[aerogear-dev] [Cordova] Important security fixes for Cordova-Android just released
Erik Jan de Wit
edewit at redhat.com
Tue Aug 5 07:34:50 EDT 2014
On 5 Aug,2014, at 13:25 , Bruno Oliveira <bruno at abstractj.org> wrote:
> On 2014-08-05, Erik Jan de Wit wrote:
>> We had this discussion before and I still feel that this course of action is wrong. It’s like let’s update the java library that we created when there is a security error in java.
>
> That **must** be the correct approach, most part of the time the cause
> of people exploiting security vulnerabilities is because the software is
> outdated. Do you want to engage our developers to ignore it?
It’s not cordova itself that is vulnerable it’s one particular version of a platform ( 3.5.0 android ). I’m not saying that people should ignore security, just that we use a runtime and we cannot be held responsible or control what version of that runtime people are using
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20140805/3ed9fc97/attachment.html
More information about the aerogear-dev
mailing list