NW.js v0.26.4 Released with Chromium Security Update
This is a release for the Chromium security update as well as bug fixes:
- Critical CVE-2017-15398: Stack buffer overflow in QUIC.
- High CVE-2017-15399: Use after free in V8.
Previously we announced NW.js 0.26 with Chromium 62 upgrade. It supports Network Quality Estimator API, OpenType variable fonts, and media capture from DOM elements. Please check upstream information here. The stable upgrade contains many security fixes as well.
We made the 0.26 branch ready soon after Chromium beta bumps to 62. Thanks to the testers for their valuable feedback and bug reports. We've been working on 3 branches simultaneously: a released branch on current Chromium stable, a beta branch on Chromium beta and a 0.14 branch for legacy OS support.
- Update Chromium to 62.0.3202.89
- Fix: Frameless transparent window is maximizing/overflowing outside window limits (#6248)
- Fix: NW.js loading files does not seem to provide file's MIME type (#6106)
- Fix: Empty temp directory not properly deleted (#5208)
- Fix: Crash when opening some web page (#6247)
- [doc] Updated information regarding mp3 support
Full ChangeLog: https://github.com/nwjs/nw.js/blob/nw26/CHANGELOG.md
Binary for other platforms: https://dl.nwjs.io/v0.26.4/
There are 2 builds for each platform - normal build, and SDK build. Normal build doesn't have devtools, only SDK build does. lt can be opened by pressing F12 (Cmd-Alt-I on OSX). SDK packages also have more development tools to be exposed in the following releases, as well as the NaCl support.
Our build infrastructure enables live binary build from git tip so you can access to the latest binary from https://dl.nwjs.io/live-build/
See our mailing list to discuss on this release: https://groups.google.com/d/msg/nwjs-general/yCNwnO09eZo/3lT63Os5CgAJ