| Version | Change log |
| Google Chrome 131.0.6778.2 Dec 19, 2024 |
This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers: [$55000][382291459] High CVE-2024-12692: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) on 2024-12-05 [$20000][382190919] High CVE-2024-12693: Out of bounds memory access in V8. Reported by 303f06e3 on 2024-12-04 [TBD][368222741] High CVE-2024-12694: Use after free in Compositing. Reported by Anonymous on 2024-09-19 [TBD][383647255] High CVE-2024-12695: Out of bounds write in V8. Reported by 303f06e3 on 2024-12-12 |
| Google Chrome 131.0.6778.1 Dec 11, 2024 |
This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. [$55000][381696874] High CVE-2024-12381: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) on 2024-12-02 [TBD][379516109] High CVE-2024-12382: Use after free in Translate. Reported by lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group on 2024-11-18 |
| Google Chrome 131.0.6778.1 Dec 4, 2024 |
Security Fixes: Type Confusion in V8. Various fixes from internal audits, fuzzing and other initiatives: Fix performance regression introduced by filter quality change Resolve viewport units in @page against default page box size M131: [A11y] Pass html-input-name even if AXMode::kHTML is off M131: [A11y] Temporarily expose attributes for Omnipass, aka Fiserv Verifast [M131] Disable SelectParserRelaxationEnabledPolicyBrowserTest Updating XTBs based on .GRDs from branch 6778 [M131] Add a metric on the dedicated worker devtools agent size [M131] Add metrics to measure the dedicated worker setup time [merge 131][omnibox][ml] Fix crash due to invalid destination_url. [M131][History V2] Disable the message "Preparing AI" when model is not available [M131][iOS] Fix FRE when force incognito Remove GestureListenerManager as observer before destruction [131][lensoverlay] Capture top-level navigations in side panel. [merge 131][omnibox][ml] Fix crash due to out-of-range substr(). [131][UNO] Don't move password to account storage with butter disabled [merge-131] Improve Save Passwords & Autofill UI Magic Stack Tips [merge-131] Suppress Tips Ephemeral Modules Within 14 Days of FRE [M131][E2E] Read system bar insets for edge to edge Revert "[X11] Remove workaround for XFCE _GTK_FRAME_EXTENTS" [merge to M131][Gardening] Disable failing ClientCertSourceWritableUnitTest Updating XTBs based on .GRDs from branch 6778 [M131 Merge] Reland "Subresource prefetch: Fix the referrer value" Trigger component download when ScreenAI is needed and not downloaded M131: Disable SelectParserRelaxation by default [M131] infra: Set "cores:16|32" dimensions on CI Windows builderlful bots |
| Google Chrome 131.0.6778.8 Nov 19, 2024 |
Security Fixes: High CVE-2024-11395: Type Confusion in V8 [Tab Resume 2.0] Add visit score threshold Component updater: Clear the quarantine bits when installing components [M131][E2E] Do not send safe area insets for non opt-in pages [m131] Fix publish tarball: "download rustc sources" [M131] Crash: fix invalid memory access on EndTrace call in the Android Updating XTBs based on .GRDs from branch 6778 [m131][omnibox][history-embeddings] Fix popup height [m131][omnibox][history-embeddings] Decrease top-padding by 8px [M131] Allowlist ChromeVox, eSpeakNG for Login Screen [131][lensoverlay] Set site for cookies in Lens network requests [Merge Request M131] Fix histogram name mismatch [131]Add support for setting site for cookies from endpoint fetcher Fix History.Embeddings.UserActions histogram shadowed by base history UI Disable CSS Highlight Inheritance (again) [omnibox] Make IPH Chrome Tip links accessible by selecting with tab key Remove DumpWithoutCrashing from ProcessRequirement::GatherMetrics Updating XTBs based on .GRDs from branch 6778 Roll Skrifa to cherry-picked 0.23.2 to address underflow/overflow panics [M131][Clank][BrowsingDataModel] Destroy old model asynchronously [M131] Fix model download behavior when an override is specified. [omnibox] Fix a11y label for history embeddings answer matches [M131] [signin] Fix account credit card upload for Dice users in migration Fix crash in OverviewSessionMetricsRecorder [M131] Add custom metrics to all builders |
| Google Chrome 131.0.6778.7 Nov 13, 2024 |
This update includes 12 security fixes. Below, we highlight fixes that were contributed by external researchers: [TBD][373263969] High CVE-2024-11110: Inappropriate implementation in Blink. Reported by Vsevolod Kokorin (Slonser) of Solidlab on 2024-10-14 [$1000][360520331] Medium CVE-2024-11111: Inappropriate implementation in Autofill. Reported by Narendra Bhati, Suma Soft Pvt. Ltd - Pune (India) on 2024-08-18 [TBD][354824998] Medium CVE-2024-11112: Use after free in Media. Reported by Nan Wang(@eternalsakura13) and Zhenghang Xiao(@Kipreyyy) of 360 Vulnerability Research Institute on 2024-07-23 [TBD][360274917] Medium CVE-2024-11113: Use after free in Accessibility. Reported by Weipeng Jiang (@Krace) of VRI on 2024-08-16 [TBD][370856871] Medium CVE-2024-11114: Inappropriate implementation in Views. Reported by Micky on 2024-10-02 [TBD][371929521] Medium CVE-2024-11115: Insufficient policy enforcement in Navigation. Reported by mastersplinter on 2024-10-07 [TBD][40942531] Medium CVE-2024-11116: Inappropriate implementation in Paint. Reported by Thomas Orlita on 2023-11-14 [TBD][40062534] Low CVE-2024-11117: Inappropriate implementation in FileSystem. Reported by Ameen Basha M K on 2023-01-06 |
| Google Chrome 130.0.6723.1 Nov 6, 2024 |
Security Fixes: Use after free in Family Experiences. Use after free in Serial Enable the kill switch for external file picker Updating XTBs based on .GRDs from branch 6723 |
| Google Chrome 130.0.6723.9 Oct 30, 2024 |
Security Fixes: Out of bounds write in Dawn. Use after free in WebRTC. |
| Google Chrome 130.0.6723.7 Oct 23, 2024 |
Security Fixes: Inappropriate implementation in Extensions. Type Confusion in V8. |
| Google Chrome 130.0.6723.5 Oct 16, 2024 |
Security Fixes: High CVE-2024-9954: Use after free in AI. Medium CVE-2024-9955: Use after free in Web Authentication. Medium CVE-2024-9956: Inappropriate implementation in Web Authentication. Medium CVE-2024-9957: Use after free in UI. Medium CVE-2024-9958: Inappropriate implementation in PictureInPicture. Medium CVE-2024-9959: Use after free in DevTools. Medium CVE-2024-9960: Use after free in Dawn. Medium CVE-2024-9961: Use after free in Parcel Tracking. Medium CVE-2024-9962: Inappropriate implementation in Permissions. TBD328278718 Medium CVE-2024-9963: Insufficient data validation in Downloads. Low CVE-2024-9964: Inappropriate implementation in Payments. Low CVE-2024-9965: Insufficient data validation in DevTools. Low CVE-2024-9966: Inappropriate implementation in Navigations. Various fixes from internal audits, fuzzing and other initiatives: [M130] Revert "canvas: add NoAllocRedirect for canvas functions" Fix crash when import onc from chrome://network with remove field [M130]Revert "[E2E] Observe Configuration change and force layout" [M130] Fix toast controller using bad optional Ensure native libraries are loaded for UrlFormatter. [Cherry-pick to M130] editor: stop editor_menu crash in guest mode snap-group: [Merge to M130] Fix crash triggered by display metrics change [M130 Merge] privacy-hub: Hide geolocation dialog when pref is managed (part 3) [M130][OOPIF PDF] Fix closing form renderer crash |
| Google Chrome 129.0.6668.1 Oct 9, 2024 |
This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$55000][368241697] High CVE-2024-9602: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) on 2024-09-20[TBD][367818758] High CVE-2024-9603: Type Confusion in V8. Reported by @WeShotTheMoon and @Nguyen Hoang Thach of starlabs on 2024-09-18 |
