Skip to content

Release Notes

Taylor Woll edited this page Dec 21, 2016 · 16 revisions

ChakraCore 1.4

ChakraCore 1.4.0 includes cross-platform JIT support and experimental WebAssembly support along with other language, performance and JSRT updates. See notable changes below.

ChakraCore 1.3

This patch release of ChakraCore 1.3 includes the following security fixes:

  • Change to address CVE-2016-7207 #1979
  • All fixes included in v1.2.2

Release 1.3.0 includes experimental support on x64 Linux/OSX, experimental JSRT debugging APIs, and other language and performance updates. See notable changes below.

Cross-platform

  • ChakraCore interpreter and runtime on x64 Linux (still working on JIT or concurrent/partial GC)
  • ChakraCore interpreter and runtime on x64 OSX (still working on JIT or concurrent/partial GC) #1134

Language

Performance

  • Optimize creation of Heap arguments object (91e0e91)
  • Add fastpath for when Object.hasOwnProperty returns true #1449
  • Enable script function inlining in jitted loop bodies #1182

JSRT

  • JSRT Debugging APIs (experimental) #926
  • JSRT Module API (experimental) #1254

Test

  • Introduce C++ unit testing mechanism using Catch #1224

ChakraCore 1.2

This patch release of ChakraCore 1.2 includes the following security fixes:

  • Change to address CVE-2016-7287,CVE-2016-7286,CVE-2016-7288,CVE-2016-7296 #2230

This patch release of ChakraCore 1.2 includes the following security fixes:

  • Change to address CVE-2016-7200, CVE-2016-7201, CVE-2016-720, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7241, CVE-2016-7242, CVE-2016-7243 #1942

This patch release of ChakraCore 1.2 includes the following security fixes:

  • Fixed Address deref issue #1530
  • Combined fixes for CVE-2016-3350, CVE-2016-3377 and a defense in depth change in the CustomHeap (24c4d7d)
  • Changes addressing CVE_2016-3382, CVE-2016-3385, CVE-2016-3386, CVE-2016-3389, CVE-2016-3390, CVE-2016-7189, and a mitigation of a CFG bypass. (f05c42e)
Clone this wiki locally