projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b656b4e) | patch
package/bootstrap: security bump to version 4.3.1
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Thu, 13 Feb 2020 18:00:51 +0000 (19:00 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Thu, 13 Feb 2020 21:03:36 +0000 (22:03 +0100)
commitbc31029617d122508cd379bc5973991e682ab5a4
treefa457b6559eac8c98ceffe6686f79ee031804f54tree
parentb656b4ecfc95f27c7b3a53d58372a80ae992b2a2commit | diff
package/bootstrap: security bump to version 4.3.1

- Fix CVE-2018-14042: In Bootstrap before 4.1.2, XSS is possible in the
  data-container property of tooltip.
- Fix an XSS vulnerability (CVE-2019-8331) in our tooltip and popover
  plugins by implementing a new HTML sanitizer
- Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/bootstrap/bootstrap.hash diff | blob | history
package/bootstrap/bootstrap.mk diff | blob | history