[jira] [Updated] (AMBARI-24515) Remove dependency on JQuery 1.8.0 for Ambari Server UI

ASF GitHub Bot (JIRA) Tue, 21 Aug 2018 02:00:08 -0700


     [ 
https://issues.apache.org/jira/browse/AMBARI-24515?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


ASF GitHub Bot updated AMBARI-24515:
------------------------------------
    Labels: pull-request-available  (was: )

> Remove dependency on JQuery 1.8.0 for Ambari Server UI
> ------------------------------------------------------
>
>                 Key: AMBARI-24515
>                 URL: https://issues.apache.org/jira/browse/AMBARI-24515
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-web
>    Affects Versions: 2.7.1
>            Reporter: Andrii Tkach
>            Assignee: Andrii Tkach
>            Priority: Blocker
>              Labels: pull-request-available
>             Fix For: 2.7.1
>
>
> Remove dependency on JQuery 1.8.0 for Ambari Server UI due to security 
> concerns. See 
> * CVE-2012-6708 - https://nvd.nist.gov/vuln/detail/CVE-2012-6708
> * CVE-2011-4969 - https://nvd.nist.gov/vuln/detail/CVE-2011-4969
> * CVE-2015-9251 - https://nvd.nist.gov/vuln/detail/CVE-2015-9251
> It is recommended that JQuery is updated to 1.8.3+1
> Path to offending file:
> {noformat}
> ambari
> |- ambari-server-2.7.1.0-119.x86_64.rpm
> |  |- usr
> |  |  |- lib
> |  |  |  |- ambari-server
> |  |  |  |  |- web
> |  |  |  |  |  |- api-docs
> |  |  |  |  |  |  |- lib
> |  |  |  |  |  |  |  |- jquery-1.8.0.min.js
> {noformat}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (AMBARI-24515) Remove dependency on JQuery 1.8.0 for Ambari Server UI

Reply via email to