jQuery 3.4 released. Please upgrade gem
mtmail opened this issue · 6 comments
mtmail commented
README.md asks for opening an issue, not submitting a PR so I'll keep it short. Thanks a lot
blshkv commented
please make it your high priority due to the following security vulnerability:
https://snyk.io/blog/after-three-years-of-silence-a-new-jquery-prototype-pollution-vulnerability-emerges-once-again/
kstratis commented
For the record jQuery v3.4.1 has been released.
OlivierGrimard commented
+1
rossinkiwi commented
It would be great if this gem could be updated due to potential security vulneribility https://www.zdnet.com/article/popular-jquery-javascript-library-impacted-by-prototype-pollution-flaw/
felix91gr commented
Will this be fixed? We're working with this gem in a public project, and it's kind of problematic to be opening up our users to security holes.
rafaelfranca commented
4.3.4 and 4.3.5 released with jquery 3.4