Stable Channel Update

The Chrome team is excited to announce the promotion of Chrome 29 to the Stable channel for Windows, Mac, Linux and Chrome Frame. Chrome 29.0.1547.57 contains a number of fixes and improvements, including:

• Improved Omnibox suggestions based on the recency of sites you have visited

• Ability to reset your profile back to its original state

• Many new apps and extensions APIs

• Lots of stability and performance improvements
  Security Fixes and Rewards
  Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. This commonly occurs if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed.
  _
  _ This update includes 25 security fixes. Below, we highlight some fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.

• [$1337] [181617] High CVE-2013-2900: Incomplete path sanitization in file handling. Credit to Krystian Bigaj.

• [$500] [254159] Low CVE-2013-2905: Information leak via overly broad permissions on shared memory files. Credit to Christian Jaeger.

• [$1337] [257363] High CVE-2013-2901: Integer overflow in ANGLE. Credit to Alex Chapman.

• [$1000] [260105] High CVE-2013-2902: Use after free in XSLT. Credit to cloudfuzzer.

• [$1000] [260156] High CVE-2013-2903: Use after free in media element. Credit to cloudfuzzer.

• [$1000] [260428] High CVE-2013-2904: Use after free in document parsing. Credit to cloudfuzzer.
  In addition, our ongoing internal security work was as usual responsible for a wide range of fixes:

• [274602] CVE-2013-2887: Various fixes from internal audits, fuzzing and other initiatives (Chrome 29).
  A partial list of changes is available in the SVN log. Interested in switching to a different release channel? Find out how. If you find a new issue, please let us know by filing a bug.

Jason Kersey
Google Chrome