Re: [aerogear-dev] [Cordova] Important security fixes for Cordova-Android just released
2014-08-05 14:34 GMT+03:00 Erik Jan de Wit <edewit(a)redhat.com>:
It’s not cordova itself that is vulnerable it’s one particular version of
a platform ( 3.5.0 android ). I’m not saying that people should ignore
security, just that we use a runtime and we cannot be held responsible or
control what version of that runtime people are using
+1 I think it's users responsiblity to upgrade or not. Also, it looks like
Apache is not enforcing the latest cordova version in their plugins e.g
https://github.com/apache/cordova-plugin-statusbar/blob/master/plugin.xml...
Attachments:
- attachment.html (text/html — 1.1 KB)