CIVI-SA-2017-08: Upgrade multiple JS libraries

Published
2017-07-05 23:00
Written by

CiviCRM includes a number of Javascript libraries. An automated assessment indicated that some these libraries had security issues. CiviCRM v4.7.21+ upgrades or removes multiple libraries.

Unfortunately, we could not obtain sufficient information about these issues to determine whether they cause actual vulnerabilities in CiviCRM.

Security Risk
Not Critical
Vulnerability
Other
Affected Versions

Up to v4.7.21

 

Fixed Versions

v4.7.21

Solutions

Any ONE of these solutions:

Credits
  • Chris Burgess (Fuzion)
  • Seamus Lee (Australian Greens)
  • Tim Otten (CiviCRM)