Stable Channel Update TUESDAY, AUGUST 20, 2013 http://googlechromereleases.blogspot.tw/2013/08/stable-channel-update.html The Chrome team is excited to announce the promotion of Chrome 29 to the Stable channel for Windows, Mac, Linux and Chrome Frame. Chrome 29.0.1547.57 contains a number of fixes and improvments, including: ‧Improved Omnibox suggestions based on the recency of sites you have visited ‧Ability to reset your profile back to its original state ‧Many new apps and extensions APIs ‧Lots of stability and performance improvements Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. This commonly occurs if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. This update includes 25 security fixes. Below, we highlight some fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information. ‧[$1337] [181617] High CVE-2013-2900: Incomplete path sanitization in file handling. Credit to Krystian Bigaj. ‧[$500] [254159] Low CVE-2013-2905: Information leak via overly broad permissions on shared memory files. Credit to Christian Jaeger. ‧[$1337] [257363] High CVE-2013-2901: Integer overflow in ANGLE. Credit to Alex Chapman. ‧[$1000] [260105] High CVE-2013-2902: Use after free in XSLT. Credit to cloudfuzzer. ‧[$1000] [260156] High CVE-2013-2903: Use after free in media element. Credit to cloudfuzzer. ‧[$1000] [260428] High CVE-2013-2904: Use after free in document parsing. Credit to cloudfuzzer. In addition, our ongoing internal security work was as usual responsible for a wide range of fixes: ‧[274602] CVE-2013-2887: Various fixes from internal audits, fuzzing and other initiatives (Chrome 29). -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 1.161.171.80