17 lines
604 B
Markdown
17 lines
604 B
Markdown
< thm> joeyh: ping
|
|
< thm> can you update the embedded jquery-ui? (for cve
|
|
2010-5312, and/or 2012-6662)
|
|
|
|
I'll do this next time I spend some time on ikiwiki unless Joey or
|
|
Amitai gets there first.
|
|
|
|
It doesn't look as though we actually use the vulnerable functionality.
|
|
|
|
--[[smcv]]
|
|
|
|
> This is more complicated than it looked at first glance because both
|
|
> jquery and jquery-ui have broken API since the version we embed,
|
|
> and we also ship other jquery plugins for [[plugins/attachment]].
|
|
> Perhaps someone who knows jquery could check compatibility and
|
|
> propose a branch? --[[smcv]]
|