Custom Query (18300 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:


Results (1 - 3 of 18300)

1 2 3 4 5 6 7 8 9 10 11
Ticket Resolution Summary Owner Reporter
#19099 fixed Snort IE vulnerability Ed Hager Ed Hager
Description

Snort users are reporting that Dojo contains an Internet Explorer vulnerability: CVE-2017-11895

Here are the Snort rules for search for that vulnerability.

alert tcp $EXTERNAL_NET $FILE_DATA_PORTS -> $HOME_NET any (msg:"BROWSER-IE Microsoft Edge Array type confusion attempt"; flow:to_client,established; file_data; content:"[{}]|3B|"; fast_pattern:only; content:"toString"; content:"function"; within:20; content:"slice"; within:150; metadata:policy balanced-ips drop, policy max-detect-ips drop, policy security-ips drop, service ftp-data, service http, service imap, service pop3; reference:cve,2017-11895; reference:url,portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-11895; classtype:attempted-user; sid:45142; rev:2;)

Those rules are looking for the pattern [{}]; which can be found here: https://github.com/dojo/dojo/blob/master/_base/xhr.js#L342

#19097 fixed [xhr] response handlers called twice mwistrand
Description

When sending requests with dojo/request/xhr, the handlers are called with the response twice (https://github.com/dojo/dojo/blob/master/request/xhr.js#L70-L85). It would be ideal if they could process the response only once.

#19051 fixed Dojo 1.13 not available on CDN chuckd
Description

Could someone please post 1.13.0 and the other new maintenance releases that came out at the same time to CDN. It's been a couple of weeks now since their release.

https://ajax.googleapis.com/ajax/libs/dojo/1.13.0/dojo/dojo.js

1 2 3 4 5 6 7 8 9 10 11
Note: See TracQuery for help on using queries.