Bugfixes

Incident number
Summary (problem description)
Resolution
PUB-163The publisher dependency checker identified serveral CVEs in the jQuery and moment.js third party libraries.The vulnerabilities, CVE-2012-6708 and CVE-2015-9251 were fixed by upgrading the version of the jQuery library to 3.0.0, which is an unaffected version. Another vulnerability, reDOS - regular expression denial of service, from the moment.js library, was fixed by upgrading the library version to 2.11.2.

Upgrade Instructions

There are no upgrade instructions.

3rd Party Libraries

There is also a page available which lists all the 3rd party libraries that are used in the Publisher. See for more information: Blueriq Publisher 4 libraries. For a list of all known vulnerabilities please view Blueriq Publisher Vulnerabilities