Release Notes for v8.4.1
Fixes
- Fix: DCHECK failure in value.IsHeapObject() in objectsdebug.cc. (Chromium security issue 1084820). #24565
- Fix: PDFium Javascript Active Document memory corruption. (Chromium security issue 1091404). #24570
- Fix: XSS on chrome://histograms/ with a compromised renderer. (Chromium security issue 1073409). #24626
- Fix: heap-use-after-free in content::NavigationRequest::OnWillProcessResponseProcessed. (Chromium security issue 1090543). #24568
- Fix: heap-use-after-free in ui::AXTreeSerializerblink (Chromium security issue 1065122). #24556
- Fix: integer overflow in GrTextBlob::Make. (Chromium security issue 1080481). #24587
- Fix: javascript URI sandbox flags aren't propagated in a blank string case. (Chromium security issue 1074340). #24622
- Fix: memcpy-param-overlap in AudioBuffer::copyFromChannel. (Chromium security issue 1081722). #24585
- Fix: remove leaks of post-redirect URL for
<script>
in the CSP reports and stacktraces of errors (Chromium security issue 1074317). #24559 - Fix: update webrtc root certificate. (Chromium security issue 978779). #24618
- Fix: use-after-free in devtools console. (Chromium security issue 986051). #24615
- Fix: use-of-uninitialized-value in amr_read_header. (Chromium security issue 1065731). #24595
- Fix: usrsctp is called with pointer as network address. (Chromium security issue 1076703). #24562
- Fixed a termination crash on Web Workers with Node.js integration enabled. #24463
- Fixed an issue where cpu and heap profiling in Node.js did not work properly with
--cpu-prof
,--heap-prof
, and related CLI flags. #24542 - Fixed an issue where macOS window vibrancy active state did not always match the active state of the window. #24546
- Fixed broken
--trace-sync-io
flag in Node.js. #24649 - Fixed clipboard.readBuffer returning incorrect value. #24468
- Fixed crash when opening app in remote X server. #24491
- Fixed unresponsive window when reloading with breakpoint in devtools. #24490
Documentation
- Documentation changes: #24515