freebsd-ports/security/bastillion/distinfo at 77bfe6fcdc5b7a4c0ecaa2de1414849b7fdc2256 - kpriv/freebsd-ports - Disroot Forgejo: Brace yourself, merge conflicts ahead.

kpriv/freebsd-ports

Alexander Leidinger 8c2bd809c9 Update to 3.10.00.

This fixes some potential XSS in the included jquery, but there is no
information if bastillion is vulnerable in some place or not.

As all the action in bastillion happens after authentication, and
is limited to what you enter yourself, it looks like the impact
or attack surface of the jquery XSS on bastillion is low.

ChangeLog:	https://github.com/bastillion-io/Bastillion/releases/tag/v3.10.00
CVE:		CVE-2020-11022
CVE:		CVE-2020-11023

2020-05-24 07:37:51 +00:00

5 lines

338 B

Text

Raw Blame History

 TIMESTAMP = 1590304775
 SHA256 (bastillion-jetty-v3.10_00.tar.gz) = 7ab85fa9d642163ff7c566f012d96a3f5e6dc8437efe9d80b856d1cc8037f013
 SIZE (bastillion-jetty-v3.10_00.tar.gz) = 19633616
 SHA256 (bastillion-upgrade-3.08.00.jar) = 8d18adc90d258b9a9de5e5865c9f632c563d0557ad9458b9f1082ede15ed074b
 SIZE (bastillion-upgrade-3.08.00.jar) = 3557485