yahoo-eng-team team mailing list archive

Thread
Date

[Bug 2070439] Re: Update XStatic-jquery-ui to 1.13.0.1 to Address CVE-2021-41182

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <2070439@xxxxxxxxxxxxxxxxxx>
Date: Tue, 23 Jul 2024 08:56:45 -0000
Reply-to: Bug 2070439 <2070439@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Reviewed:  https://review.opendev.org/c/openstack/horizon/+/924383
Committed: https://opendev.org/openstack/horizon/commit/c7650f4c0cbe8b3b53f9c12eae8f4c5d484c29bf
Submitter: "Zuul (22348)"
Branch:    master

commit c7650f4c0cbe8b3b53f9c12eae8f4c5d484c29bf
Author: manchandavishal <manchandavishal143@xxxxxxxxx>
Date:   Thu Jul 18 12:59:12 2024 +0530

    Update xstatic-jquery-ui min. version to include latest CVE fix
    
    This patch updates xstatic-jquery-ui minimum version to ensure
    the latest security vulnerabilities are addressed.
    
    Closes-Bug: 2070439
    Change-Id: I42efca2e4dcafc67ccadd6ff71d3da2e9b0fdd98


** Changed in: horizon
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/2070439

Title:
  Update XStatic-jquery-ui to 1.13.0.1 to Address CVE-2021-41182

Status in OpenStack Dashboard (Horizon):
  Fix Released

Bug description:
  Horizon is currently using XStatic-jquery-ui version 1.12.1.1, which
  is affected by a security vulnerability (CVE-2021-41182). It is
  recommended to update to version 1.13.0.1, which includes the fix for
  this issue [1].

  [1] https://nvd.nist.gov/vuln/detail/CVE-2021-41182

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/2070439/+subscriptions

References

[Bug 2070439] [NEW] Update XStatic-jquery-ui to 1.13.0.1 to Address CVE-2021-41182
From: Vishal Manchanda, 2024-06-26