Fedora 25: FEDORA-2016-b6cb3e83fa Critical: js-jquery1 XSS Mitigation
fedora
December 29, 2016
Update to latest jquery1 stable, with backport fix for XSS vulnerability.)
Summary
jQuery is a fast, small, and feature-rich JavaScript library. It makes things
like HTML document traversal and manipulation, event handling, animation, and
Ajax much simpler with an easy-to-use API that works across a multitude of
browsers. With a combination of versatility and extensibility, jQuery has
changed the way that millions of people write JavaScript.
Update Information:
Update to latest jquery1 stable, with backport fix for XSS vulnerability.)
Topics Covered
Change Log
References
[ 1 ] Bug #1307668 - js-jquery1: FTBFS in F24
https://bugzilla.redhat.com/show_bug.cgi?id=1307668
[ 2 ] Bug #1257589 - Upgrade js-jquery1 to 1.11.3
https://bugzilla.redhat.com/show_bug.cgi?id=1257589
[ 3 ] Bug #1399548 - js-jquery1: js-jquery: Cross-site scripting via cross-domain ajax requests [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1399548
[ 4 ] Bug #1399547 - js-jquery1: js-jquery: Cross-site scripting via cross-domain ajax requests [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1399547
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade js-jquery1' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: js-jquery1
Product: Fedora 25
Version: 1.12.4
Release: 2.fc25
URL: https://jquery.com/
Summary: JavaScript DOM manipulation, event handling, and AJAX library
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!