Download Google Chrome 22.0.1229.92

Google has released an update to version 22 of its Chrome web browser. Google Chrome is available in three different versions: stable, beta and dev, and this time the stable version has been updated. New in version 22 is a mouse lock api for javascript. There is also improved support for Windows 8 and the retinascreens of Macs. In addition, various bugs have of course been fixed and the browser has various security updates on board.

Google Chrome 22.0.1229.92

The Stable channel has been updated to 22.0.1229.92 for Windows, Mac, and Linux. This update contains a number of stability fixes, including an issue with multiple profiles on Mac OS X 10.8.2. It also contains a fix for text display on the Mac, as well as the security updates listed below.

Security fixes and rewards:

please see the Chromium security pagefor more details. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

• [138208] High CVE-2012-2900: Crash in Skia text rendering.
• [147499] Critical CVE-2012-5108: Race condition in audio device handling.
• [148692] Medium CVE-2012-5109: OOB read in ICU regex.
• [151449] Medium CVE-2012-5110: Out-of-bounds read in compositor.
• [151895] Low CVE-2012-5111: Plugin crash monitoring was missing for Pepper plugins.

Many of the above bugs were detected using AddressSanitizer. These builds also have a new version of Flash with security and other fixes. More information can be found here.

Google Chrome 22.0.1229.79

The Chrome Team is excited to announce the promotion of Chrome 22 to the stable channel. Chrome 22.0.1229.79 (also now available on the beta channel) has a number of new and exciting updates including:

• Mouse Lock API availability for Javascript
• Additional Windows 8 enhancements
• Continued polish for users of HiDPI/Retina screens

You can find out more about Chrome 22 on the Official Chrome Blog. Security fixes and rewards: Please see the Chromium security pagefor more details. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix. Occasionally, we issue special rewards for bugs outside of Chrome, particularly where the bug is very severe and/or we are able to partially work around the issue:

• [146254] Critical CVE-2012-2897: Windows kernel memory corruption. Documentary.

And back to your regular scheduled rewards, including some at the new higher levels:

• [143439] High CVE-2012-2889: UXSS in frame handling.
• [143437] High CVE-2012-2886: UXSS in v8 bindings.
• [139814] High CVE-2012-2881: DOM tree corruption with plug-ins.
• [135432] High CVE-2012-2876: Buffer overflow in SSE2 optimizations.
• [140803] High CVE-2012-2883: Out-of-bounds write in Skia.
• [143609] High CVE-2012-2887: Use after free in onclick handling.
• [143656] High CVE-2012-2888: Use after free in SVG text references.
• [144899] High CVE-2012-2894: Crash in graphics context handling.
• [Mac only] [145544] High CVE-2012-2896: Integer overflow in WebGL.
• [137707] Medium CVE-2012-2877: Browser crash with extensions and modal dialogs.
• [139168] Low CVE-2012-2879: DOM topology corruption.
• [141651] Medium CVE-2012-2884: Out-of-bounds read in Skia.
• [132398] High CVE-2012-2874: Out-of-bounds write in Skia.
• [134955] [135488] [137106] [137288] [137302] [137547] [137556] [137606] [137635] [137880] [137928] [144579] [145079] [145121] [145163] [146462] Medium CVE-2012-2875: Various lower severity issues in the PDF viewer.
• [137852] High CVE-2012-2878: Use after free in plugin handling.
• [139462] Medium CVE-2012-2880: Race condition in plug-in paint buffer.
• [140647] High CVE-2012-2882: Wild pointer in OGG container handling.
• [142310] Medium CVE-2012-2885: Possible double free on exit.
• [143798] [144072] [147402] High CVE-2012-2890: Use after free in PDF viewer.
• [144051] Low CVE-2012-2891: Address leak over IPC.
• [144704] Low CVE-2012-2892: Pop-up block bypass.
• [144799] High CVE-2012-2893: Double free in XSL transforms.
• [145029] [145157] [146460] High CVE-2012-2895: Out-of-bounds writes in PDF viewer.

Any of the above bugs were detected using AddressSanitizer. We’d also like to thank Arthur Gerkis for working with us during the development cycle and preventing security regressions from ever reaching the stable channel.