You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@netbeans.apache.org by "Jaroslav Tulach (JIRA)" <ji...@apache.org> on 2019/05/05 02:10:00 UTC
[jira] [Resolved] (NETBEANS-2295) Update to knockout.js 3.5.0 to
solve security issues
[ https://issues.apache.org/jira/browse/NETBEANS-2295?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jaroslav Tulach resolved NETBEANS-2295.
---------------------------------------
Resolution: Fixed
Fix Version/s: 12.0
Fixed for upcoming HTML/Java 1.6.1 version
> Update to knockout.js 3.5.0 to solve security issues
> ----------------------------------------------------
>
> Key: NETBEANS-2295
> URL: https://issues.apache.org/jira/browse/NETBEANS-2295
> Project: NetBeans
> Issue Type: Bug
> Components: platform - HTML4J
> Affects Versions: 10.0
> Reporter: Jaroslav Tulach
> Assignee: Jaroslav Tulach
> Priority: Major
> Labels: pull-request-available
> Fix For: 12.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> h2. org-netbeans-html-ko4j.jar: knockout-3.4.0.js
> {color:#505f79}in platform/modules/org-netbeans-html-ko4j.jar/org/netbeans/html/ko4j/knockout-3.4.0.js{color}
> ||Vulnerability||Resolution||
> |[https://github.com/knockout/knockout/issues/1244]| * cross site scripting injection
> * only exhibited in Internet Explorer 7 and older which is effectively not used at all in 2019
> * fixed in knockout 3.5.0+\||
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@netbeans.apache.org
For additional commands, e-mail: commits-help@netbeans.apache.org
For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists