From 3fd1fcb9c074bd4c4ca3d89a52e81fdcd43e77ed Mon Sep 17 00:00:00 2001 From: Audric Ackermann Date: Thu, 14 Sep 2023 15:53:22 +1000 Subject: [PATCH 1/2] chore: update electron to v25.8.1 Relates CVE-2023-4863 Relates #2922 --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 01e8a83f9..c143f1721 100644 --- a/package.json +++ b/package.json @@ -175,7 +175,7 @@ "cross-env": "^6.0.3", "css-loader": "^6.7.2", "dmg-builder": "23.6.0", - "electron": "25.3.0", + "electron": "^25.8.1", "electron-builder": "23.0.8", "eslint": "^8.45.0", "eslint-config-airbnb-base": "^15.0.0", diff --git a/yarn.lock b/yarn.lock index bca666f8c..811f8887c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2990,10 +2990,10 @@ electron@*: "@types/node" "^18.11.18" extract-zip "^2.0.1" -electron@25.3.0: - version "25.3.0" - resolved "https://registry.yarnpkg.com/electron/-/electron-25.3.0.tgz#e818ab3ebd3e7a45f8fca0f47e607c9af2dc92c7" - integrity sha512-cyqotxN+AroP5h2IxUsJsmehYwP5LrFAOO7O7k9tILME3Sa1/POAg3shrhx4XEnaAMyMqMLxzGvkzCVxzEErnA== +electron@^25.8.1: + version "25.8.1" + resolved "https://registry.yarnpkg.com/electron/-/electron-25.8.1.tgz#092fab5a833db4d9240d4d6f36218cf7ca954f86" + integrity sha512-GtcP1nMrROZfFg0+mhyj1hamrHvukfF6of2B/pcWxmWkd5FVY1NJib0tlhiorFZRzQN5Z+APLPr7aMolt7i2AQ== dependencies: "@electron/get" "^2.0.0" "@types/node" "^18.11.18" From 383b24c859c629b74c5063cacf6ea1387246afd6 Mon Sep 17 00:00:00 2001 From: Audric Ackermann Date: Thu, 14 Sep 2023 16:07:06 +1000 Subject: [PATCH 2/2] chore: bump to 1.11.3 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index c143f1721..1be685191 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,7 @@ "name": "session-desktop", "productName": "Session", "description": "Private messaging from your desktop", - "version": "1.11.2", + "version": "1.11.3", "license": "GPL-3.0", "author": { "name": "Oxen Labs",