Thursday, January 30, 2025

[USN-7246-1] jQuery vulnerabilities

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmebo7MFAwAAAAAACgkQZWnYVadEvpPN
ixAAorbTxHDHflUA0tJH09aff/EGyNvMQDhyltfI/llFs87pnaXmUjd90QpzO5uk4IUd3To9ZRwd
3yFc9227cYMcjbGXL/URYKkpRMTd4YVnzukz+gWPrwFWtMwZGJRIUuNj3UIW8ZMkMaZh/yKCrYwW
SrpDN4iiAdo9iManejXFVbNPjlJ0WNATtQU4S2ebrPwzg3+vEWW5PVtGHI1s2Jny8IkNls68bvdY
pOnBFUl4/vOd5HeMLTbhTJ8cj1ha3AXjnnwC4a+u+wHOI8IFRClZT38sRSf8IAgh73bC1EGvKRGv
PLjKhxZ+Cg5gJjTcVy9A0KXp9w5hwIY/r8RTDN0ZWFj1mg91OoYmsbJzTFjWpUnuDCSQO0iq8Zfk
5RshMWKYaGFqERJ5hIqHfNgncbmHJFJeIuHSdCePunjQTWdcYBvtMpwACqk9Y50t1WHkcDOdUHaw
X60CfEH/X991blBtUxBRS1YnK0SuxnFKrxy6KMLEB2TbsZ0nig6FLqmwvgDvT4pBzOhkbSGs4/3g
fl/74uj8Y5uIjdohamiBr1uQCPmDFn28I1jnrvxBcmu3CCVjKSVJTxLxD5tFsbE6yMWmziDi/aVa
aUIzG6oG9V3hqzhSRi8V4QcpIZmEk6lNmY5XCQcCNwClqbCr8CSRWEi4hKGowgpyZ/UE8LgkDerz
ffE=
=KVsv
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7246-1
January 30, 2025

jquery vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in jquery.

Software Description:
- jquery: JavaScript library for dynamic web applications

Details:

It was discovered that jQuery incorrectly handled parsing untrusted HTML. A
remote attacker could possibly use this issue to execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
libjs-jquery 3.3.1~dfsg-3ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7246-1
CVE-2020-11022, CVE-2020-11023

Package Information:
https://launchpad.net/ubuntu/+source/jquery/3.3.1~dfsg-3ubuntu0.1

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)