raspace.org
> ]
> *Sent:* Thursday, March 10, 2016 1:59 PM
> *To:* dspac...@googlegroups.com
> *Subject:* Re: [dspace-tech] jQuery 1.6.2
>
> Hi Ilja,
>
> Yes, we'd encourage a Pull Request if you are willing. Thanks for making
> us aware of this.
>
> - Tim
>
>
ent:* Thursday, March 10, 2016 1:59 PM
> *To:* dspac...@googlegroups.com
> *Subject:* Re: [dspace-tech] jQuery 1.6.2
>
> Hi Ilja,
>
> Yes, we'd encourage a Pull Request if you are willing. Thanks for making
> us aware of this.
>
> - Tim
>
> On 3/8/2016 6:55
m/npm/node-semver
[4] https://jira.duraspace.org/browse/DS-3099
From: dspace-tech@googlegroups.com [dspace-tech@googlegroups.com] on behalf of
Tim Donohue [tdono...@duraspace.org]
Sent: Thursday, March 10, 2016 1:59 PM
To: dspace-tech@googlegroups.com
Subject: Re: [d
Hi Ilja,
Yes, we'd encourage a Pull Request if you are willing. Thanks for making
us aware of this.
- Tim
On 3/8/2016 6:55 AM, Ilja Sidoroff wrote:
At routine system scan by our IT department noticed, that mirage theme
uses jQuery version 1.6.2, which is vulnerable to a XSS attack [1]. I
do
At routine system scan by our IT department noticed, that mirage theme uses
jQuery version 1.6.2, which is vulnerable to a XSS attack [1]. I don't know
if this actually exploitable in DSpace, but anyway it seems that this is
fixable by simple bumping the version to 1.6.4. Is it worth of making a