Chrome Stable Update

**The Chrome Stable channel has been updated to 17.0.963.56 on Windows, Mac, Linux and Chrome Frame. This release fixes a number of stability and security issues in Chrome, and also includes a new version of Flash. More info on the Flash update is available from Adobe.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
**

• [105803] High** CVE-2011-3015: Integer overflows in PDF codecs. Credit to Google Chrome Security Team (scarybeasts).** * [$500] [106336] MediumCVE-2011-3016: Read-after-free with counter nodes. Credit to miaubiz. * [$1000] [108695] High****CVE-2011-3017: Possible use-after-free in database handling. Credit to miaubiz.
• [$1000] [110172] High** **CVE-2011-3018: Heap overflow in path rendering. Credit to Aki Helin of OUSPG.
• [110849] High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit to Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk / Gynvael Coldwind of the Google Security Team.
• [111575] Medium CVE-2011-3020: Native client validator error. Credit to Nick Bray of the Chromium development community.**** * [$1000] [111779] High****CVE-2011-3021: Use-after-free in subframe loading. Credit to Arthur Gerkis.
• [112236] Medium** CVE-2011-3022: Inappropriate use of http for translation script. Credit to Google Chrome Security Team (Jorge Obes).** * [$500] [112259] Medium****CVE-2011-3023: Use-after-free with drag and drop. Credit to pa_kt.
• [112451] Low** **CVE-2011-3024: Browser crash with empty x509 certificate. Credit to chrometot.
• [$500] [112670] Medium** **CVE-2011-3025: Out-of-bounds read in h.264 parsing. Credit to Sławomir Błażek.
• [$1337] [112822] High** **CVE-2011-3026: Integer overflow / truncation in libpng. Credit to Jüri Aedla.
• [$1000] [112847] High****CVE-2011-3027: Bad cast in column handling. Credit to miaubiz.******The bugs [106336], [106336], [110172], [110849], [111779] and [112847] were detected using AddressSanitizer.

More detailed updates are available on the Chrome Blog. Full details about what changes are in this release are available in the SVN revision log. Interested in hopping on the stable channel? Find out how. If you find a new issue, please let us know by filing a bug.

Jason Kersey
Google Chrome**