Release Notes for v9.1.1
Fixes
- Fixed a termination crash on Web Workers with Node.js integration enabled. #24464
- Fixed an issue where
webContents.print()
would sometimes hang with invalid settings. #24508 - Fixed an issue where cpu and heap profiling in Node.js did not work properly with
--cpu-prof
,--heap-prof
, and related CLI flags. #24541 - Fixed an issue where macOS window vibrancy active state did not always match the active state of the window. #24533
- Fixed broken
--trace-sync-io
flag in Node.js. #24648 - Fixed clipboard.readBuffer returning incorrect value. #24469
- Fixed potentially invalid duplex mode settings on Linux. #24547
Other Changes
- Fix: DCHECK failure in value.IsHeapObject() in objectsdebug.cc. (Chromium security issue 1084820). #24566
- Fix: XSS on chrome://histograms/ with a compromised renderer. (Chromium security issue 1073409). #24625
- Fix: crash when executing
debugger.sendCommand
. (Chromium security issue 1016278). #24620 - Fix: heap-use-after-free in content::NavigationRequest::OnWillProcessResponseProcessed. (Chromium security issue 1090543). #24569
- Fix: heap-use-after-free in ui::AXTreeSerializerblink (Chromium security issue 1065122). #24557
- Fix: iframe in victim page can detect Scroll To Text Fragment activation. (Chromium security issue 1042986). #24624
- Fix: integer overflow in GrTextBlob::Make. (Chromium security issue 1080481). #24586
- Fix: javascript URI sandbox flags aren't propagated in a blank string case. (Chromium security issue 1074340). #24621
- Fix: memcpy-param-overlap in AudioBuffer::copyFromChannel. (Chromium security issue 1081722). #24582
- Fix: remove leaks of post-redirect URL for
<script>
in the CSP reports and stacktraces of errors (Chromium security issue 1074317). #24560 - Fix: update webrtc root certificate. (Chromium security issue 978779). #24617
- Fix: upgrade SQLite to 3.32.1. (Chromium security issue 1087629). #24554
- Fix: use-after-free in devtools console. (Chromium security issue 986051). #24614
- Fix: use-of-uninitialized-value in amr_read_header. (Chromium security issue 1065731). #24594
- Fix: usrsctp is called with pointer as network address. (Chromium security issue 1076703). #24563
Documentation
- Documentation changes: #24516