Bug 1428944
Summary: | Vulnerable JQuery Version | ||
---|---|---|---|
Product: | Red Hat CloudForms Management Engine | Reporter: | Satoe Imaishi <simaishi> |
Component: | Security | Assignee: | Martin Hradil <mhradil> |
Status: | CLOSED ERRATA | QA Contact: | Matouš Mojžíš <mmojzis> |
Severity: | low | Docs Contact: | |
Priority: | unspecified | ||
Version: | 5.6.0 | CC: | ckacergu, jhardy, jprause, jrafanie, kseifried, mfalesni, obarenbo, simaishi |
Target Milestone: | GA | Keywords: | ZStream |
Target Release: | 5.7.3 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | 5.7.3.1 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | 1406096 | Environment: | |
Last Closed: | 2017-06-28 14:57:56 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | CFME Core | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1406096 | ||
Bug Blocks: |
Comment 2
Satoe Imaishi
2017-03-03 16:36:01 UTC
Re-opening as we needed to lock jquery at 2.1.4 for classic-ui: https://github.com/ManageIQ/manageiq/pull/14200 Meant to say "~2.1.4". New commit detected on ManageIQ/manageiq-ui-classic/master: https://github.com/ManageIQ/manageiq-ui-classic/commit/61a9f6f3ba6c2ad3d4cb2d8b044a8fb09d48bbe6 commit 61a9f6f3ba6c2ad3d4cb2d8b044a8fb09d48bbe6 Author: Martin Hradil <mhradil> AuthorDate: Fri Apr 7 10:33:53 2017 +0000 Commit: Martin Hradil <mhradil> CommitDate: Fri Apr 7 10:33:53 2017 +0000 Upgrade jQuery to ~2.2.4 (2.2 being the latest non-3.* jQuery) This is mostly so that we can backport this to fine, master will be upgraded to 3.* hopefully soon. https://bugzilla.redhat.com/show_bug.cgi?id=1428944 bower.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) New commit detected on ManageIQ/manageiq/euwe: https://github.com/ManageIQ/manageiq/commit/4f323f62e0462b41e2c14f20bce83491da1da772 commit 4f323f62e0462b41e2c14f20bce83491da1da772 Author: Martin Povolny <mpovolny> AuthorDate: Fri Apr 7 14:56:25 2017 +0200 Commit: Satoe Imaishi <simaishi> CommitDate: Fri Apr 28 18:01:05 2017 -0400 Merge pull request #957 from himdel/jquery22 Upgrade jQuery to ~2.2.4 (cherry picked from commit dceceb8a4bf445a8bb5cecddbd74df8727673e20) https://bugzilla.redhat.com/show_bug.cgi?id=1428944 bower.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Verified in 5.7.3.1. Requirement file needs jquery 2.2.4 now. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2017:1601 |