I've set our security advisory task for this to Won't Fix as it's a
class C2 report per our taxonomy (A vulnerability, but not in OpenStack
supported code, e.g., in a dependency): https://security.openstack.org
/vmt-process.html#incident-report-taxonomy
** Changed in: ossa
Status: Incomplete => Won't Fix
** Information type changed from Public Security to Public
** Tags added: security
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1721193
Title:
Outdated and vulnerable versions of Javascript libraries
Status in OpenStack Dashboard (Horizon):
Incomplete
Status in OpenStack Security Advisory:
Won't Fix
Bug description:
One or more vulnerabilities were reported for few outdated version of the
Javascript libraries, used by horizon.
Suggestion is to upgrade to the latest version.
/dashboard/static/dashboard/js/5508d0ed7005.js
/dashboard/static/horizon/lib/jquery/jquery.js
/dashboard/static/horizon/lib/jquery/jquery.min.js
/dashboard/static/horizon/lib/jquery_migrate/jquery-migrate.js
/dashboard/static/horizon/lib/jquery_migrate/jquery-migrate.min.js
/dashboard/static/horizon/lib/jquery_ui/ui/jquery-ui.js
/dashboard/static/horizon/lib/jquery_ui/ui/jquery.ui.dialog.js
/dashboard/static/horizon/lib/jquery_ui/ui/minified/jquery-ui.min.js
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1721193/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
