Redmine 4.1.2 release date

Added by Joachim Mathes over 1 year ago

Do you already know when Redmine 4.1.2 will be released?

My question arises from two cross site scripting issues which are currently relevant in version 4.1.1:

  1. Cross-Site-Scripting
    • Redmine 4.1.1 contains jQuery 1.11.1
      • ./javascripts/jquery-1.11.1-ui-1.11.0-ujs-3.1.4.js
    • fixed in jQuery >= 3.5.0
  2. Cross-Site-Scripting
    • Redmine 4.1.1 contains jQuery UI 1.11.0
      • ./javascripts/jquery-1.11.1-ui-1.11.0-ujs-3.1.4.js
    • fixed in jQuery UI >= 1.12.0

These issues are already fixed in the main branch (#33383), but haven't been released, yet.

Is it possible to cherry-pick certain commits, to fix the XSSs in Redmine 4.1.1?

Kind regards and thanks for your great work
Jo