I'm updating the app right now.
I'm using plugman and it's working fine, the only problem I've found is, as
the app is old and I don't want to change the code, I tried to install the
file plugin from an older release (older than 1.0.0 release as it brought a
lot of changes) and got an error, but
We have released applications in the Google Play store based on Cordova 2.7.0
and have received notification from Google that these apps are vulnerable to an
Android Cordova security issue
(http://cordova.apache.org/announcements/2014/08/04/android-351.html).
Upgrading to Cordova 3.5.1 would
No, you should upgrade to 3.5.1. We have dropped support for Cordova 2.x
months ago, and we recommend upgrading.
On Thu, Oct 2, 2014 at 7:33 AM, steve.wil...@bentley.com wrote:
We have released applications in the Google Play store based on Cordova
2.7.0 and have received notification from
Steve, it is not feasible for us to patch 2.x (sorry), as the number of
vulnerabilities there is larger than just this issue. It really is in your
best interests to migrate (and to continue to keep up with changes going
forward). However, we can see what we can do about helping to guide you
That said, the relevant patch is here:
https://github.com/apache/cordova-android/commit/2ab81bc5aeb575fef3657cf48a671607e81ca37d
(Ian / Joe, please correct me if there's more than that)
On Thu, Oct 2, 2014 at 11:29 AM, Joe Bowser bows...@gmail.com wrote:
No, you should upgrade to 3.5.1. We
That patch fixes the startURL / errorURL issue, which is one of the major
components of the 3.5.1 security release (CVE-2014-3500).
The other issue is CVE-2014-3502, which is that intent urls can be launched
by a Cordova app regardless of the whitelist settings. There isn't a patch
which
I have received the same mail.
BTW, in one of my apps I use an embedded cordova webview and I'm not sure
how to upgrade that app.
My main problem is I don't know how to install the core plugins I need,
that isn't explained on the embedding webviews guide. I don't think I can
use the CLI as the
On Thu, Oct 2, 2014 at 9:57 AM, julio cesar sanchez jcesarmob...@gmail.com
wrote:
I have received the same mail.
BTW, in one of my apps I use an embedded cordova webview and I'm not sure
how to upgrade that app.
My main problem is I don't know how to install the core plugins I need,
that
I've using it for two and a half year on iOS but only for a year on android
Your blog post was very helpful (
http://infil00p.org/android/cordova/phonegap/2012/12/04/advanced-tutorial-using-cordovawebview-on-android/
)
We had a meeting with IBM guys yesterday and I think they mentioned that
they
