The Stable Channel has been updated to 36.0.1985.143 for Windows, Mac and Linux.

This release contains a Flash Player update.

Security Fixes and Rewards
This update includes 12 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.

[$2000][390174] High CVE-2014-3165: Use-after-free in web sockets. Credit to Collin Payne.
[398925] High CVE-2014-3166: Information disclosure in SPDY. Credit to Antoine Delignat-Lavaud.

As usual, our ongoing internal security work responsible for a wide range of fixes:
  • [400950] CVE-2014-3167: Various fixes from internal audits, fuzzing and other initiatives.
Many of the above bugs were detected using AddressSanitizer.

This release fixes a number of crashes and other bugs. A full list of changes is available in the SVN log. If you find a new issue, please let us know by filing a bug.

Matthew Yuan
Google Chrome