ikiwiki/doc/bugs/outdated_jquery-ui.mdwn

    < thm> joeyh: ping
    < thm> can you update the embedded jquery-ui? (for cve 
           2010-5312, and/or 2012-6662)

I'll do this next time I spend some time on ikiwiki unless Joey or
Amitai gets there first.

It doesn't look as though we actually use the vulnerable functionality.

--[[smcv]]

> This is more complicated than it looked at first glance because both
> jquery and jquery-ui have broken API since the version we embed,
> and we also ship other jquery plugins for [[plugins/attachment]].
> Perhaps someone who knows jquery could check compatibility and
> propose a branch? --[[smcv]]
IRC is not a bug tracker 2014-11-26 13:46:29 +01:00			`< thm> joeyh: ping`
			`< thm> can you update the embedded jquery-ui? (for cve`
			`2010-5312, and/or 2012-6662)`

			`I'll do this next time I spend some time on ikiwiki unless Joey or`
update 2014-11-26 13:50:40 +01:00			`Amitai gets there first.`

			`It doesn't look as though we actually use the vulnerable functionality.`

			`--[[smcv]]`
please don't rely on me for this bit 2014-12-10 00:43:56 +01:00
			`> This is more complicated than it looked at first glance because both`
			`> jquery and jquery-ui have broken API since the version we embed,`
			`> and we also ship other jquery plugins for [[plugins/attachment]].`
			`> Perhaps someone who knows jquery could check compatibility and`
			`> propose a branch? --[[smcv]]`