You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@felix.apache.org by cz...@apache.org on 2019/09/28 08:18:29 UTC
svn commit: r1867654 [1/5] - in /felix/trunk/webconsole: ./
src/main/appended-resources/META-INF/ src/main/debug-resources/res/lib/
src/main/resources/res/lib/ src/main/resources/templates/
Author: cziegeler
Date: Sat Sep 28 08:18:28 2019
New Revision: 1867654
URL: http://svn.apache.org/viewvc?rev=1867654&view=rev
Log:
FELIX-6185 : jQuery <3.4.0 is vulnerable to prototype pollution attacks. Apply patch from Dale Clarke.
This closes #204
Added:
felix/trunk/webconsole/src/main/debug-resources/res/lib/jquery-3.4.1.js (with props)
felix/trunk/webconsole/src/main/debug-resources/res/lib/jquery-migrate-3.1.0.js (with props)
felix/trunk/webconsole/src/main/resources/res/lib/jquery-3.4.1.js (with props)
felix/trunk/webconsole/src/main/resources/res/lib/jquery-migrate-3.1.0.js (with props)
Removed:
felix/trunk/webconsole/src/main/debug-resources/res/lib/jquery-3.3.1.js
felix/trunk/webconsole/src/main/debug-resources/res/lib/jquery-migrate-3.0.0.js
felix/trunk/webconsole/src/main/resources/res/lib/jquery-3.3.1.js
felix/trunk/webconsole/src/main/resources/res/lib/jquery-migrate-3.0.0.js
Modified:
felix/trunk/webconsole/changelog.txt
felix/trunk/webconsole/pom.xml
felix/trunk/webconsole/src/main/appended-resources/META-INF/LICENSE
felix/trunk/webconsole/src/main/resources/templates/main_header.html
Modified: felix/trunk/webconsole/changelog.txt
URL: http://svn.apache.org/viewvc/felix/trunk/webconsole/changelog.txt?rev=1867654&r1=1867653&r2=1867654&view=diff
==============================================================================
--- felix/trunk/webconsole/changelog.txt (original)
+++ felix/trunk/webconsole/changelog.txt Sat Sep 28 08:18:28 2019
@@ -1,3 +1,23 @@
+Changes in 4.3.18
+-----------------
+** Bug
+ * [FELIX-6185] - jQuery <3.4.0 is vulnerable to prototype pollution attacks
+
+
+Changes in 4.3.16
+-----------------
+** Bug
+ * [FELIX-6171] - Webconsole OsgiManager throws NPE
+ * [FELIX-6172] - Already Registered Servlet Exception with WebConsole
+
+
+Changes in 4.3.14
+-----------------
+** Improvement
+ * [FELIX-6037] - Commons FileUpload 1.4 breaks bundle uploads
+ * [FELIX-6168] - Enable WebConsole login only after specified Security Providers are present
+
+
Changes in 4.3.12
-----------------
** Bug
Modified: felix/trunk/webconsole/pom.xml
URL: http://svn.apache.org/viewvc/felix/trunk/webconsole/pom.xml?rev=1867654&r1=1867653&r2=1867654&view=diff
==============================================================================
--- felix/trunk/webconsole/pom.xml (original)
+++ felix/trunk/webconsole/pom.xml Sat Sep 28 08:18:28 2019
@@ -168,8 +168,8 @@
</includes>
<excludes>
<exclude>src/main/appended-resources/**</exclude>
- <exclude>src/main/resources/res/lib/jquery-3.3.1.js</exclude>
- <exclude>src/main/resources/res/lib/jquery-migrate-3.0.0.js</exclude>
+ <exclude>src/main/resources/res/lib/jquery-3.4.1.js</exclude>
+ <exclude>src/main/resources/res/lib/jquery-migrate-3.1.0.js</exclude>
<exclude>src/main/resources/res/lib/jquery-ui-1.12.1.js</exclude>
<exclude>src/main/resources/res/lib/jquery-ui-i18n-1.12.1.js</exclude>
<exclude>src/main/resources/res/lib/autosize.min.js</exclude>
Modified: felix/trunk/webconsole/src/main/appended-resources/META-INF/LICENSE
URL: http://svn.apache.org/viewvc/felix/trunk/webconsole/src/main/appended-resources/META-INF/LICENSE?rev=1867654&r1=1867653&r2=1867654&view=diff
==============================================================================
--- felix/trunk/webconsole/src/main/appended-resources/META-INF/LICENSE (original)
+++ felix/trunk/webconsole/src/main/appended-resources/META-INF/LICENSE Sat Sep 28 08:18:28 2019
@@ -10,8 +10,7 @@ conditions of the following licenses.
For the JQuery component:
-Copyright 2012 jQuery Foundation and other contributors
-http://jquery.com/
+Copyright JS Foundation and other contributors, https://js.foundation/
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the