Revision: 5146
Author: [email protected]
Date: Thu Nov 8 15:16:37 2012
Log: Added 20121108 advisory.
http://code.google.com/p/google-caja/source/detail?r=5146
Modified:
/wiki/SecurityAdvisories.wiki
=======================================
--- /wiki/SecurityAdvisories.wiki Wed Sep 19 12:26:21 2012
+++ /wiki/SecurityAdvisories.wiki Thu Nov 8 15:16:37 2012
@@ -1,4 +1,5 @@
#summary All our security advisories (latest first).
+ * 8 Nov 2012 SecurityAdvisory20121108 Foreign nodes are not protected;
host methods may be misapplied; tighter user-interaction-only restrictions.
* 19 Sep 2012 SecurityAdvisory20120919 Arbitrary code execution via
setTimeout.
* 02 May 2012 SecurityAdvisory20120502 !JavaScript URLs in style
attributes not sanitized.
* 16 Jan 2012 SecurityAdvisory20120116 Guest HTML can overflow
container-supplied boundary.
