Re: jquery / CVE-2020-7656

To: Ola Lundqvist <ola@inguza.com>
Cc: Chris Lamb <lamby@debian.org>, Debian LTS <debian-lts@lists.debian.org>
Subject: Re: jquery / CVE-2020-7656
From: Brian May <bam@debian.org>
Date: Fri, 19 Jun 2020 07:24:41 +1000
Message-id: <[🔎] 87bllgt6cm.fsf@silverfish.pri>
In-reply-to: <[🔎] CABY6=0msXFc07DJ4STvkXrjTgpsC_+=yv2OYn_Wmb-Q6Rcp6QA@mail.gmail.com>
References: <[🔎] 87blltciyw.fsf@silverfish.pri> <[🔎] f69cf4c2-2cd1-435b-a876-f943642baa83@www.fastmail.com> <[🔎] 87wo4fc34l.fsf@silverfish.pri> <[🔎] 13e0426f-de0e-49a8-a7ba-12674cefd678@www.fastmail.com> <[🔎] 87eeqmbmdz.fsf@silverfish.pri> <[🔎] 87o8pp9sak.fsf@silverfish.pri> <[🔎] CABY6=0msXFc07DJ4STvkXrjTgpsC_+=yv2OYn_Wmb-Q6Rcp6QA@mail.gmail.com>

Ola Lundqvist <ola@inguza.com> writes:

> I think the risk of breaking things is quite significant. At least
> that is my experience from updating jquery for various applications.
>
> I guess we should then mark it as ignored, with some motivation around
> that.

Done.

https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e566eb8abcb548cf7020f18e4dce28aabfc5265
-- 
Brian May <bam@debian.org>

Reply to:

References:
- jquery / CVE-2020-7656
  - From: Brian May <brian@linuxpenguins.xyz>
- Re: jquery / CVE-2020-7656
  - From: "Chris Lamb" <lamby@debian.org>
- Re: jquery / CVE-2020-7656
  - From: Brian May <bam@debian.org>
- Re: jquery / CVE-2020-7656
  - From: "Chris Lamb" <lamby@debian.org>
- Re: jquery / CVE-2020-7656
  - From: Brian May <bam@debian.org>
- Re: jquery / CVE-2020-7656
  - From: Brian May <bam@debian.org>
- Re: jquery / CVE-2020-7656
  - From: Ola Lundqvist <ola@inguza.com>

Prev by Date: Re: [RFC] Proposal: Migrate LTS/TODO wiki page to GitLab issues
Next by Date: Re: rails update
Previous by thread: Re: jquery / CVE-2020-7656
Next by thread: Re: jquery / CVE-2020-7656
Index(es):
- Date
- Thread