cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian Martin (JIRA)" <j...@apache.org>
Subject [jira] Commented: (COCOON-2073) Upgrade to dojo 0.4.3 (security fixes!)
Date Sun, 11 Oct 2009 02:08:31 GMT

    [ https://issues.apache.org/jira/browse/COCOON-2073?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12764408#action_12764408
] 

Brian Martin commented on COCOON-2073:
--------------------------------------

CVE-2007-6726

> Upgrade to dojo 0.4.3 (security fixes!)
> ---------------------------------------
>
>                 Key: COCOON-2073
>                 URL: https://issues.apache.org/jira/browse/COCOON-2073
>             Project: Cocoon
>          Issue Type: Improvement
>          Components: Blocks: Ajax
>    Affects Versions: 2.1.11, 2.2
>            Reporter: Alexander Klimetschek
>            Assignee: Grzegorz Kossakowski
>             Fix For: 2.1.11, 2.2
>
>
> Current ajax block includes dojo 0.4.1. The current release of dojo is 0.4.3 - in 0.4.2
minor improvements were made but 0.4.3 includes security fixes for cross-site scripting attacks
and the guys at dojo strongly recommend upgrading. As far as I can see, there should be no
compatibility issues with Cocoon's dojo widgets. 
> http://dojotoolkit.org/releaseNotes/0.4.3

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message