You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cocoon.apache.org by "Alexander Klimetschek (JIRA)" <ji...@apache.org> on 2007/06/05 11:36:25 UTC
[jira] Created: (COCOON-2073) Upgrade to dojo 0.4.3 (security
fixes!)
Upgrade to dojo 0.4.3 (security fixes!)
---------------------------------------
Key: COCOON-2073
URL: https://issues.apache.org/jira/browse/COCOON-2073
Project: Cocoon
Issue Type: Improvement
Components: Blocks: Ajax
Affects Versions: 2.1.11-dev (Current SVN), 2.2-dev (Current SVN)
Reporter: Alexander Klimetschek
Current ajax block includes dojo 0.4.1. The current release of dojo is 0.4.3 - in 0.4.2 minor improvements were made but 0.4.3 includes security fixes for cross-site scripting attacks and the guys at dojo strongly recommend upgrading. As far as I can see, there should be no compatibility issues with Cocoon's dojo widgets.
http://dojotoolkit.org/releaseNotes/0.4.3
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (COCOON-2073) Upgrade to dojo 0.4.3 (security
fixes!)
Posted by "Grzegorz Kossakowski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COCOON-2073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Grzegorz Kossakowski updated COCOON-2073:
-----------------------------------------
Assignee: Grzegorz Kossakowski
Description:
Current ajax block includes dojo 0.4.1. The current release of dojo is 0.4.3 - in 0.4.2 minor improvements were made but 0.4.3 includes security fixes for cross-site scripting attacks and the guys at dojo strongly recommend upgrading. As far as I can see, there should be no compatibility issues with Cocoon's dojo widgets.
http://dojotoolkit.org/releaseNotes/0.4.3
was:
Current ajax block includes dojo 0.4.1. The current release of dojo is 0.4.3 - in 0.4.2 minor improvements were made but 0.4.3 includes security fixes for cross-site scripting attacks and the guys at dojo strongly recommend upgrading. As far as I can see, there should be no compatibility issues with Cocoon's dojo widgets.
http://dojotoolkit.org/releaseNotes/0.4.3
> Upgrade to dojo 0.4.3 (security fixes!)
> ---------------------------------------
>
> Key: COCOON-2073
> URL: https://issues.apache.org/jira/browse/COCOON-2073
> Project: Cocoon
> Issue Type: Improvement
> Components: Blocks: Ajax
> Affects Versions: 2.1.11-dev (Current SVN), 2.2-dev (Current SVN)
> Reporter: Alexander Klimetschek
> Assignee: Grzegorz Kossakowski
>
> Current ajax block includes dojo 0.4.1. The current release of dojo is 0.4.3 - in 0.4.2 minor improvements were made but 0.4.3 includes security fixes for cross-site scripting attacks and the guys at dojo strongly recommend upgrading. As far as I can see, there should be no compatibility issues with Cocoon's dojo widgets.
> http://dojotoolkit.org/releaseNotes/0.4.3
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (COCOON-2073) Upgrade to dojo 0.4.3 (security
fixes!)
Posted by "Brian Martin (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COCOON-2073?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12764408#action_12764408 ]
Brian Martin commented on COCOON-2073:
--------------------------------------
CVE-2007-6726
> Upgrade to dojo 0.4.3 (security fixes!)
> ---------------------------------------
>
> Key: COCOON-2073
> URL: https://issues.apache.org/jira/browse/COCOON-2073
> Project: Cocoon
> Issue Type: Improvement
> Components: Blocks: Ajax
> Affects Versions: 2.1.11, 2.2
> Reporter: Alexander Klimetschek
> Assignee: Grzegorz Kossakowski
> Fix For: 2.1.11, 2.2
>
>
> Current ajax block includes dojo 0.4.1. The current release of dojo is 0.4.3 - in 0.4.2 minor improvements were made but 0.4.3 includes security fixes for cross-site scripting attacks and the guys at dojo strongly recommend upgrading. As far as I can see, there should be no compatibility issues with Cocoon's dojo widgets.
> http://dojotoolkit.org/releaseNotes/0.4.3
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
Re: [jira] Closed: (COCOON-2073) Upgrade to dojo 0.4.3 (security
fixes!)
Posted by Grzegorz Kossakowski <gk...@apache.org>.
Grzegorz Kossakowski (JIRA) pisze:
> [ https://issues.apache.org/jira/browse/COCOON-2073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
>
> Grzegorz Kossakowski closed COCOON-2073.
> ----------------------------------------
>
> Resolution: Fixed
>
> Thanks for report. I updated please test and close the issue.
Of course the issue is already closed. I'm just experimenting with new Mylar version so some quirks may happen.
--
Grzegorz Kossakowski
http://reflectingonthevicissitudes.wordpress.com/
[jira] Closed: (COCOON-2073) Upgrade to dojo 0.4.3 (security
fixes!)
Posted by "Grzegorz Kossakowski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COCOON-2073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Grzegorz Kossakowski closed COCOON-2073.
----------------------------------------
Resolution: Fixed
Thanks for report. I updated please test and close the issue.
> Upgrade to dojo 0.4.3 (security fixes!)
> ---------------------------------------
>
> Key: COCOON-2073
> URL: https://issues.apache.org/jira/browse/COCOON-2073
> Project: Cocoon
> Issue Type: Improvement
> Components: Blocks: Ajax
> Affects Versions: 2.1.11-dev (Current SVN), 2.2-dev (Current SVN)
> Reporter: Alexander Klimetschek
> Assignee: Grzegorz Kossakowski
>
> Current ajax block includes dojo 0.4.1. The current release of dojo is 0.4.3 - in 0.4.2 minor improvements were made but 0.4.3 includes security fixes for cross-site scripting attacks and the guys at dojo strongly recommend upgrading. As far as I can see, there should be no compatibility issues with Cocoon's dojo widgets.
> http://dojotoolkit.org/releaseNotes/0.4.3
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (COCOON-2073) Upgrade to dojo 0.4.3 (security
fixes!)
Posted by "Grzegorz Kossakowski (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COCOON-2073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Grzegorz Kossakowski closed COCOON-2073.
----------------------------------------
Resolution: Fixed
Fix Version/s: 2.2-dev (Current SVN)
2.1.11-dev (Current SVN)
Antonio upgrade Dojo in 2.1.x branch. Closing this issue permanently.
> Upgrade to dojo 0.4.3 (security fixes!)
> ---------------------------------------
>
> Key: COCOON-2073
> URL: https://issues.apache.org/jira/browse/COCOON-2073
> Project: Cocoon
> Issue Type: Improvement
> Components: Blocks: Ajax
> Affects Versions: 2.1.11-dev (Current SVN), 2.2-dev (Current SVN)
> Reporter: Alexander Klimetschek
> Assignee: Grzegorz Kossakowski
> Fix For: 2.1.11-dev (Current SVN), 2.2-dev (Current SVN)
>
>
> Current ajax block includes dojo 0.4.1. The current release of dojo is 0.4.3 - in 0.4.2 minor improvements were made but 0.4.3 includes security fixes for cross-site scripting attacks and the guys at dojo strongly recommend upgrading. As far as I can see, there should be no compatibility issues with Cocoon's dojo widgets.
> http://dojotoolkit.org/releaseNotes/0.4.3
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Reopened: (COCOON-2073) Upgrade to dojo 0.4.3 (security
fixes!)
Posted by "Antonio Gallardo (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COCOON-2073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Antonio Gallardo reopened COCOON-2073:
--------------------------------------
At least in 2.1.11-dev this seems to not being fixed (for Linux?). Add the next line to a any page with dojo and it sends back 0.4.1:
dojo.debug("The current version of dojo is: ", dojo.version.toString());
> Upgrade to dojo 0.4.3 (security fixes!)
> ---------------------------------------
>
> Key: COCOON-2073
> URL: https://issues.apache.org/jira/browse/COCOON-2073
> Project: Cocoon
> Issue Type: Improvement
> Components: Blocks: Ajax
> Affects Versions: 2.1.11-dev (Current SVN), 2.2-dev (Current SVN)
> Reporter: Alexander Klimetschek
> Assignee: Grzegorz Kossakowski
>
> Current ajax block includes dojo 0.4.1. The current release of dojo is 0.4.3 - in 0.4.2 minor improvements were made but 0.4.3 includes security fixes for cross-site scripting attacks and the guys at dojo strongly recommend upgrading. As far as I can see, there should be no compatibility issues with Cocoon's dojo widgets.
> http://dojotoolkit.org/releaseNotes/0.4.3
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (COCOON-2073) Upgrade to dojo 0.4.3 (security
fixes!)
Posted by "Antonio Gallardo (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COCOON-2073?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12515928 ]
Antonio Gallardo commented on COCOON-2073:
------------------------------------------
Updated in 2.1, see: http://svn.apache.org/viewvc?view=rev&revision=560056
> Upgrade to dojo 0.4.3 (security fixes!)
> ---------------------------------------
>
> Key: COCOON-2073
> URL: https://issues.apache.org/jira/browse/COCOON-2073
> Project: Cocoon
> Issue Type: Improvement
> Components: Blocks: Ajax
> Affects Versions: 2.1.11-dev (Current SVN), 2.2-dev (Current SVN)
> Reporter: Alexander Klimetschek
> Assignee: Grzegorz Kossakowski
>
> Current ajax block includes dojo 0.4.1. The current release of dojo is 0.4.3 - in 0.4.2 minor improvements were made but 0.4.3 includes security fixes for cross-site scripting attacks and the guys at dojo strongly recommend upgrading. As far as I can see, there should be no compatibility issues with Cocoon's dojo widgets.
> http://dojotoolkit.org/releaseNotes/0.4.3
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.