19 replies to this topic

[-Razorfold]

still1, on 09 February 2012 - 06:52, said:

got to about:flags
enable Smooth Scrolling
whola!!! smooth scrolling

Eh the smooth scrolling in Chrome is still pretty awful compared to Opera. However I prefer using the MinimumSmoothScroll extension to the built in smooth scroller, just think it works better.

[still1]

The Chrome Stable channel has been updated to 17.0.963.56 on Windows, Mac, Linux and Chrome Frame. This release fixes a number of stability and security issues in Chrome, and also includes a new version of Flash. More info on the Flash update is available from Adobe.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

• [105803]HighCVE-2011-3015: Integer overflows in PDF codecs. Credit to Google Chrome Security Team (scarybeasts).
  
• [$500] [106336] MediumCVE-2011-3016: Read-after-free with counter nodes. Credit to miaubiz.
  
• [$1000] [108695]HighCVE-2011-3017: Possible use-after-free in database handling. Credit to miaubiz.
  
• [$1000] [110172]HighCVE-2011-3018: Heap overflow in path rendering. Credit to Aki Helin of OUSPG.
  
• [110849] High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit to Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk of the Google Security Team.
  
• [111575] Medium CVE-2011-3020: Native client validator error. Credit to Nick Bray of the Chromium development community.
  
• [$1000] [111779] HighCVE-2011-3021: Use-after-free in subframe loading. Credit to Arthur Gerkis.
  
• [112236] MediumCVE-2011-3022: Inappropriate use of http for translation script. Credit to Google Chrome Security Team (Jorge Obes).
  
• [$500] [112259] MediumCVE-2011-3023: Use-after-free with drag and drop. Credit to pa_kt.
  
• [112451] LowCVE-2011-3024: Browser crash with empty x509 certificate. Credit to chrometot.
  
• [$500] [112670] MediumCVE-2011-3025: Out-of-bounds read in h.264 parsing. Credit to Sławomir Błażek.
  
• [$1337] [112822] HighCVE-2011-3026: Integer overflow / truncation in libpng. Credit to Jüri Aedla.
  
• [$1000] [112847]HighCVE-2011-3027: Bad cast in column handling. Credit to miaubiz.

http://googlechromer...ble-update.html

[still1]

Quote

The Chrome Stable channel has been updated to 17.0.963.65 on Windows, Mac, Linux and Chrome Frame. This release fixes a number of issues including:

• Cursors and backgrounds sometimes do not load (bug 111218)
  
• Plugins not loading on some pages (bug 108228)
  
• Text paste includes trailing spaces (bug 106551)
  
• Websites using touch controls break (bug 110332)

Along with these fixes, the release contains an updated version of the Adobe Flash player. More information on Flash updates is available from Adobe.

Security fixes and rewards:

Firstly, we have some special rewards for some special bugs!

• [$10,000] [116661] Rockstar CVE-1337-d00d1: Excessive WebKit fuzzing. Credit to miaubiz.
  
• [$10,000] [116662] Legend CVE-1337-d00d2: Awesome variety of fuzz targets. Credit to Aki Helin of OUSPG.
  
• [$10,000] [116663] Superhero CVE-1337-d00d3: Significant pain inflicted upon SVG. Credit to Arthur Gerkis.

To determine the above rewards, we looked at bug finding performance over the past few months. The three named individuals stood out significantly. It also shouldn’t come as a surprise that they all feature (and earn more!) in the release notes below.

We have always reserved the right to arbitrarily reward sustained, extraordinary contributions. In this instance, we’re dropping a surprise bonus. We reserve the right to do so again and reserve the right to do so on a more regular basis! Chrome has a leading reputation for security and it wouldn’t be possible without the aggressive bug hunting of the wider community.

Please seethe Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

• [$1000] [105867] High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit to Chamal de Silva.
  
• [$1000] [108037] High CVE-2011-3032: Use-after-free in SVG value handling. Credit to Arthur Gerkis.
  
• [$2000] [108406] [115471] High CVE-2011-3033: Buffer overflow in the Skia drawing library. Credit to Aki Helin of OUSPG.
  
• [$1000] [111748] High CVE-2011-3034: Use-after-free in SVG document handling. Credit to Arthur Gerkis.
  
• [$2000] [112212] High CVE-2011-3035: Use-after-free in SVG use handling. Credit to Arthur Gerkis.
  
• [$1000] [113258] High CVE-2011-3036: Bad cast in line box handling. Credit to miaubiz.
  
• [$3000] [113439] [114924] [115028] High CVE-2011-3037: Bad casts in anonymous block splitting. Credit to miaubiz.
  
• [$1000] [113497] High CVE-2011-3038: Use-after-free in multi-column handling. Credit to miaubiz.
  
• [$1000] [113707] High CVE-2011-3039: Use-after-free in quote handling. Credit to miaubiz.
  
• [$500] [114054] High CVE-2011-3040: Out-of-bounds read in text handling. Credit to miaubiz.
  
• [$1000] [114068] High CVE-2011-3041: Use-after-free in class attribute handling. Credit to miaubiz.
  
• [$1000] [114219] High CVE-2011-3042: Use-after-free in table section handling. Credit to miaubiz.
  
• [$1000] [115681] High CVE-2011-3043: Use-after-free in flexbox with floats. Credit to miaubiz.
  
• [$1000] [116093] High CVE-2011-3044: Use-after-free with SVG animation elements. Credit to Arthur Gerkis.

The majority of the above bugs were detected using AddressSanitizer, which rocks.
More detailed updates are available on the Chrome Blog. Full details about what changes are in this release are available in the SVN revision log. Interested in hopping on the stable channel? Find out how. If you find a new issue, please let us know by filing a bug.

http://googlechromer...ble-update.html

[torrentthief]

17.0.963.78 is out: http://dl.google.com...e_installer.exe

[still1]

Quote

Some of the items listed below represent the start of hardening measures based on study of the exploits submitted to the Pwnium competition.

[$1000] [113902] High CVE-2011-3050: Use-after-free with first-letter handling. Credit to miaubiz.
[116162] High CVE-2011-3045: libpng integer issue from upstream. Credit to Glenn Randers-Pehrson of the libpng project.
[$1000] [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling. Credit to Arthur Gerkis.
[116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling. Credit to Ben Vanik of Google.
[$1000] [116746] High CVE-2011-3053: Use-after-free in block splitting. Credit to miaubiz.
[117418] Low CVE-2011-3054: Apply additional isolations to webui privileges. Credit to Sergey Glazunov.
[117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked extension installation. Credit to PinkiePie.
[$2000] [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”. Credit to Sergey Glazunov.
[$500] [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian Holler.

Also, this single low severity issue was fixed in a previous patch but we forgot to issue proper credit:

[108648] Low CVE-2011-3049: Extension web request API can interfere with system requests. Credit to Michael Gundlach

http://googlechromer...-update_21.html