davide/purple-electrumwallet
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

release notes: 4.7.2: add links to security disclosures

Browse Source
This commit is contained in:
SomberNight
2026-04-28 17:07:00 +00:00
parent 3399c20ad6
commit bd5ac019ce
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
RELEASE-NOTES
+5
View File
@@ -1,4 +1,9 @@
# Release 4.7.2 (April 1, 2026) # Release 4.7.2 (April 1, 2026)
* security fixes and disclosures:
- (sev-medium) External Plugin authorization bypass: local code execution
- see https://github.com/spesmilo/electrum/security/advisories/GHSA-vw94-r84p-66qf
- (sev-low) Nostr Wallet Connect plugin: daily spending limit bypass
- see https://github.com/spesmilo/electrum/security/advisories/GHSA-q7m2-785w-r585
* General: * General:
- changed: set restrictive unix umask (0077) application-wide by default (#10547) - changed: set restrictive unix umask (0077) application-wide by default (#10547)
- fix: failing assert for wallets with old (2023) still unpaid LN payment requests (#10502) - fix: failing assert for wallets with old (2023) still unpaid LN payment requests (#10502)