NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36d00aee88
kumquat-buildroot/package/jquery-validation
History
Fabrice Fontaine b0f825f448 package/jquery-validation: security bump to version 1.19.5 
- Fix CVE-2021-43306: An exponential ReDoS (Regular Expression Denial
  of Service) can be triggered in the jquery-validation npm package,
  when an attacker is able to supply arbitrary input to the url2 method
- Fix CVE-2022-31147: The jQuery Validation Plugin (jquery-validation)
  provides drop-in validation for forms. Versions of jquery-validation
  prior to 1.19.5 are vulnerable to regular expression denial of service
  (ReDoS) when an attacker is able to supply arbitrary input to the url2
  method. This is due to an incomplete fix for CVE-2021-43306. Users
  should upgrade to version 1.19.5 to receive a patch.
- Use LICENSE.md instead of README.md which is available since version
  1.14.0 and
  96b7036eb4

https://github.com/jquery-validation/jquery-validation/releases/tag/1.19.4
https://github.com/jquery-validation/jquery-validation/releases/tag/1.19.5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-07-24 10:58:26 +02:00
..
Config.in
jquery-validation.hash
jquery-validation.mk