Planet Chromium

July 22, 2016

Google Chrome Releases

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 52 to the stable channel for Windows, Mac and Linux. Chrome 52.0.2743.82 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 52.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 48 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

[$15000][610600] High CVE-2016-1706: Sandbox escape in PPAPI. Credit to Pinkie Pie
[$3000][622183] High CVE-2016-1707: URL spoofing on iOS. Credit to xisigr of Tencent's Xuanwu Lab
[$500][613949] High CVE-2016-1708: Use-after-free in Extensions. Credit to Adam Varsan
[$500][614934] High CVE-2016-1709: Heap-buffer-overflow in sfntly. Credit to ChenQin of Topsec Security Team
[$8000][616907] High CVE-2016-1710: Same-origin bypass in Blink. Credit to Mariusz Mlynski
[$7500][617495] High CVE-2016-1711: Same-origin bypass in Blink. Credit to Mariusz Mlynski
[$3000][618237] High CVE-2016-5127: Use-after-free in Blink. Credit to cloudfuzzer
[$7500][619166] High CVE-2016-5128: Same-origin bypass in V8. Credit to Anonymous
[$5000][620553] High CVE-2016-5129: Memory corruption in V8. Credit to Jeonghoon Shin
[$2000][623319] High CVE-2016-5130: URL spoofing. Credit to Wadih Matar
[$3500][623378] High CVE-2016-5131: Use-after-free in libxml. Credit to Nick Wellnhofer
[$1000][607543] Medium CVE-2016-5132: Limited same-origin bypass in Service Workers. Credit to Ben Kelly
[$1000][613626] Medium CVE-2016-5133: Origin confusion in proxy authentication. Credit to Patch Eudor
[$500][593759] Medium CVE-2016-5134: URL leakage via PAC script. Credit to Paul Stone
[$500][605451] Medium CVE-2016-5135: Content-Security-Policy bypass. Credit to ShenYeYinJiu of  Tencent Security Response Center, TSRC
[$1000][625393] Medium CVE-2016-5136: Use after free in extensions. Credit to Rob Wu
[$1000][625945] Medium CVE-2016-5137: History sniffing with HSTS and CSP. Credit to Xiaoyin Liu

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible for a wide range of fixes:

[629852] CVE-2016-1705: Various fixes from internal audits, fuzzing and other initiatives.

Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity or LibFuzzer.

Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Krishna Govind
Google Chrome

by Krishna Govind (noreply@blogger.com) at July 22, 2016 06:05 PM

July 21, 2016

Google Chrome Releases

Beta Channel Update for Chrome OS



The Beta channel 52.0.2743.85 (Platform version: 8350.60.0) has been released for Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements. A list of changes can be found here.


If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Help section of the Chrome menu (3 vertical dots in the upper right corner of the browser).

Grace Kihumba
Google Chrome

by Grace Kihumba (noreply@blogger.com) at July 21, 2016 07:35 PM

V8 JavaScript Engine

V8 at the BlinkOn 6 conference

BlinkOn is a biannual meeting of Blink, V8, and Chromium contributors. BlinkOn 6 was held in Munich on June 16 and June 17. The V8 team gave a number of presentations on architecture, design, performance initiatives, and language implementation.

The V8 BlinkOn talks are embedded below.

Real-world JavaScript Performance


Length: 31:41



Outlines the history of how V8 measures JavaScript performance, the different eras of benchmarking, and a new technique to measure page loads across real-world, popular websites with detailed breakdowns of time per V8 component.

Ignition: an interpreter for V8


Length: 36:39



Introduces V8’s new Ignition Interpreter, explaining the architecture of the engine as a whole, and how Ignition affects memory usage and startup performance.

How we measure and optimize for RAIL in V8’s GC


Length: 27:11



Explains how V8 uses the Response, Animation, Idle, Loading (RAIL) metrics to target low-latency garbage collection and the recent optimizations we’ve made to reduce jank on mobile.

ECMAScript 2015 and Beyond


Length: 28:52



Provides an update on the implementation of new language features in V8, how those features integrate with the web platform, and the standards process which continues to evolve the ECMAScript language.

Tracing Wrappers from V8 to Blink (Lightning Talk)


Length: 2:31


Highlights tracing wrappers between V8 and Blink objects and how they help prevent memory leaks and reduce latency.

by Seth Thompson (noreply@blogger.com) at July 21, 2016 10:47 AM

July 20, 2016

Google Chrome Releases

Dev Channel Update for Chrome OS

The Dev channel has been updated to 53.0.2785.23 (Platform version: 8530.24.0) for all Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements. A list of changes can be found here.

If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 vertical dots in the upper right corner of the browser).

Ketaki Deshpande
Google Chrome

by Ketaki Deshpande (noreply@blogger.com) at July 20, 2016 10:05 PM

Beta Channel Update

The beta channel has been updated to 52.0.2743.82 for Windows, Mac, and Linux. A partial list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Krishna Govind
Google Chrome

by Krishna Govind (noreply@blogger.com) at July 20, 2016 06:06 PM

Dev Channel Update

The dev channel has been updated to 53.0.2785.21 for Windows, Mac and Linux. A partial list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Di Mu
Google Chrome

by Di Mu (noreply@blogger.com) at July 20, 2016 06:05 PM

Beta Channel Update

The beta channel has been updated to 52.0.2743.75 for Windows, Mac, and Linux. A partial list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Di Mu
Google Chrome

by Di Mu (noreply@blogger.com) at July 20, 2016 06:05 PM

Beta Channel Update for Chrome OS

The Beta channel 52.0.2743.57 (Platform version: 8350.46.0) has been released for all Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements. A list of changes can be found here.

If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Help section of the Chrome menu (3 vertical dots in the upper right corner of the browser).

Grace Kihumba
Google Chrome

by Grace Kihumba (noreply@blogger.com) at July 20, 2016 06:04 PM

Dev Channel Update

The dev channel has been updated to 53.0.2785.8 for Windows, Mac and Linux. A partial list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Di Mu
Google Chrome

by Di Mu (noreply@blogger.com) at July 20, 2016 06:04 PM

July 18, 2016

V8 JavaScript Engine

V8 Release 5.3

Roughly every six weeks, we create a new branch of V8 as part of our release process. Each version is branched from V8’s git master immediately before Chrome branches for a Chrome Beta milestone. Today we’re pleased to announce our newest branch, V8 version 5.3, which will be in beta until it is released in coordination with Chrome 53 Stable. V8 5.3 is filled will all sorts of developer-facing goodies, so we’d like to give you a preview of some of the highlights in anticipation of the release in several weeks.

Memory


New Ignition Interpreter


Ignition, V8's new interpreter, is feature complete and will be enabled in Chrome 53 for low-memory Android devices. The interpreter brings immediate memory savings for JIT'ed code and will allow V8 to make future optimizations for faster startup during code execution. Ignition works in tandem with V8's existing optimizing compilers (TurboFan and Crankshaft) to ensure that “hot” code is still optimized for peak performance. We are continuing to improve interpreter performance and hope to enable Ignition soon on all platforms, mobile and desktop. Look for an upcoming blog post for more information about Ignition’s design, architecture, and performance gains. Embedded versions of V8 can turn on the Ignition interpreter with the flag --ignition.

Reduced jank


V8 version 5.3 includes various changes to reduce application jank and garbage collection times. These changes include:
  • Optimizing weak global handles to reduce the time spent handling external memory
  • Unifying the heap for full garbage collections to reduce evacuation jank
  • Optimizing V8’s black allocation additions to the garbage collection marking phase
Together, these improvements reduce full garbage collection pause times by about 25%, measured while browsing a corpus of popular webpages. For more detail on recent garbage collection optimizations to reduce jank, see the “Jank Busters” blog posts Part 1 & Part 2.

Performance


Improving page startup time


The V8 team recently began tracking performance improvements against a corpus of 25 real-world website page loads (including popular sites such as Facebook, Reddit, Wikipedia, and Instagram). Between V8 5.1 (measured in Chrome 51 from April) and V8 5.3 (measured in a recent Chrome Canary 53) we improved startup time in aggregate across the measured websites by ~7%. These improvements loading real websites mirrored similar gains on the Speedometer benchmark, which ran 14% faster in V8 5.3. For more details about our new testing harness, runtime improvements, and breakdown analysis of where V8 spends time during page loads, see our upcoming blog post on startup performance.

ES6 Promise performance


V8's performance on the Bluebird ES6 Promise benchmark suite improved by 20-40% in V8 version 5.3, varying by architecture and benchmark.

V8 Promise performance over time on a Nexus 5x


V8 API


Please check out our summary of API changes. This document gets regularly updated a few weeks after each major release.

Developers with an active V8 checkout can use 'git checkout -b 5.3 -t branch-heads/5.3' to experiment with the new features in V8 5.3. Alternatively you can subscribe to Chrome's Beta channel and try the new features out yourself soon.

Posted by the V8 team

by Seth Thompson (noreply@blogger.com) at July 18, 2016 07:38 PM

V8 Release 5.2

Roughly every six weeks, we create a new branch of V8 as part of our release process. Each version is branched from V8’s git master immediately before Chrome branches for a Chrome Beta milestone. Today we’re pleased to announce our newest branch, V8 version 5.2, which will be in beta until it is released in coordination with Chrome 52 Stable. V8 5.2 is filled will all sorts of developer-facing goodies, so we’d like to give you a preview of some of the highlights in anticipation of the release in several weeks.

ES6 & ES7 support

V8 5.2 contains support for ECMAScript 6 (aka ES2015) and ECMAScript 7 (aka ES2016).

Exponentiation operator

This release contains support for the ES7 exponentiation operator, an infix notation to replace Math.pow.
let n = 3**3; // n == 27
n **= 2; // n == 729

Evolving spec

For more information on the complexities behind support for evolving specifications and continued standards discussion around web compatibility bugs and tail calls, see the V8 blog post ES6, ES7, and beyond.

Performance

V8 5.2 contains further optimizations to improve the performance of JavaScript built-ins, including improvements for Array operations like the isArray method, the in operator, and Function.prototype.bind. This is part of ongoing work to speed up built-ins based on new analysis of runtime call statistics on popular web pages. For more information, see the V8 Google I/O 2016 talk and look for an upcoming blog post on performance optimizations gleaned from real-world websites.

V8 API

Please check out our summary of API changes. This document gets regularly updated a few weeks after each major release.

Developers with an active V8 checkout can use 'git checkout -b 5.2 -t branch-heads/5.2' to experiment with the new features in V8 5.2. Alternatively you can subscribe to Chrome's Beta channel and try the new features out yourself soon.

Posted by the V8 team

by Michael Hablich (noreply@blogger.com) at July 18, 2016 07:23 PM

July 14, 2016

Google Chrome Releases

Beta Channel Update for Chrome OS

The Beta channel 52.0.2743.75 (Platform version: 8350.55.0/ 8350.56.0) has been released for Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements. A list of changes can be found here.


If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Help section of the Chrome menu (3 vertical dots in the upper right corner of the browser).

Grace Kihumba
Google Chrome

by Grace Kihumba (noreply@blogger.com) at July 14, 2016 09:47 PM

Dev Channel Update for Chrome OS

The Dev channel has been updated to 53.0.2785.13/53.0.2785.15 (Platform version: 8530.11.0/8530.13.0) for all Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements. A list of changes can be found here.

If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 vertical dots in the upper right corner of the browser).

Ketaki Deshpande
Google Chrome

by Ketaki Deshpande (noreply@blogger.com) at July 14, 2016 03:31 PM

July 12, 2016

Chromium Blog

Ensuring transparency and choice in the Chrome Web Store

Updated 7/12/2016: High submission volume has led to review latency that is longer than normal, so we've extended the grace period. The new policy will be enforced beginning September 6th, 2016
Today we’re updating the User Data Policy for the Chrome Web Store. Principles of transparency and choice over how users’ personal data is handled have long been key parts of Google’s philosophy. Since early on, Chrome has included privacy-protecting features to give users control over their browsing experience, including incognito mode and granular privacy preferences. Now, we’re consolidating and expanding our policies about user data to ensure our Chrome Web Store developers follow similar principles.


Chrome provides robust APIs that empower developers to create compelling extensions and apps, and users often need to provide access to their data to allow these services to run. The new User Data Policy extends existing policies to ensure transparent use of the data in a way that is consistent with the wishes and expectations of users. Some of the new requirements for developers are:


  • Be transparent about the handling of user data and disclose privacy practices
  • Post a privacy policy and use encryption, when handling personal or sensitive information, and
  • Ask users to consent to the collection of personal or sensitive data via a prominent disclosure, when the use of the data isn’t related to a prominent feature.


The policy also has other requirements, including prohibiting the collection of web browsing activity when it’s not required for an item’s main functionality. The full text of the policy is available in our Developer Program Policies and more information is available in the FAQ section.


We'll notify developers when we discover items that violate the User Data Policy, and they'll have until July 14, 2016 to make any changes needed for compliance. Starting July 15th, 2016, items that violate the policy will be removed from the Web Store and will need to become compliant to be reinstated.


Protecting our users is our key priority, and we believe this change will make sure users are better informed and allow them to choose how their user data is handled.


Posted by Teresita Perez and Athas Nikolakakos, Chrome Policy Team

by Chrome Blog (noreply@blogger.com) at July 12, 2016 09:02 AM

July 11, 2016

Google Chrome Releases

Stable Channel Update for Chrome OS

The Stable channel has been updated to 51.0.2704.106 (Platform version: 8172.62.0) for all Chrome OS devices except Lenovo ThinkPad 11e Chromebook and Samsung Chromebook Series 5. This build contains a number of bug fixes, security updates, and feature enhancements. Systems will be receiving updates over the next several days.

If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 horizontal bars in the upper right corner of the browser).

Bernie Thompson

Google Chrome

by Bernie Thompson (noreply@blogger.com) at July 11, 2016 11:51 AM