Bump CefSharp.WinForms from 85.3.130 to 86.0.241 #1459

New Issue

MrUnknownDE · 2026-04-05T17:49:46+02:00

MrUnknownDE commented

2026-04-05 17:49:46 +02:00

Originally created by @dependabot[bot] on 11/27/2020

Bumps CefSharp.WinForms from 85.3.130 to 86.0.241.

Release notes

Sourced from CefSharp.WinForms's releases.

v86.0.241

November 27, 2020, CEF 86.0.24+g85e79d4+chromium-86.0.4240.198 / Chromium 86.0.4240.198

CEF now supports the Chromium Network Service: If you are upgrading from a version prior to 75.1.x please make sure you read cefsharp/CefSharp#2743.

Visual C++ 2015 or greater is required, see Notes below for more information

⚠️ Critical Security Update

See https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html There are no details available to the public yet

CVE-2020-16013

CVE-2020-16017

Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild.

Change Log

Includes updated Chromium version which includes security fixes for CVE-2020-16013 and CVE-2020-16017

For a complete list of changes see the 86.0.x Milestone.

ℹ️ Notes

CefSharp requires a minimum of Visual C++ 2015. See cefsharp/CefSharp#1983 for details. You can bin deploy the VC++ dependencies, read the FAQ for more details. VC++ 2017/2019 are backwards compatible. For a list of files included in the packages see https://github.com/cefsharp/CefSharp/wiki/Output-files-description-table-%28Redistribution%29

Chromium has removed support for Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2008. See https://chrome.googleblog.com/2015/11/updates-to-chrome-platform-support.html

Starting in June 2019 Google will block logins from CEF based browsers to Google Services, this includes Gmail, Drive, Docs, see https://security.googleblog.com/2019/04/better-protection-against-man-in-middle.html?m=1 for further discussion see https://groups.google.com/a/chromium.org/d/msg/embedder-dev/STyM5ZNTHMM/POj1v_cqBgAJ

Due to licensing issues default builds do not support proprietary codecs like H264/AAC, sites like Netflix/Twitter/Instagram/Facebook won't play video/audio. See #1479 for more info. MP3 audio is supported, MP4 video is not.

Anyone new to CefSharp should read the General Usage Guide

This project uses GitLink for better debugging, you can step directly into much of the project source directly from Visual Studio see #1680 for details on how to enable GitLink

⚠️ Known Issues

WinForms when running on Windows 10 Anniversary pressing certain key combinations freezes the browser see #1822 The issue has been reported upstream, there are workarounds listed in #1822

Save as PDF is not working when viewing PDF with Print Preview enabled see https://bitbucket.org/chromiumembedded/cef/issues/2867/save-as-pdf-is-not-working-in-pdf-viewer

WPF touch scroll aborted if browser navigates within document https://bitbucket.org/chromiumembedded/cef/issues/2936/osr-touch-scrolling-initiated-by-touch

Fonts incorrectly loaded on Win7 see https://bitbucket.org/chromiumembedded/cef/issues/2858/fonts-not-loading-look-wrong-on-windows-7

window.focus() does not bring popup window to front see https://bitbucket.org/chromiumembedded/cef/issues/2931/windowfocus-does-not-bring-the-window-to

OnProtocolExecution Page goes blank after link click see https://bitbucket.org/chromiumembedded/cef/issues/2715/onprotocolexecution-page-goes-blank-after

Crash on Win10 when computer wakes from sleep see https://bitbucket.org/chromiumembedded/cef/issues/2924/crash-on-libcef-when-windows-10-wakes-from

Background colour cannot be override for popups see https://bitbucket.org/chromiumembedded/cef/issues/2482/background_color-cannot-be-overridden-for

WPF Browser goes blank if used in combination with TabControl see #2779

CefSettings.IgnoreCertificateErrors no longer works, use the ignore-certificate-errors command line arg as a workaround or alternatively use OnCertificateError to selectively allow a certificate and/or display a dialog to your users see https://stackoverflow.com/a/35564187/852806 for an example.

See https://bitbucket.org/chromiumembedded/cef/issues?status=new&status=open for other known issues

See https://github.com/cefsharp/CefSharp/issues?q=is%3Aissue+is%3Aopen+label%3Aknown-issue for other known issues

⚠️ Breaking Changes ⚠️

IPopupFeatures properties are now nullable see cefsharp/CefSharp#3270 for details

DevToolsClient domain classes append Client suffic, see cefsharp/CefSharp#3287

For Network Service API changes see cefsharp/CefSharp#2743

... (truncated)

Commits

9ff6b35 Net Core - Regenerate CefSharp.Core.RefAssembly
4ffa8bf Update cefclient example application links
c63b120 Core - Add BrowserSubprocess.SelfHost.Main
6991d0e Core - Add IResponse.SetHeaderByName/GetHeaderByName
80753eb Core - MethodRunnerQueue use TaskCreationOptions.HideScheduler to
40fc9f8 Upgrade build version to 86.0.240
01cfa69 Upgrade to CEF 86.0.24+g85e79d4+chromium-86.0.4240.198 / Chromium 86.0.4240.198
3c023fe Upgrade to CEF 86.0.23+ga2c2edf+chromium-86.0.4240.193 / Chromium 86.0.4240.193
23d30a9 DevTools Client - Update csproj file
9a06282 DevTools Client - Update to M86
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

*Originally created by @dependabot[bot] on 11/27/2020* Bumps [CefSharp.WinForms](https://github.com/cefsharp/cefsharp) from 85.3.130 to 86.0.241. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cefsharp/cefsharp/releases">CefSharp.WinForms's releases</a>.</em></p> <blockquote> <h2>v86.0.241</h2> <h4>November 27, 2020, CEF 86.0.24+g85e79d4+chromium-86.0.4240.198 / Chromium 86.0.4240.198</h4> <blockquote> <ul> <li>CEF now supports the <strong>Chromium Network Service</strong>: If you are upgrading from a version prior to <code>75.1.x</code> please make sure you read <a href="https://github-redirect.dependabot.com/cefsharp/CefSharp/issues/2743">cefsharp/CefSharp#2743</a>.</li> <li><strong>Visual C++ 2015</strong> or greater is required, see <code>Notes</code> below for more information</li> </ul> </blockquote> <h3>⚠️ Critical Security Update</h3> <p>See <a href="https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html">https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html</a> There are no details available to the public yet</p> <ul> <li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16013">CVE-2020-16013</a></li> <li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16017">CVE-2020-16017</a></li> </ul> <p>Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild.</p> <h4>Change Log</h4> <ul> <li>Includes updated <code>Chromium</code> version which includes security fixes for <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16013">CVE-2020-16013</a> and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16017">CVE-2020-16017</a></li> </ul> <p>For a complete list of changes see the <a href="https://github.com/cefsharp/CefSharp/issues?q=milestone%3A86.0.x+">86.0.x Milestone</a>.</p> <h4>ℹ️ Notes</h4> <ul> <li><code>CefSharp</code> requires a minimum of <code>Visual C++ 2015</code>. See <a href="https://github-redirect.dependabot.com/cefsharp/CefSharp/issues/1983">cefsharp/CefSharp#1983</a> for details. You can bin deploy the <code>VC++</code> dependencies, read the <code>FAQ</code> for more details. <code>VC++ 2017/2019</code> are backwards compatible. For a list of files included in the packages see <a href="https://github.com/cefsharp/CefSharp/wiki/Output-files-description-table-%28Redistribution%29">https://github.com/cefsharp/CefSharp/wiki/Output-files-description-table-%28Redistribution%29</a></li> <li><code>Chromium</code> has removed support for <code>Windows XP</code>, <code>Windows Vista</code>, <code>Windows Server 2003</code> and <code>Windows Server 2008</code>. See <a href="https://chrome.googleblog.com/2015/11/updates-to-chrome-platform-support.html">https://chrome.googleblog.com/2015/11/updates-to-chrome-platform-support.html</a></li> <li>Starting in June 2019 Google will block logins from CEF based browsers to Google Services, this includes Gmail, Drive, Docs, see <a href="https://security.googleblog.com/2019/04/better-protection-against-man-in-middle.html?m=1">https://security.googleblog.com/2019/04/better-protection-against-man-in-middle.html?m=1</a> for further discussion see <a href="https://groups.google.com/a/chromium.org/d/msg/embedder-dev/STyM5ZNTHMM/POj1v_cqBgAJ">https://groups.google.com/a/chromium.org/d/msg/embedder-dev/STyM5ZNTHMM/POj1v_cqBgAJ</a></li> <li>Due to licensing issues default builds do not support proprietary codecs like <code>H264/AAC</code>, sites like <code>Netflix/Twitter/Instagram/Facebook</code> won't play video/audio. See <a href="https://github-redirect.dependabot.com/cefsharp/cefsharp/issues/1479">#1479</a> for more info. <code>MP3</code> audio is supported, <code>MP4</code> video is not.</li> <li>Anyone new to <code>CefSharp</code> should read the <a href="https://github.com/cefsharp/CefSharp/wiki/General-Usage">General Usage Guide</a></li> <li>This project uses <code>GitLink</code> for better debugging, you can step directly into much of the project source directly from <code>Visual Studio</code> see <a href="https://github-redirect.dependabot.com/cefsharp/cefsharp/issues/1680">#1680</a> for details on how to enable <code>GitLink</code></li> </ul> <h4>⚠️ Known Issues</h4> <ul> <li><code>WinForms</code> when running on <code>Windows 10 Anniversary</code> pressing certain key combinations freezes the browser see <a href="https://github-redirect.dependabot.com/cefsharp/cefsharp/issues/1822">#1822</a> The issue has been reported <code>upstream</code>, there are workarounds listed in <a href="https://github-redirect.dependabot.com/cefsharp/cefsharp/issues/1822">#1822</a></li> <li><code>Save as PDF</code> is not working when viewing PDF with Print Preview enabled see <a href="https://bitbucket.org/chromiumembedded/cef/issues/2867/save-as-pdf-is-not-working-in-pdf-viewer">https://bitbucket.org/chromiumembedded/cef/issues/2867/save-as-pdf-is-not-working-in-pdf-viewer</a></li> <li><code>WPF</code> touch scroll aborted if browser navigates within document <a href="https://bitbucket.org/chromiumembedded/cef/issues/2936/osr-touch-scrolling-initiated-by-touch">https://bitbucket.org/chromiumembedded/cef/issues/2936/osr-touch-scrolling-initiated-by-touch</a></li> <li><code>Fonts</code> incorrectly loaded on <code>Win7</code> see <a href="https://bitbucket.org/chromiumembedded/cef/issues/2858/fonts-not-loading-look-wrong-on-windows-7">https://bitbucket.org/chromiumembedded/cef/issues/2858/fonts-not-loading-look-wrong-on-windows-7</a></li> <li><code>window.focus()</code> does not bring popup window to front see <a href="https://bitbucket.org/chromiumembedded/cef/issues/2931/windowfocus-does-not-bring-the-window-to">https://bitbucket.org/chromiumembedded/cef/issues/2931/windowfocus-does-not-bring-the-window-to</a></li> <li>OnProtocolExecution Page goes blank after link click see <a href="https://bitbucket.org/chromiumembedded/cef/issues/2715/onprotocolexecution-page-goes-blank-after">https://bitbucket.org/chromiumembedded/cef/issues/2715/onprotocolexecution-page-goes-blank-after</a></li> <li>Crash on Win10 when computer wakes from sleep see <a href="https://bitbucket.org/chromiumembedded/cef/issues/2924/crash-on-libcef-when-windows-10-wakes-from">https://bitbucket.org/chromiumembedded/cef/issues/2924/crash-on-libcef-when-windows-10-wakes-from</a></li> <li>Background colour cannot be override for popups see <a href="https://bitbucket.org/chromiumembedded/cef/issues/2482/background_color-cannot-be-overridden-for">https://bitbucket.org/chromiumembedded/cef/issues/2482/background_color-cannot-be-overridden-for</a></li> <li>WPF Browser goes blank if used in combination with TabControl see <a href="https://github-redirect.dependabot.com/cefsharp/cefsharp/issues/2779">#2779</a></li> <li><code>CefSettings.IgnoreCertificateErrors</code> no longer works, use the <code>ignore-certificate-errors</code> command line arg as a workaround or alternatively use <code>OnCertificateError</code> to selectively allow a certificate and/or display a dialog to your users see <a href="https://stackoverflow.com/a/35564187/852806">https://stackoverflow.com/a/35564187/852806</a> for an example.</li> <li>See <a href="https://bitbucket.org/chromiumembedded/cef/issues?status=new&status=open">https://bitbucket.org/chromiumembedded/cef/issues?status=new&status=open</a> for other known issues</li> <li>See <a href="https://github.com/cefsharp/CefSharp/issues?q=is%3Aissue+is%3Aopen+label%3Aknown-issue">https://github.com/cefsharp/CefSharp/issues?q=is%3Aissue+is%3Aopen+label%3Aknown-issue</a> for other known issues</li> </ul> <h4>⚠️ Breaking Changes ⚠️</h4> <ul> <li><code>IPopupFeatures</code> properties are now nullable see <a href="https://github-redirect.dependabot.com/cefsharp/CefSharp/issues/3270">cefsharp/CefSharp#3270</a> for details</li> <li><code>DevToolsClient</code> domain classes append Client suffic, see <a href="https://github-redirect.dependabot.com/cefsharp/CefSharp/issues/3287">cefsharp/CefSharp#3287</a></li> </ul> <hr /> <ul> <li>For <code>Network Service API</code> changes see <a href="https://github-redirect.dependabot.com/cefsharp/CefSharp/issues/2743">cefsharp/CefSharp#2743</a></li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/cefsharp/CefSharp/commit/9ff6b35ddff0db803e9fed23ebb67f9f4c9f7d1d"><code>9ff6b35</code></a> Net Core - Regenerate CefSharp.Core.RefAssembly</li> <li><a href="https://github.com/cefsharp/CefSharp/commit/4ffa8bf36748b7603e73aa28db5960b4730c72e7"><code>4ffa8bf</code></a> Update cefclient example application links</li> <li><a href="https://github.com/cefsharp/CefSharp/commit/c63b120f8e81361f6e53eb0ee79324077040b6dd"><code>c63b120</code></a> Core - Add BrowserSubprocess.SelfHost.Main</li> <li><a href="https://github.com/cefsharp/CefSharp/commit/6991d0e53cd48c729d984cd7d73166acd00a6036"><code>6991d0e</code></a> Core - Add IResponse.SetHeaderByName/GetHeaderByName</li> <li><a href="https://github.com/cefsharp/CefSharp/commit/80753ebc709227edcce04c518db814ea67d33afe"><code>80753eb</code></a> Core - MethodRunnerQueue use TaskCreationOptions.HideScheduler to</li> <li><a href="https://github.com/cefsharp/CefSharp/commit/40fc9f8ae6d0de2417a35f67a746e94f50441d31"><code>40fc9f8</code></a> Upgrade build version to 86.0.240</li> <li><a href="https://github.com/cefsharp/CefSharp/commit/01cfa691214c15caac2db0ff4ca615245514896f"><code>01cfa69</code></a> Upgrade to CEF 86.0.24+g85e79d4+chromium-86.0.4240.198 / Chromium 86.0.4240.198</li> <li><a href="https://github.com/cefsharp/CefSharp/commit/3c023fe7b4837080208de4c0e15bea68e9dcb6f7"><code>3c023fe</code></a> Upgrade to CEF 86.0.23+ga2c2edf+chromium-86.0.4240.193 / Chromium 86.0.4240.193</li> <li><a href="https://github.com/cefsharp/CefSharp/commit/23d30a9ff3bfba6e1e57792e04e928471d5ba74e"><code>23d30a9</code></a> DevTools Client - Update csproj file</li> <li><a href="https://github.com/cefsharp/CefSharp/commit/9a062828ce63462360632c9c13965daf8c883d2c"><code>9a06282</code></a> DevTools Client - Update to M86</li> <li>Additional commits viewable in <a href="https://github.com/cefsharp/cefsharp/compare/v85.3.130...v86.0.241">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=CefSharp.WinForms&package-manager=nuget&previous-version=85.3.130&new-version=86.0.241)](https://docs.github.com/en/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/pypy-vrc/VRCX/network/alerts). </details>

MrUnknownDE closed this issue

2026-04-05 17:49:46 +02:00

Sign in to join this conversation.

No Label

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/VRCX#1459