Stable Channel Update

The stable channel has been updated to 49.0.2623.108 for Windows, Mac, and Linux.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

[$7500][594574] High CVE-2016-1646: Out-of-bounds read in V8. Credit to Wen Xu from Tencent KeenLab.
[$5500][590284] High CVE-2016-1647: Use-after-free in Navigation. Credit to anonymous.
[$5000][590455] High CVE-2016-1648: Use-after-free in Extensions. Credit to anonymous.
[595836] High CVE-2016-1649: Buffer overflow in libANGLE. Credit to lokihardt working with HP’s Zero Day Initiative / Pwn2Own.

As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [597518] CVE-2016-1650: Various fixes from internal audits, fuzzing and other initiatives.
  • Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch (currently 4.9.385.33).

Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity or LibFuzzer.

A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Krishna Govind
Google Chrome