’s new in Google Chrome 4.0.203.2 Dev:
· All Platforms
· [r23666, r23790, r23988] Fix some hangs/crashes. (Issue: 16512, 16871, 18217, 18521, 19710, 19860)
· [r23668] Fix hang with video and audio tags. (Issue: 19276)
· [r23670] When SafeBrowsing alerts for a page, don’t allow that page to redirect until after the user has dealt with the alert. (Issue: 6442)
· [r23754, r23937] Prevent time/slider from jumping around during and after seeking in video and audio tag content. (Issue: 19396)
· [r23859] Reduce Omnibox flicker. (Issue: 18369)
· [r23965] Unicode text could sometimes produce garbled Omnibox dropdown entries. (Issue: 5490)
· [r23967] Fix problems with plugin z-order. (Issue: 15840)
· [r24033] Fix a crash on Windows and Linux. (Issue: 17569)
· [r24151] Fix regression (since Chrome 2.0.172.1) where some gzipped files (e.g. script) were not unzipped before evaluation, making them unusable. (Issue: 16430)
· [r24170] Faster startup with custom themes. (Issue: 18768)
· [r24179] Graphical errors with some themes. (Issue: 20139)
· [r24189] Problems with video/audio tag playback and looping at rates other than 1.0. (Issues: 19856, 19105)
· [r24192] Properly align cursors used for middle-mouse-autoscroll with the original click location. (Issue: 6173)
· Windows
· [r23915] During uninstall, if Chrome was the default browser, prompt user to choose a new default. (Issue: 14023)
· [r23849] Fix clicking/noise when playing video/audio tag content with 48 or 96 kHz audio. (Issue: 17940)
· [r24198] Remove “Clear browsing data” and “Import bookmarks & settings” from Tools menu since they are now available in the Options. (Issue: 20137)
What’s new in Google Chrome 2.0.172.43 Stable:
· CVE-2009-2935 Unauthorized memory read from Javascript
· A flaw in the V8 Javascript engine might allow specially-crafted Javascript on a web page to read unauthorized memory, bypassing security checks. It is possible that this could lead to disclosing unauthorized data to an attacker or allow an attacker to run arbitrary code.
· More info: http://code.google.com/p/chromium/issues/detail?id=18639 (This issue will be made public once a majority of users are up to date with the fix.)
· Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.
· Credit: This issue was found by Mozilla Security.
Mitigations:
· A victim would need to visit a page under an attacker’s control.
· Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.
· Security Fix: Treat weak signatures as invalid
· Google Chrome no longer connects to HTTPS (SSL) sites whose certificates are signed using MD2 or MD4 hashing algorithms. These algorithms are considered weak and might allow an attacker to spoof an invalid site as a valid HTTPS site.
· More info: http://code.google.com/p/chromium/issues/detail?id=18725 (This issue will be made public once a majority of users are up to date with the fix.)
· Severity: Medium. Further advances in attacks against weak hashing algorithms may eventually permit attacks to forge certificates.
· Credit: Dan Kaminsky, Director of Penetration Testing, IOActive Inc., Meredith Patterson and Len Sassaman. See their paper at http://www.ioactive.com/pdfs/PKILayerCake.pdf
· CVE-2009-2414 Stack consumption vulnerability in libxml2
· CVE-2009-2416 Multiple use-after-free vulnerabilities in libxml2
· Pages using XML can cause a Google Chrome tab process to crash. A malicious XML payload may be able to trigger a use-after-free condition. Other tabs are unaffected.
· Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.
· Credit: Original discovery by Rauli Kaksonen and Jukka Taimisto from the CROSS project at Codenomicon Ltd. The Google Chrome security team determined that Chrome was affected.
Mitigations:
· A victim would need to visit a page under an attacker’s control.
· Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.
What’s new in Google Chrome 4.0.202.0 Dev:
· All Platforms
· Bugs 16020, 16768, 17415, 17970, 17973, 18208, 18362, 18433, 18677, 18726, 18846, 19521: Many fixes for video and audio tags [r23037, r23038, r23067, r23255, r23274, r23455, r23471, r23598]
· Bugs 18471, 18720, 18722: Make more New Tab Page items themeable [r23081, r23205]
· Bugs 10706, 18697: Crash fixes [r23190, r23568]
· Bug 19200: Cannot enter HTTP auth credentials in Omnibox if password has an @ sign [r23403]
· Bug 9103: Import passwords from Firefox 3.1 and above [r23503]
· Bug 13065: Change Live Search to Bing (only for U.S. right now) [r23571]
· Bug 19353: Attempt to reduce memory footprint [r23584]
· Windows
· Bug 19222: Uninstalling Chrome for one user should not delete default browser entries for another user [r23496]
What’s new in Google Chrome 4.0.201.1 Dev:
· This release contains all the fixes and changes from 3.0.197.11, plus one additional change: we’ve added bookmark synchronization!
· To start using the feature, start Chrome with the “–enable-sync” flag, and go to “Wrench”->”Sync my bookmarks…”
· For more details about bookmark synchronization go to: http://blog.chromium.org/
What’s new in Google Chrome 3.0.197.11 Dev:
· Crash fixes
· Bug 2993: Fix tabs getting “stuck” to your mouse and dragged out when under system load [r22024].
· Bug 60: Make downloads removable from download shelf and download list [r22138].
· Bug 17697: Properly unescape past searches in the Omnibox dropdown [r22167].
· Bug 3641: Setting Chrome as default browser on multiple accounts in Vista should work [r22282].
· Tweaks for new New Tab Page [r22316], [r22320], [r22337], [r22388], [r22428].
· Bug 8037: Use jumplists on Windows 7 [r22375].
· Bug 9985, 18271: Fixes for proxy users [r22430].
· Rich text editors can now remove , and tags [Webkit r46286].
What’s new in Google Chrome 3.0.195.6 Beta:
· fix some theme’s related performance regressions.
What’s new in Google Chrome 3.0.196.2 Dev:
· Cursor no longer flickers over the omnibox and other editable controls.
· Disconnecting a monitor and restarting Google Chrome no longer leaves windows off in space and impossible to access
What’s new in Google Chrome 3.0.196.0 Dev:
· Cursor no longer flickers over the omnibox and other editable controls.
· Disconnecting a monitor and restarting Google Chrome no longer leaves windows off in space and impossible to access.
What’s new in Google Chrome 3.0.195.5 Dev:
· This update contains some additional fixes to themes support, in addition to some crash fixes.
What’s new in Google Chrome 3.0.195.3 Dev:
· Our brand new tab page
· Themes
· The video tag
What’s new in Google Chrome 3.0.193.2 Beta:
· Updated V8 to 1.2.13.2 to improve stability and performance.
· Printing fixes and print selection for Windows.
· Initial support for the video tag.
· Updated look and feel of the url bar (aka the Omnibox).
· Improved our Developer Tools by adding the scripts and profiles tabs, plus support for docking the inspector into the main window.
In addition to some minor UI changes:
· Minor Tweaks renamed as “Personal Stuff” in the Options menu
· Browsing data options added to the Options menu, under Personal Stuff.
· Default download location and font/language settings moved from Minor Tweaks to the Under the hood tab
· Exceptions is a tab in the “Passwords and Exceptions” dialog, rather than a separate button in the Passwords section of the Options menu.
What’s new in Google Chrome 3.0.195.1 Dev:
· Form suggestions now shrink properly as the list of suggestions gets shorter. (Issue: 15334)
· Extensions can now auto-update. (Issue: 12117)
· Set the default minimum font size to 12 for Chinese and 10 for Japanese, Korean, Arabic and Thai. (Issues: 16868, 16875)
· Mac now supports drag and drop of URLs, plain text, and HTML into
· and out of the content area, as well as within text fields and the
· thumbnails on the new tab page. URLs can be dragged to and from other
· apps, the Finder/Desktop, and the Dock.
· (Mac) Fix for download shelf crash when clearing all downloads. (Issues: 15855, 15893)
· (Mac) First cut at infobars. Not pretty, just functional. (Issues: 15839, 14937, 14462, 16487)
· (Mac) Add JavaScript Console menu item to View > Developer submenu. (Issue: 16135)
· (Linux) Allow dragging a link from the web contents to the bookmark bar to get a named bookmark. (Issue: 16791)
· (Linux) Add additional hotkeys (Ctrl-Enter, Shift-F5, Shift+Scroll Wheel). (Issue: 16792)
· (Linux) Dockable developer tools.
What’s new in Google Chrome 2.0.172.37 Stable:
· Fix: Solving captcha images broken at orkut.com. (Issue 15569)
· Make forward/backward navigation work even when redirection is involved. (Issue 9663, issue 10531)
· Fix: Daylight savings time not recognized for some CET locales. (Issue 12579)
· Fix a browser crash on closing a URL request. (Issue 8942)
· Update the V8 Javascript engine to version 1.1.10.14 to fix issues with regular expressions.
· Update Gears to the latest release, 0.5.25.0.
What’s new in Google Chrome 3.0.193.1 Dev:
· Google Chrome 3.0.193.1 has been released to the Dev channel to fix a small set crashes related to: V8, autocomplete, tab dragging, and context menus (bugs 16276, 13500, 16280, 14594).
What’s new in Google Chrome 3.0.193.0 Dev:
· Fixed issue 15199 where new windows are opened off screen, in certain conditions, for dual monitor users.
· Fixed issue 16052 where a tab would close if a new url was navigated to too quickly during a page load.
· Alerts/authentication windows are no longer wrapped by an OS window.
· Windowed plugins like Flash no longer hang after a print dialog is displayed.
· Updated V8 to 1.2.13.2 to fix some crashes
What’s new in Google Chrome 3.0.191.3 Dev:
Highlights in this release:
· Animated GIFs fixed.
· Extensions changes, see Dev Channel Visible Changes post to the Chromium-Extensions mailing list.
· Printing fixes for Windows.
· Try out the New New Tab Page by using the command line switch –new-new-tab-page. Don’t wait for the new new new tab page, get yours today!
· Linux now supports IME for non-roman script languages.
· Fixes for misbehaving proxy servers.
· “Save As” now available on Mac.
· More details are available in the release notes and the log of all revisions.
Known issues:
· Issue 15846: (Mac) Google docs : shortcut to save a document (Command+S) is not implemented
· Issue 15844: (Linux) Bookmarks bar context menus disabled on first open of bookmark manager
· Issue 15845: (Linux) Bookmarks that do not fit in the bookmarks bar cannot be accessed
· Issue 15848: Thumbnails on New Tab Page don’t have spacing in between
What’s new in Google Chrome 3.0.190.1 Dev:
Highlights in this release:
· Mostly bug and crash fixes.
· Linux: Fixed the browser crashing because of missing fonts. (Issue 13007)
Lots of progress filling in missing features on Mac and Linux. Random samples:
· Linux: HTTP authentication now works.
· Linux: Render the contents of tabs while dragging.
· Linux: You can import and export bookmarks.
· Mac: You can download more than one item in a tab.
· Mac: A (preliminary) download shelf at the bottom of the window shows your downloads.
· Mac: Added the Restore Closed Tabs item to the File menu.
· The –enable-monitor-profile flag converts web pages from sRGB to your current default monitor profile. It does not handle embedded color profiles in images. (Issue 4938)
· The ‘Print selection’ option on the Print dialog works on Windows. (Issue 1682)
Known issues:
· You cannot drag bookmarklets (javascript: URLs) to the bookmarks bar. (Issue 12290)
· When you install an extension, two separate toolstrips appear. The problem will go away when you restart the browser. (Issue 14941)
What’s new in Google Chrome 2.0.172.33 Stable:
· Google Chrome 2.0.172.33 has been released to the Stable and Beta channels. This release fixes a critical security issue and two other networking bugs.
· CVE-2009-2121: Buffer overflow processing HTTP responses
· Google Chrome is vulnerable to a buffer overflow in handling certain responses from HTTP servers. A specially crafted response from a server could crash the browser and possibly allow an attacker to run arbitrary code.
· More info: http://code.google.com/p/chromium/issues/detail?id=14508 (This issue will be made public once a majority of users are up to date with the fix.)
· Severity: Critical. An attacker might be able to run code with the privileges of the logged on user.
· Credit: This issue was found by the Google Chrome security team.
· Other issues
This release also fixes two other network issues:
· – NTLM authentication to Squid proxies fails when trying to connect to HTTPS sites (Issue 8771)
· – Browser crash when loading some HTTPS sites (Issue 13226)
What’s new in Google Chrome 3.0.189.0 Dev:
· Lots of crash fixes and code stabilization.
· All extensions now require signing, all unsigned extensions have been disallowed.
· Extensions are, at least for the moment, disabled in incognito mode.
· Fixed a session history bug which prevented proper backward and forward operation for certain sites.
What’s new in Google Chrome 3.0.187.1 Dev:
· Yesterday’s Dev Channel update (3.0.187.0) for Windows had a critical bug which crashes the browser when you use the wrench or page menus. This release fixes that issue.
· If you already have 3.0.187.0 you cannot get to About Google Chrome to force an update. You have a couple of choices to get the update.
· Wait. If you wait about 5 hours Google Chrome will check for an update and install it for you.
· Uninstall Google Chrome and reinstall from http://www.google.com/chrome/eula.html?extra=devchannel
· The Mac and Linux builds were not affected by this bug so they are not being updated.
· We apologize for the problem and we are making changes to our process to try and avoid issues like this in the future. The dev channel is always going to be a little risky but we agree that major features like this should not go out broken.
What’s new in Google Chrome 3.0.187.0 Dev:
· Linux: Import passwords from Firefox. (Issue: 11191)
· On Mac use Keychain for passwords. (Issue: 11745)
· Fix regression where Omnibox would drop characters during rapid typing. (Issue: 13428)
· The web inspector is now working again. (Issue 13411)
· Fix browser hang due to plugin deadlock. (Issue: 12624)
· –enable-user-scripts is working again. (Issue 13290)
· Clicking an extension toolstrip no longer selects the first tab. (Issue 13547)
· Extension buttons now show after install (Issue 13609)
· Increase the maximum number of cookies to 3000. This matches Firefox. (Issue: 8850)
· When the contents don’t have title, use URL for the name of bookmark entry. (Issue: 5965)
· Move download shelf from per-tab to per-window. (Issue: 9025)
· Improved support for Squid proxies. (Issue: 8771)
· Fixes a flash plugin hang on Google Finance ticker symbols in a background tab. (Issue: 12993)
What’s new in Google Chrome 2.0.172.31 Stable:
· Google Chrome’s Stable channel has been updated to version 2.0.172.31 to fix two security issues in WebKit.
· CVE-2009-1690 Memory corruption
· A memory corruption issue exists in WebKit’s handling of recursion in certain DOM event handlers. Visiting a maliciously crafted website may lead to a tab crash or arbitrary code execution in the Google Chrome sandbox. This update addresses the issue through improved memory management.
· Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.
Mitigations:
· A victim would need to visit a page under an attacker’s control.
· Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.
· CVE-2009-1718 Drag and drop information leak
· An issue exists in WebKit’s handling of drag events. This may lead to the disclosure of sensitive information when content is dragged over a maliciously crafted web page. This update addresses the issue through improved handling of drag events.
· Severity: Medium. An attacker might be able to read data belonging to another web site, if a user can be convinced to select and drag data on an attacker-controlled site.
What’s new in Google Chrome 3.0.183.1 Dev:
Highlights for this release:
· Fixed issue where non-media types such as text would display a media player. (Issue: 12777)
· New Downloads page shows the remaining time left for downloads. (Issue: 9607)
· Various fixes for right-to-left langugages
· Multiple crash and usability fixes.
Known Issue:
· Google Chrome crashes on Windows XP when you click the “Reset to default theme” button (Issue 13075).
What’s new in Google Chrome 3.0.182.3 Dev:
· The small font issue affecting most non-English languages has been fixed
What’s new in Google Chrome 3.0.182.2 Dev:
Highlights for this release:
· Google Chrome now supports the video tag.
· –auto-spell-correct flag will fix common typos like “teh” for “the” in the blink of an eye.
· Various bits of UI clean-up (toolbar and dangerous download bar paint issues).
· Multiple crash fixes.
Known Issue:
· The font in the browser’s user interface is very small in most non-English languages. This will be fixed in the next Dev channel update. (Issue 12309).
Version Changes:
· WebKit – 531.0
· V8 – 1.2.5.1
· Gears – 0.5.21.0
What’s new in Google Chrome 2.0.172.30 Beta:
· Google Chrome 2.0.172.30 has been released to the Beta channel. The changes in this release since 172.27 are
· complete translations in all languages
· an experimental change in the V8 JavaScript engine that might improve page load times for pages with a lot of JavaScript.
· a fix for a crash when using the French spell check dictionary (Issue 8551)
· a fix for a crash when visiting a site with more than 50 feed links (Issue 12075)
What’s new in Google Chrome 2.0.172.28 Stable:
· We’re promoting 2.0.172 from Beta to the Stable channel today.
· We’ve made a lot of changes to stuff you never see, such as a newer version of WebKit for rendering web pages, a new network stack, and improvements to speed up the V8 Javascript engine.
· There are some new features like removing Most Visited sites from the New Tab page, form autofill, and full screen mode.
· We’re also proud to announce that Google Chrome is now available in 50 languages. We added Bengali, Gujarati, Kannada, Malayalam, Marathi, Oriya (on Windows Vista only), Tamil, and Telugu in this release.
What’s new in Google Chrome 2.0.181.1 Dev:
Version Changes:
· WebKit – 530.11
· V8 – 1.2.4.1
· Gears – 0.5.21.0
Changes:
· Fixed a common crash when using a French spell-check dictionary. (Issue: 8551)
· Fixed a regression where maximizing Chrome turned the tab-background black. (Issue: 11695)
· Improved remote desktop (RDP) performance by using the standard dotted rectangle when moving a tab out. (Issue: 805)
· The command line debugger has been replaced by a graphical debugger using the WebKit inspector scripts tab to debug JavaScript running in V8.
· It is now possible to set proxy setting from the command-line. See the issue for more information. (Issue: 266)
What’s new in Google Chrome 2.0.172.27 Beta:
· Google Chrome 2.0.172.27 has been released to the Beta channel. This release adds translations for all new features in all supported languages. We’ve made a number of fixes to improve reliability and updated the version of Gears to 0.5.19.0.
What’s new in Google Chrome 2.0.180.0 Dev:
Visible changes:
· [r14827] Support PgUp/PgDn in Omnibox for “first entry/last entry.” (Issue: 6857)
· [r15115] Tell the user if Chrome is not the default browser. (Issue: 9049)
· [r15702] You can choose to allow pop-ups from a site. (Issue: 11440)
Other changes of note:
· [r14891] Fix for crashing when zoomed into street level on maps.yahoo.com (Issue: 2044)
· [r14731] Patch from Mohamed Mansour for systems without an installed printer. (Issue: 6835)
· [r15020] Stop the location bar from flashing white when navigating from one HTTPS site to another. (Issue: 11157)
· [r15214] Fix for common issues around opening a new window. (Issues: 6377, 6192, 835)
· Lots of work around Extensions. (See r15417, r15271, r15310)
What’s new in Google Chrome 1.0.154.65 Stable:
· Google Chrome’s Stable channel has been updated to version 1.0.154.65 to fix a crash during startup for a small percentage of users.
What’s new in Google Chrome 1.0.154.64 Stable:
· Google Chrome’s Stable channel has been updated to version 1.0.154.64 to fix two security issues discovered by internal Google testing.
· This release also contains
· A new notification at startup that makes it easier to set Google Chrome as the default browser. If you don’t want Google Chrome to be the default browser, you can click ‘Don’t ask again’.
· A new version of Gears (0.5.16.0)
· Security Fixes
· CVE-2009-1441: Input validation error in the browser process.
· A failure to properly validate input from a renderer (tab) process could allow an attacker to crash the browser and possibly run arbitrary code with the privileges of the logged on user. To exploit this vulnerability, an attacker would need to be able to run arbitrary code inside the renderer process.
· Severity: Critical. An attacker might be able to run code with the privileges of the logged on user.
· Mitigation: An attacker would need to be able to run arbitrary code in the renderer process.
· CVE-2009-1442: Integer overflow in Skia 2D graphics.
· A failure to check the result of integer multiplication when computing image sizes could allow a specially-crafted image or canvas to cause a tab to crash and it might be possible for an attacker to execute arbitrary code inside the (sandboxed) renderer process.
· Severity: High. An attacker might be able to run arbitrary code within the Google Chrome sandbox.
Mitigations:
· A victim would need to visit a page under an attacker’s control.
· Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.
What’s new in Google Chrome 2.0.177.1 Beta:
It includes a number of fixes and a couple UI tweaks. For example, if you have searched from wikipedia.org in the past, start typing wikipedia.org in the omnibox, press the Tab key then a search term and suggestions and past searches will appear for Wikipedia. Other fixes include:
· [r14196] Scrollbars, Home/End work again in Gmail (Issue: 10009)
· [r14377] Flash (and other plugins) can be installed without restarting the browser. (Issue: 10574)
· [r14137] Fix hang seen in plugin process, including the new O3D plugin. (Issue: 10711)
· [r13934] On some sites text disappears or is never drawn. For example, on Google Calendar, the titles for all day events do not display. (Issue: 9904)
What’s new in Google Chrome 2.0.174.0:
· [r13177] The bookmarks title in the bubble is now left justified – credit: m0 (Issue: 9393)
· [r13217] Fixed a crash which occurred when Chrome failed to find the default font. (Issue: 9654)
· [r13273] Chrome now temporarily disables a download item on the download-shelf when the file is opened. This prevents multiple clicks and shows that an action has been taken. (Issue: 7264)
· [r13285] Added a “clear all downloads” link to downloads page.(Issue: 9033)
· [r13340] Entering Kangi characters into the address bar no longer crashes Chrome (e.g. “–@ シ”).(Issue: 9760)
· [r13348] Added “Undo Tab Close” and “New Tab” to the context menu on the tab bar. (Issue: 2144)
· [r13388] Corrected a regession where the suggestions from the address bar auto-complete were not correct for non-Latin languages. (Issue: 9859)
· [r13389] PageUp, PageDown and Up and Down arrow keys will now scroll the page when the Find bar is on screen. (Issue: 7079)
· [r13453] Chrome now displays a confirmation box when closing a tab with an in-progress download. (Issue: 1028)
· [r13515] Closing Chrome while a download is in progress no longer causes a crash. (Issue: 9959)
· [r13520] It is no longer possible to cut or copy from a password text-field. (Issue: 9425)
· [r13533] Fixed an issue where a maximized window was the wrong size after unlock. (Issue: 8873)
· [r13536] SVG images with .svgz extension are now properly displayed. (Issue: 9737)
· [r13550] Fixed regression where favicon of History and Downloads page was missing. (Issue: 9805)
· [r13551] Chrome now supports favicons that are provided as encoded data in html. (Issue: 9881)
· [r13555] [r13610] Corrects an error where the “Install plug-in” info bar would not show up. (Issue: 8584)
· [r13588] Ctrl+Shift+Arrow allows change in text direction in RTL UIs. Also now support Ctrl+Shift text alignment based on which side of the keyboard those keys are pressed.(Issues: 9762, 9763)
· [r13609] Fixed a regression where mouse wheel scrolling would close the bookmarks menu. (Issue: 9752)
· [r13611] Initial check-in to remove thumbnails from the New Tab Page (feature still in development). (Issue: 685)
· [r13636] The title of a JavaScript dialog box used to contains “Alert” regardless of how it’s made: whether by alert(), prompt(), or confirm(). Now it only displays “Alert” for alert() calls.(Issue: 2359)
· [WebKit r29160] Fixed issue where the Google Calendar Widget would not load schedule content.(Issue: 8935)
What’s new in Google Chrome 2.0.157.0:
· [r7615]Fixes a crash related to tab dragging (Issue: 5819)
· [r7616]Add a terminating NULL to the text read from the edit control. (Issue: 6053)
· [r7620]Enables restoring of keyboard focus to the the toolbar button that last had focus, before focus was lost (e.g to a dialog, another window, etc). Setting focus using the toolbar focus keyboard shortcut will still reset focus to the first enabled, visible button (starting at the Back button). (Issue: 5750)
· [r7644]In some cases (related to window.open() with no contents, see bug for more details) we may get notified of SSL error or mixed-contents without a NavigationEntry. (Issue: 3845)
· [r7664]If the URL text has no scheme, and starts with http://ftp., then default the scheme to ftp (Issue: 565)
· [r7669]Fixes an issue where Chrome hangs “Waiting for cache” (Issue: 4769)
· [r7703]Attempt to fix an issue related to SSL navigation. (Issue: 5800)
· [r7705]Fix for auto-detection of encoding (Issue: 3702)
· [r7724]Add debug menu to Linux test_shell: (Issues: 6050, 5122)
· [r7747]Fixup and verify URLs from the server before adding them to the autocomplete dropdown. (Issue: 5806)
· [r7792]Make sure that the active tab contents is destroyed when navigating back from the tab contents to the downloads page. Which fixes an issue w/ Flash not being signaled to cleanup (Issue: 5828)
· [r7798]Add support for custom cursors set by windowless plugins. (Issue: 3800)
· [r7822]Prevent overwrite pre-filled values when autofilling a form. (Issue: 6197)
· [r7823]Fixes issue where auto-complete popups would linger on the screen. (Issues: 5830, 3844)
· [r7873]Updating user dictionaries for 19 languages (Issue: 2837)
· [r7882]Measure how often the users are encountering MD5 (Issue: 6102)
What’s new in Google Chrome 0.4.154.25 Beta:
· Bookmark manager with import/export
· Privacy section in Options
· New blocked pop-up notification
· This release fixes an issue with downloaded HTML files being able to read other files on your computer and send them to sites on the Internet. We now prevent local files from connecting to the network with XMLHttpRequest() and also prompt you to confirm a …
Tags:
Google,
Changelogs,
Google Chrome,
Changelog,
Chrome,
browser
