You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@archiva.apache.org by Eric Fetzer <er...@gmail.com> on 2020/09/16 15:03:50 UTC
Archiva jQuery Version Vulnerability
Hi all! I asked on the user forum but it seems to be unmanned. Are you
able to instruct me on how I would upgrade the jQuery version used by
Archiva? Security team is ready to have my hide...
Plugin Output:
URL : http://myMachine:8081/js/jquery-1.11.1.min.js
<http://mymachine:8081/js/jquery-1.11.1.min.js>
Installed version : 1.11.1
Fixed version : 3.5.0
Thanks much!
Eric
Re: Archiva jQuery Version Vulnerability
Posted by Martin <ma...@apache.org>.
Hi Eric,
unfortunately it will not work to replace jquery with the version 3.5.0 without changing the code.
The only version that may be compatible would be: https://code.jquery.com/jquery-1.12.4.min.js
You can try to replace the file apps/archiva/js/jquery-1.11.1.min.js in the archiva installation with the above version.
But no guarantee that this will work.
There are no plans at the time to switch to jquery >=3.5.0 version for archiva 2.x.
Regards
Martin
Am Mittwoch, 16. September 2020, 17:03:50 CEST schrieb Eric Fetzer:
> Hi all! I asked on the user forum but it seems to be unmanned. Are you
> able to instruct me on how I would upgrade the jQuery version used by
> Archiva? Security team is ready to have my hide...
>
> Plugin Output:
> URL : http://myMachine:8081/js/jquery-1.11.1.min.js
> <http://mymachine:8081/js/jquery-1.11.1.min.js>
> Installed version : 1.11.1
> Fixed version : 3.5.0
>
>
> Thanks much!
> Eric
>