This is more of a heads up for qooxdoo admins than anything, and could
possibly be a false positive, but I felt I should at least relay this info.
One of my developers sent this to me:
On my CentOS 6 laptop, using the ClamAV application to run a routine check
for viruses, it alerted me to the fact that iris/client/qooxdoo-4.0.1-sdk/
component/standalone/website/script/q.js contains the
Html.Exploit.CVE.2015.1665 vulnerability. You can review this at both
http://www.cvedetails.com/cve/CVE-2015-1665/ and
http://www.zerodayinitiative.com/advisories/ZDI-15-128/.
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
qooxdoo-devel mailing list
qooxdoo-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/qooxdoo-devel
