On 23/04/20 08:58, Francesco Chicchiriccò wrote: > On 23/04/20 08:51, Colm O hEigeartaigh wrote: >> Is it possible to update the JQuery version on 2.1.x/2.0.x to the same >> version as on master? (3.4.1). It seems the existing version is vulnerable >> to https://nvd.nist.gov/vuln/detail/CVE-2019-11358 > Hi Colm, > I don't see issue. Let me do some local tests to confirm and I'll revert here. > > Regards.
Found no issues, proceeded with upgrade: * 2_0_X: https://github.com/apache/syncope/commit/8ec6c23498aa058860024a2940b8d3104b4be7d6 * 2_1_X: https://github.com/apache/syncope/commit/40bb5d7fe3790a5a66743d8473de0976bb2780b7 Regards. -- Francesco Chicchiriccò Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail http://home.apache.org/~ilgrosso/
