Urgent Security Issue: please update to Electron 26.2.1

I don’t see any recent posts discussing Electron, webp, or CVE-2023-4863. I’m concerned this means that Obsidian isn’t preparing an update for immediate release for this significant webp vulnerability.

You can read more about it here: Critical WebP bug: many apps, not just browsers, under threat

You can find the electron update here: chore: bump chromium to 116.0.5845.188 (26-x-y) by electron-roller[bot] · Pull Request #39828 · electron/electron · GitHub
(release here: Release electron v26.2.1 · electron/electron · GitHub )

This issue has reports of active exploits in the wild. Please patch as soon as possible!



1 Like

A new version with a patched version of electron will be released tomorrow.


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.