Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1428944 - Vulnerable JQuery Version
Vulnerable JQuery Version
Status: CLOSED ERRATA
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Security (Show other bugs)
5.6.0
Unspecified Unspecified
unspecified Severity low
: GA
: 5.7.3
Assigned To: Martin Hradil
Matouš Mojžíš
: ZStream
Depends On: 1406096
Blocks:
  Show dependency treegraph
 
Reported: 2017-03-03 11:31 EST by Satoe Imaishi
Modified: 2017-06-28 10:57 EDT (History)
8 users (show)

See Also:
Fixed In Version: 5.7.3.1
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1406096
Environment:
Last Closed: 2017-06-28 10:57:56 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: CFME Core

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:1601 normal SHIPPED_LIVE Important: CFME 5.7.3 security, bug fix and enhancement update 2017-06-28 14:51:52 EDT

  None (edit)
Comment 2 Satoe Imaishi 2017-03-03 11:36:01 EST 
PR: https://github.com/ManageIQ/manageiq-ui-service/pull/554
Comment 3 Satoe Imaishi 2017-04-06 17:23:36 EDT 
Re-opening as we needed to lock jquery at 2.1.4 for classic-ui:
https://github.com/ManageIQ/manageiq/pull/14200
Comment 4 Satoe Imaishi 2017-04-06 17:24:25 EDT 
Meant to say "~2.1.4".
Comment 7 CFME Bot 2017-04-07 08:58:48 EDT 
New commit detected on ManageIQ/manageiq-ui-classic/master:
https://github.com/ManageIQ/manageiq-ui-classic/commit/61a9f6f3ba6c2ad3d4cb2d8b044a8fb09d48bbe6

commit 61a9f6f3ba6c2ad3d4cb2d8b044a8fb09d48bbe6
Author:     Martin Hradil <mhradil@redhat.com>
AuthorDate: Fri Apr 7 10:33:53 2017 +0000
Commit:     Martin Hradil <mhradil@redhat.com>
CommitDate: Fri Apr 7 10:33:53 2017 +0000

    Upgrade jQuery to ~2.2.4
    
    (2.2 being the latest non-3.* jQuery)
    
    This is mostly so that we can backport this to fine, master will be upgraded to 3.* hopefully soon.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1428944

 bower.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
Comment 9 CFME Bot 2017-04-28 18:05:54 EDT 
New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/4f323f62e0462b41e2c14f20bce83491da1da772

commit 4f323f62e0462b41e2c14f20bce83491da1da772
Author:     Martin Povolny <mpovolny@redhat.com>
AuthorDate: Fri Apr 7 14:56:25 2017 +0200
Commit:     Satoe Imaishi <simaishi@redhat.com>
CommitDate: Fri Apr 28 18:01:05 2017 -0400

    Merge pull request #957 from himdel/jquery22
    
    Upgrade jQuery to ~2.2.4
    (cherry picked from commit dceceb8a4bf445a8bb5cecddbd74df8727673e20)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1428944

 bower.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
Comment 10 Matouš Mojžíš 2017-06-12 05:40:18 EDT 
Verified in 5.7.3.1. Requirement file needs jquery 2.2.4 now.
Comment 12 errata-xmlrpc 2017-06-28 10:57:56 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:1601
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.