Closed jgonggrijp closed 3 years ago
@jgonggrijp where is the 1.12.1
tag?
@willdurand I intentionally postponed pushing that in order to give people who want to exploit the leak less to go on. I'll let you know when I push it.
thanks
@willdurand The tag is online now.
We were notified of a security issue in
_.template
, which appears to have existed since Underscore version 1.3.2. The bug was fixed in version 1.12.1 and 1.13.0-2, which I just published. If using NPM, please upgrade tounderscore@latest
orunderscore@preview
.