Updated dojo packages fix security vulnerability
Publication date: 06 Mar 2020Type: security
Affected Mageia releases : 7
CVE: CVE-2019-10785
Description
Updated dojo package fixes security vulnerability:
dojox was vulnerable to Cross-site Scripting. This was due to
dojox.xmpp.util.xmlEncode only encoding the first occurrence of
each character, not all of them (CVE-2019-10785).
References
SRPMS
7/core
- dojo-1.14.5-1.mga7