Download Google Chrome 23.0.1271.64

Google has released version 23 of its Chrome web browser. Google Chrome is available in three different versions: stable, beta and dev, and this time the stable version has been updated. New in version 23 is, among other things, hardware acceleration of video by the graphics card under Windows, which among other things saves energy. It has also become easier to individually adjust the permissions for a web page. The full changelog for this release can be found below:

Stable Channel Release and Beta Channel Update

The Chrome team is excited to announce the release of Chrome 23 to the Stable Channel. 23.0.1271.64 for Windows, Mac, Linux, and Chrome Frame. Chrome 23 contains a number of new features including GPU accelerated video decoding on Windows and easier website permissions. More detailed updates are available on the Chrome Blog.

Security fixes and rewards:

please see the Chromium security page for more details. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

Occasionally, we issue special rewards for bugs outside of Chrome, particularly where the bug is very severe and/or we are able to partially work around the issue:

• [Mac OS only] [149904] High CVE-2012-5115: Defend against wild writes in buggy graphics drivers.

And back to your regular scheduled rewards, including some at the new higher levels:

• [157079] Medium CVE-2012-5127: Integer overflow leading to out-of-bounds read in WebP handling.
• [Linux 64-bit only] [150729] Medium CVE-2012-5120: Out-of-bounds array access in v8.
• [143761] High CVE-2012-5116: Use after free in SVG filter handling.
• [Mac OS only] [149717] High CVE-2012-5118: Integer bounds check issue in GPU command buffers.
• [154055] High CVE-2012-5121: Use after free in video layout.
• [145915] Low CVE-2012-5117: Inappropriate load of SVG subresource in img context.
• [149759] Medium CVE-2012-5119: Race condition in Pepper buffer handling.
• [154465] Medium CVE-2012-5122: Bad cast in input handling.
• [154590] [156826] Medium CVE-2012-5123: Out-of-bounds reads in Skia.
• [155323] High CVE-2012-5124: Memory corruption in texture handling.
• [156051] Medium CVE-2012-5125: Use-after-free in extension tab handling.
• [156366] Medium CVE-2012-5126: Use-after-free in plugin placeholder handling.
• [157124] High CVE-2012-5128: Bad write in v8.

Many of the above bugs were detected using AddressSanitizer.

The security issues in V8 have been fixed in v8-3.13.7.5.

This version also has a new Adobe Flash. More details can be found here.

Full details about what changes are in this release are available in the SVN revision log. Interested in hopping on the stable channel? Find out how. If you find a new issue, please let us know by filing a bug.