Defect #26857
Fix for CVE-2015-9251 in JQuery 1.11.1
| Status: | Closed | Start date: | ||
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: |  Jean-Philippe Lang | % Done: | 0% | |
| Category: | Security | |||
| Target version: | 3.3.7 | |||
| Resolution: | Fixed | Affected version: |
Description
Public message on Redmine forums:
Github issue on jQuery: https://github.com/jquery/jquery/issues/2432
CVE-2015-9251 was assigned to this for jQuery.
History
#1
Updated by Jan from Planio www.plan.io 7 months ago
- File 0001-Don-t-eval-cross-origin-requests-in-jQuery-26857.patch
added - Description updated (diff)
- Status changed from New to Resolved
Gregor Schmidt has provided an unobtrusive fix which doesn't require a jQuery update. You can find it attached.
#2
Updated by Jean-Philippe Lang 4 months ago
- Project changed from Security to Redmine
- Subject changed from Vulnerable jquery 1.11.1 to Fix for CVE-2015-9251 in JQuery 1.11.1
- Category set to Security
- Status changed from Resolved to Closed
- Assignee set to Jean-Philippe Lang
- Target version set to 3.3.7
- Resolution set to Fixed
Committed, thanks.