kloczek
commented
1 year ago +1 1.79.2 has been released +6 years ago and https://github.com/docbook/xslt10-stylesheets/compare/release/1.79.2...master shows almost 160 commits since last release.
Open tgurr opened 3 years ago
kloczek
commented
1 year ago +1 1.79.2 has been released +6 years ago and https://github.com/docbook/xslt10-stylesheets/compare/release/1.79.2...master shows almost 160 commits since last release.
https://github.com/docbook/xslt10-stylesheets/issues/188 & https://github.com/docbook/xslt10-stylesheets/commit/a7054755fe107dac1bc03f89de73afc2b57392c3 have updated the jQuery version to fix CVE-2019-11358 and it's a hassle for distributions to backport since the fix includes all of jQuery which is a rather huge patch and also doesn't apply out-of-the box to the ancient version 1.79.2 released in 2016. If that's not feasible it would be nice to have at least a patch release 1.79.3 carrying just that fix.