56
tahnik
7y

A critical vulnerability was detected in Electron and I urge all the devRantron users to update their app manually.

Please go to https://www.devrantron.com get the latest version which has the necessary patches.

Due to a request, we added compact mode in the app, which can be used to view a distraction-free mode of the UI. Notifications screen is a little bit more readable now. The read notifications are now greyed out.

Again, the auto update will not work for this version. Please manually update as soon as possible.

Comments
  • 4
    Link to vuln.?
  • 4
  • 5
    @tahnik "vulnerability is present in Electron apps which register themselves as the default handler for a protocol, such as myapp://."

    devrantron does this? wonder if vsCode is affected too, since iirc it does that.
  • 6
    @JoshBent My assumption is it doesn't. I think that protocol is mostly used by UWP apps. But Electron team has not provided very good details on the vulnerability yet. So it's safer for everyone to update. We use auto update on our app so I don't want to take any risk.

    VSCode might be. Maybe they will release a patch soon.
  • 3
    > Compatible with Mac, Linux, and Windows operating systems, the recently-discovered bug impacts Windows alone

    I will update, but not asap ;p
  • 2
    @d3vnu11 devrant is not an electron app, but done with appcelerator/titanium
Add Comment