[
https://issues.apache.org/jira/browse/COCOON-2073?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12764408#action_12764408
]
Brian Martin commented on COCOON-2073:
--------------------------------------
CVE-2007-6726
> Upgrade to dojo 0.4.3 (security fixes!)
> ---------------------------------------
>
> Key: COCOON-2073
> URL: https://issues.apache.org/jira/browse/COCOON-2073
> Project: Cocoon
> Issue Type: Improvement
> Components: Blocks: Ajax
> Affects Versions: 2.1.11, 2.2
> Reporter: Alexander Klimetschek
> Assignee: Grzegorz Kossakowski
> Fix For: 2.1.11, 2.2
>
>
> Current ajax block includes dojo 0.4.1. The current release of dojo is 0.4.3
> - in 0.4.2 minor improvements were made but 0.4.3 includes security fixes for
> cross-site scripting attacks and the guys at dojo strongly recommend
> upgrading. As far as I can see, there should be no compatibility issues with
> Cocoon's dojo widgets.
> http://dojotoolkit.org/releaseNotes/0.4.3
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
