You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@netbeans.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2019/05/05 01:54:00 UTC
[jira] [Updated] (NETBEANS-2295) Update to knockout.js 3.5.0 to
solve security issues
[ https://issues.apache.org/jira/browse/NETBEANS-2295?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
ASF GitHub Bot updated NETBEANS-2295:
-------------------------------------
Labels: pull-request-available (was: )
> Update to knockout.js 3.5.0 to solve security issues
> ----------------------------------------------------
>
> Key: NETBEANS-2295
> URL: https://issues.apache.org/jira/browse/NETBEANS-2295
> Project: NetBeans
> Issue Type: Bug
> Components: platform - HTML4J
> Affects Versions: 10.0
> Reporter: Jaroslav Tulach
> Assignee: Jaroslav Tulach
> Priority: Major
> Labels: pull-request-available
>
> h2. org-netbeans-html-ko4j.jar: knockout-3.4.0.js
> {color:#505f79}in platform/modules/org-netbeans-html-ko4j.jar/org/netbeans/html/ko4j/knockout-3.4.0.js{color}
> ||Vulnerability||Resolution||
> |[https://github.com/knockout/knockout/issues/1244]| * cross site scripting injection
> * only exhibited in Internet Explorer 7 and older which is effectively not used at all in 2019
> * fixed in knockout 3.5.0+\||
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@netbeans.apache.org
For additional commands, e-mail: commits-help@netbeans.apache.org
For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists