Stable Channel Update

Chrome has been updated to 30.0.1599.101 for Windows, Mac, Linux and Chrome Frame.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed.

This update includes 5 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.

[$1000][292422] High CVE-2013-2925: Use after free in XHR. Credit to Atte Kettunen of OUSPG.

[$2000][294456] High CVE-2013-2926: Use after free in editing. Credit to cloudfuzzer.

[$2000][297478] High CVE-2013-2927: Use after free in forms. Credit to cloudfuzzer.

As usual, our ongoing internal security work responsible for a wide range of fixes:

• [305790] CVE-2013-2928: Various fixes from internal audits, fuzzing and other initiatives.

Many of the above bugs were detected using AddressSanitizer.

A full list of changes is available in the SVN log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Karen Grunberg

Google Chrome