Showing releases from v7.x. Show all stable releases.
- Backported fixe for UAF in extensions (NOCVE). #24420
- Fix: DCHECK failure in value.IsHeapObject() in objectsdebug.cc. (Chromium security issue 1084820). #24564
- Fix: XSS on chrome://histograms/ with a compromised renderer. (Chromium security issue 1073409). #24627
- Fix: heap-use-after-free in content::NavigationRequest::OnWillProcessResponseProcessed. (Chromium security issue 1090543). #24567
- Fix: heap-use-after-free in ui::AXTreeSerializerblink (Chromium security issue 1065122). #24555
- Fix: memcpy-param-overlap in AudioBuffer::copyFromChannel. (Chromium security issue 1081722). #24584
- Fix: remove leaks of post-redirect URL for
<script>
in the CSP reports and stacktraces of errors (Chromium security issue 1074317). #24558
- Fix: update webrtc root certificate. (Chromium security issue 978779). #24619
- Fix: use-of-uninitialized-value in amr_read_header. (Chromium security issue 1065731). #24596
- Fix: usrsctp is called with pointer as network address. (Chromium security issue 1076703). #24561
- Backported the fix to CVE-2020-6532: Use after free in SCTP. #24894
- Security: Backported fix for CVE-2020-6541. #25026
Electron 7.x.y has reached end-of-support as per the project's support policy. Developers and applications are encouraged to upgrade to a newer version of Electron.
- Enable NTLM v2 for POSIX platforms and added --disable-ntlm-v2 switch to disable it. #23935
- Ensured proper nativeImage serialization between renderer and browser processes via remote. #24021
- Fixed GTK dark theme setting not respected in Electron on Linux. #23966
- Fixed an error when calling
dialog.showCertificateTrustDialog
with no BrowserWindow
. #24119
- Fixed crash when handling synchronous IPC errors. #24041
- Fixed intercepted protocols not raising Redirect information back to Chromium. #23997
- Fixed issue with some IMEs on windows (for ex: Zhuyin) don't terminate after pressing shift. #24055
- Fixed the
acceptLanguages
argument being ignored in session.setUserAgent()
. #23964
- Fixed window titlebar not responding to pen on Windows 10. #24104
- Updated Node root certs to use NSS 3.53. #24269
- Fixed
process.windowsStore
returning undefined in AppX packages. #23800
- Fixed an issue where the 'about' role had on effect on Windows menus. #23713
- Backported fix for CVE-2020-6468: OOB read/write in V8. #23748
- Backported fix for use-after-free in AudioWorklet. #23844
- EnableWebSQL is a new webpreference option to enable/disable websql api. #23582
- Ensured that exit callbacks are run for Node.js in the renderer process. #23566
- Fixed an issue whereby
macOS
would fail to allow file extensions containing periods. #23451
- Fixed an issue with navigator.languages and Accept-Language did not fully respect users' language preferences on Windows and macOS. This also improved fallback font selection for CJK texts on Windows. #23420
- Fixed crash with webview during some window management events like resize, scroll etc. #23398
- Fixed v8_context_snapshot_generator included in arm/arm64 mksnapshot zip files. #23539
- None. #23403
- Security: Backport Chromium fix for https://crbug.com/1062861. #23527
- Security: backported fix for CVE-2020-6457: Use after free in speech recognizer. #23431
- Security: backported fix for CVE-2020-6458: Out of bounds read and write in PDFium. #23466
- Security: backported fix for CVE-2020-6459: Use after free in payments. #23457
- Security: backported fix for CVE-2020-6460: Insufficient data validation in URL formatting. #23463
- Security: backported fix for CVE-2020-6461: use-after-free in storage. #23503
- Security: backported fix for CVE-2020-6462: Use after free in task scheduling. #23518
- Security: backported fix for CVE-2020-6463: use-after-free in Angle. #23562
- Security: backported fix for CVE-2020-6464: Type confusion in blink. #23531
- Security: backported fix for CVE-2020-6831: Stack buffer overflow in SCTP. #23515
- Fixed Promise timeout issue when running Electron as Node. #23324
- Fixed a use-after-free error that could happen if a Tray was destroyed while showing a custom context menu. #23182
- Fixed an issue where windows without
nativeWindowOpen: true
could invoke the non-native-open path. #23224
- Fixed memory leak when using contextBridge with sandbox=true. #23232
- MacOS VoiceOver is now able to find its way back into web contents after it navigated "out" of an application. #23174