Fix: use-of-uninitialized-value in amr_read_header. (Chromium security issue 1065731). #24596
Fix: usrsctp is called with pointer as network address. (Chromium security issue 1076703). #24561
Other Changes
Backported the fix to CVE-2020-6532: Use after free in SCTP. #24894
Security: Backported fix for CVE-2020-6541. #25026
End of Support for 7.x.y
Electron 7.x.y has reached end-of-support as per the project's support policy. Developers and applications are encouraged to upgrade to a newer version of Electron.
electron v7.3.2
Release Notes for v7.3.2
Fixes
Enable NTLM v2 for POSIX platforms and added --disable-ntlm-v2 switch to disable it. #23935
Ensured proper nativeImage serialization between renderer and browser processes via remote. #24021
Fixed GTK dark theme setting not respected in Electron on Linux. #23966
Fixed an error when calling dialog.showCertificateTrustDialog with no BrowserWindow. #24119
Fixed crash when handling synchronous IPC errors. #24041
Fixed intercepted protocols not raising Redirect information back to Chromium. #23997
Fixed issue with some IMEs on windows (for ex: Zhuyin) don't terminate after pressing shift. #24055
Fixed the acceptLanguages argument being ignored in session.setUserAgent(). #23964
Fixed window titlebar not responding to pen on Windows 10. #24104
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
4 years ago
Bumps electron from 7.1.7 to 7.3.3.
Release notes
Sourced from electron's releases.
Commits
3f2d5c2Bump v7.3.3ed88a0bRevert "Bump v7.3.3"28ed26dRevert "Bump v7.3.4"15f73deBump v7.3.47345b90chore: cherry-pick 70579363ce7b from chromium (#25026)2a147f2chore: cherry-pick c7c412a36c from webrtc (#24894)2a56f72Bump v7.3.3b918293Revert "Bump v7.3.3"5a0b619fix: disable rosetta as Electron does not run under rosetta (#24743)2a30975Bump v7.3.3Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)