CefSharp 发布版本: v71.0.2

March 09, 2019, CEF 3.3578.1870.gc974488 / Chromium 71.0.3578.98

Bug Fix Release

This release addresses a CRITICAL SECURITY issue, everyone that uses CefSharp for internet browsing should upgrade. Those using for only intranet browsing the risk is obviously smaller, though you should perform your own risk analysis. I recommend that everyone upgrade.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5786 https://security.googleblog.com/2019/03/disclosing-vulnerabilities-to-protect.html

We encourage users to verify that Chrome auto-update has already updated Chrome to 72.0.3626.121 or later.

CEF has specifically backported the fix into the 3578 branch (version 71). The relevant commit is https://bitbucket.org/chromiumembedded/cef/commits/c974488bae67171e814b9666de3000867ff7bd76?at=3578

See https://github.com/cefsharp/CefSharp/releases/tag/v71.0.0 for full details See https://github.com/cefsharp/CefSharp/releases/tag/v71.0.1 for additional details

  • #2677 CRITICAL UPDATE CVE-2019-5786