Google Chrome (32-bit)

What's new in this version:

Google Chrome 71.0.3578.98 (32-bit)
- Change log not available for this version


Google Chrome 71.0.3578.80 (32-bit)

Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- Out of bounds write in V8
- Use after frees in PDFium
- Heap buffer overflow in Skia
- Use after free in PDFium
- Use after free in Blink
- Heap buffer overflow in Canvas
- Use after free in WebAudio
- Use after free in MediaRecorder
- Heap buffer overflow in Blink
- Out of bounds write in V8
- Use after free in Skia
- Inappropriate implementation in Extensions
- Multiple issues in SQLite via WebSQL
- Inappropriate implementation in Site Isolation
- Incorrect security UI in Blink
- Inappropriate implementation in Navigation
- Inappropriate implementation in Omnibox
- Insufficient policy enforcement in Blink
- Insufficient policy enforcement in Blink
- Insufficient policy enforcement in Navigation
- Inappropriate implementation in Media
- Inappropriate implementation in Network Authentication
- Insufficient data validation in Shell Integration
- Insufficient policy enforcement in URL Formatter
- Use after free in Skia
- Insufficient policy enforcement in URL Formatter
- Insufficient policy enforcement in Proxy
- Out of bounds read in V8
- Inappropriate implementation in PDFium
- Use after free in Extensions
- Inappropriate implementation in Navigation
- Inappropriate implementation in Navigation
- Insufficient policy enforcement in Navigation
- Insufficient policy enforcement in URL Formatter

This bug was fixed in Chrome 69, but was incorrectly omitted from the release notes at the time:
- Medium To be allocated: Insufficient policy enforcement in Payments


Google Chrome 70.0.3538.110 (32-bit)
- Change log not available for this version


Google Chrome 70.0.3538.102 (32-bit)
- Change log not available for this version


Google Chrome 70.0.3538.77 (32-bit)

-  Publish DEPS for 70.0.3538.77 by chrome-release-bot
-  Incrementing VERSION to 70.0.3538.77 by chrome-release-bot
-  Web Audio: fix two bugs in audibility detection in BaseAudioContext. by Becca Hughes
-  cherry pick r601765 to M70 by Sahel Sharify
-  [Picture in Picture] Show controls on mouseover on the window. by Jennifer Apacible
-  [Picture in Picture] Fix controls timer issue by Becca Hughes
-  Reland "Fling bubbles from OOPIF properly" without the tests. by Sahel Sharify
-  [Merge M70][AF] Use 'Manage...' as footer string when popup type is unspecified by Fabio Tirelo
-  Revert "Strengthen MITIGATION_DLL_SEARCH_ORDER on non-component builds." by Will Harris
-  Incrementing VERSION to 70.0.3538.76 by chrome-release-bot
-  [M70 branch] Roll ICU to 0b97836 by Jungshik Shin
-  Fix text input on ARC++ Kiosk apps. by Yuichiro Hanada
-  Revert "Network Service: Convert port_forwarding_controller.cc to mojo host resolver" by Jun Cai
-  Turn off signin-allowed toggle after sign-out from dialog by Thomas Tangl
-  Show sign-out dialog when signin-allowed is toggled off by Thomas Tangl
-  ozone: Ensure we don't return invalid GbmBuffer objects by Alexandros Frantzis
-  Revert "[M70 Merge][TPM Reporting] Add TPM status information to DeviceStatusCollector" by Ivan Sandrk
-  Merge to 70: Fixes potential crash when toggling accessibility services by David Tseng
-  Incrementing VERSION to 70.0.3538.75 by chrome-release-bot
-  [ios] Check for nullptr NavigationItem before updating URL. by Danyao Wang
-  Incrementing VERSION to 70.0.3538.74 by chrome-release-bot
-  Incrementing VERSION to 70.0.3538.73 by chrome-release-bot
-  [M70 merge] viz: Optimize pixel-moving renderpasses damage by wutao
-  Incrementing VERSION to 70.0.3538.72 by chrome-release-bot
-  Revert "Add a CHECK to non-DICE signin that it's only used for force-signin" by Jochen Eisinger
-  Incrementing VERSION to 70.0.3538.71 by chrome-release-bot
-  chrome_features: Set Usbguard feature flag to disabled by default. by Allen Webb
-  Incrementing VERSION to 70.0.3538.70 by chrome-release-bot
-  cros: Fix menus getting squished by Alex Newcomer
-  Fix merge time window limit method by Henrique Grandinetti
-  Make old time limit locks not be applied to the Chromebook by Henrique Grandinetti
-  Fix a crash in TtsControllerImpl::VoicesChanged due to a use after free. by Sam McNally
-  Incrementing VERSION to 70.0.3538.69 by chrome-release-bot
-  Reland "Fix MessageListView crash on update during close." by Tetsui Ohkubo
-  Revert "Fix MessageListView crash on update during close." by Tetsui Ohkubo
-  Incrementing VERSION to 70.0.3538.68 by chrome-release-bot
-  Fix naming issue when renaming files inside My files by Luciano Pacheco
-  Store remaining usage time in milliseconds by Henrique Grandinetti


Google Chrome 70.0.3538.67 (32-bit)

Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- High CVE-2018-17462: Sandbox escape in AppCache
- High CVE-2018-17463: Remote code execution in V8
- High CVE to be assigned: Heap buffer overflow in Little CMS in PDFium
- High CVE-2018-17464: URL spoof in Omnibox
- High CVE-2018-17465: Use after free in V8
- High CVE-2018-17466: Memory corruption in Angle
- Medium CVE-2018-17467: URL spoof in Omnibox
- Medium CVE-2018-17468: Cross-origin URL disclosure in Blink
- Medium CVE-2018-17469: Heap buffer overflow in PDFium
- Medium CVE-2018-17470: Memory corruption in GPU Internals
- Medium CVE-2018-17471: Security UI occlusion in full screen mode
- Medium CVE-2018-17472: iframe sandbox escape on iOS
- Medium CVE-2018-17473: URL spoof in Omnibox
- Medium CVE-2018-17474: Use after free in Blink
- Low CVE-2018-17475: URL spoof in Omnibox
- Low CVE-2018-17476: Security UI occlusion in full screen mode
- Low CVE-2018-5179: Lack of limits on update() in ServiceWorker
- Low CVE-2018-17477: UI spoof in Extensions

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes:
- Various fixes from internal audits, fuzzing and other initiatives


Google Chrome 69.0.3497.100 (32-bit)

- Security Fixes and Rewards
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed

This update includes 1 security fix from our ongoing internal security work:
- Fixes from internal audits, fuzzing and other initiatives
- Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL


Google Chrome 69.0.3497.92 (32-bit)

Security Fixes and Rewards:
- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information
- [$3000][875322] High (CVE to be assigned): Function signature mismatch in WebAssembly. Reported by Kevin Cheung from Autodesk on 2018-08-17
- [$TBD][880759] Medium (CVE to be assigned): URL Spoofing in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-09-05
- We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel
- Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL


Google Chrome 69.0.3497.81 (32-bit)

- Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed
- This update includes 40 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information
- High CVE-2018-16065: Out of bounds write in V8
- High CVE-2018-16066:Out of bounds read in Blink
- High CVE-2018-16067: Out of bounds read in WebAudio
- High CVE-2018-16068: Out of bounds write in Mojo
- High CVE-2018-16069:Out of bounds read in SwiftShader
- High CVE-2018-16070: Integer overflow in Skia
- High CVE-2018-16071: Use after free in WebRTC
- Medium CVE-2018-16072: Cross origin pixel leak in Chrome's interaction with Android's MediaPlayer
- Medium CVE-2018-16073: Site Isolation bypass after tab restore
- Medium CVE-2018-16074: Site Isolation bypass using Blob URLS
- Medium: Out of bounds read in Little-CMS
- Medium CVE-2018-16075: Local file access in Blink
- Medium CVE-2018-16076: Out of bounds read in PDFium
- Medium CVE-2018-16077: Content security policy bypass in Blink
- Medium CVE-2018-16078: Credit card information leak in Autofill
- Medium CVE-2018-16079: URL spoof in permission dialogs
- Medium CVE-2018-16080: URL spoof in full screen mode
- Medium CVE-2018-16081: Local file access in DevTools
- Medium CVE-2018-16082: Stack buffer overflow in SwiftShader
- Medium CVE-2018-16083: Out of bounds read in WebRTC
- Low CVE-2018-16084: User confirmation bypass in external protocol handling
- Low CVE-2018-16085: Use after free in Memory Instrumentation
- Various fixes from internal audits, fuzzing and other initiatives


Google Chrome 68.0.3440.106 (32-bit)
- Change log not available for this version


Google Chrome 68.0.3440.84 (32-bit)
- Change log not available for this version