The Chrome team is excited to announce the promotion of Chrome 27 to the Stable Channel. Chrome 27.0.1453.93 for Windows, Mac, Linux, and Chrome Frame contains number of new items including:
    Security fixes and rewards:
    Please see the Chromium security page for more information. (Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.)


    This automatic update includes security fixes. We’d like to highlight the following fixes for various reasons (crediting external researchers, issuing rewards, or highlighting particularly interesting issues):


    • [$1000] [235638] High CVE-2013-2837: Use-after-free in SVG. Credit to Sławomir Błażek.
    • [$500] [235311] Medium CVE-2013-2838: Out-of-bounds read in v8. Credit to Christian Holler.
    • [$1500] [230176] High CVE-2013-2839: Bad cast in clipboard handling. Credit to Jon of MWR InfoSecurity.
    • [$1000] [230117] High CVE-2013-2840: Use-after-free in media loader. Credit to Nils of MWR InfoSecurity.
    • [$1000] [227350] High CVE-2013-2841: Use-after-free in Pepper resource handling. Credit to Chamal de Silva.
    • [$2000] [226696] High CVE-2013-2842: Use-after-free in widget handling. Credit to Cyril Cattiaux.
    • [$1000] [222000] High CVE-2013-2843: Use-after-free in speech handling. Credit to Khalil Zhani.
    • [$1000] [196393] High CVE-2013-2844: Use-after-free in style resolution. Credit to Sachin Shinde (@cons0ul).
    • [$3133.7] [188092] [179522] [222136] [188092] High CVE-2013-2845: Memory safety issues in Web Audio. Credit to Atte Kettunen of OUSPG.
    • [$1000] [177620] High CVE-2013-2846: Use-after-free in media loader. Credit to Chamal de Silva.
    • [$1000] [176692] High CVE-2013-2847: Use-after-free race condition with workers. Credit to Collin Payne.
    • [$500] [176137] Medium CVE-2013-2848: Possible data extraction with XSS Auditor. Credit to Egor Homakov.
    • [171392] Low CVE-2013-2849: Possible XSS with drag+drop or copy+paste. Credit to Mario Heiderich.


    In addition, our ongoing internal security work was as usual responsible for a wide range of fixes:

    • [241595] High CVE-2013-2836: Various fixes from internal audits, fuzzing and other initiatives.


    Many of the above bugs were detected using AddressSanitizer.


    This build also contains a new Adobe Flash build. You can find more information here.

    Full details about what changes are in this build are available in the SVN revision log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

    Karen Grunberg
    Google Chrome