uglifyjs security vulnerability

  • Post date

Home Forums Calendar Products Events Calendar PRO uglifyjs security vulnerability

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • November 26, 2015 at 10:47 am #1031286
    Steve
    Participant

    This is included in 3.12:

    Security – Resolved JS vulnerability in minified JS by upgrading to uglifyjs 2.4.24

    Could you clarify what the risks for site owners are if they don’t update to 3.12?

    November 27, 2015 at 7:16 am #1031564
    Barry
    Member

    Hi there Mike,

    Thanks for posting – that’s a valid question to ask.

    On our end this was largely a precautionary measure to mitigate the potential for vulnerabilities to enter our production code. We aren’t aware of any actual problems that were created.

    To learn more about the nature of the vulnerability please refer to the following advisory:

    nodesecurity.io/advisories/39

    In this case, our advice is simply that you should update for peace of mind and to benefit from various other bug fixes and enhancements 🙂

    I hope that helps, but do let me know if you have further questions.

    February 18, 2016 at 8:31 am #1075801
    Support Droid
    Keymaster

    This topic has not been active for quite some time and will now be closed.

    If you still need assistance please simply open a new topic (linking to this one if necessary)
    and one of the team will be only too happy to help.

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • The topic ‘uglifyjs security vulnerability’ is closed to new replies.