[aerogear-dev] [Cordova] Important security fixes for Cordova-Android just released
Matthias Wessendorf
matzew at apache.org
Tue Aug 5 08:10:23 EDT 2014
On Tue, Aug 5, 2014 at 1:57 PM, tolis emmanouilidis <tolisemm at gmail.com>
wrote:
> 2014-08-05 14:34 GMT+03:00 Erik Jan de Wit <edewit at redhat.com>:
>
>
>> It’s not cordova itself that is vulnerable it’s one particular version of
>> a platform ( 3.5.0 android ). I’m not saying that people should ignore
>> security, just that we use a runtime and we cannot be held responsible or
>> control what version of that runtime people are using
>>
>>
> +1 I think it's users responsiblity to upgrade or not. Also, it looks like
> Apache is not enforcing the latest cordova version in their plugins e.g
> https://github.com/apache/cordova-plugin-statusbar/blob/master/plugin.xml#L32
>
ha! That's good info!
-M
>
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20140805/324fad0e/attachment.html
More information about the aerogear-dev
mailing list