dépôts / lhc / web / wiklou.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 5de4402)
SECURITY: resources: Patch jQuery 3.3.1 for CVE-2019-11358
authorJames D. Forrester <jforrester@wikimedia.org>
Thu, 25 Apr 2019 21:12:52 +0000 (16:12 -0500)
committerReedy <reedy@wikimedia.org>
Thu, 6 Jun 2019 19:06:33 +0000 (19:06 +0000)
Patch taken from https://github.com/DanielRuf/snyk-js-jquery-174006?files=1
and left in-repo. Note that this will break the foreign resources check,
which is not currently a unit test but was planned to become such soon.

Bug: T221739
Change-Id: I99c2be81c74a8f1d35c421f0ee43c75efb30a7d0

resources/lib/jquery/jquery-3.3.1.patch [new file with mode: 0644] patch | blob
resources/lib/jquery/jquery.js patch | blob | history

diff --git a/resources/lib/jquery/jquery-3.3.1.patch b/resources/lib/jquery/jquery-3.3.1.patch
new file mode 100644 (file)
index 0000000..68a4326
--- /dev/null
+++ b/resources/lib/jquery/jquery-3.3.1.patch
@@ -0,0 +1,14 @@
+--- jquery-3.3.1.js    2019-04-01 08:39:29.000000000 +0200
++++ jquery-3.3.1.js    2019-04-01 09:02:39.000000000 +0200
+@@ -260,8 +260,9 @@ jQuery.extend = jQuery.fn.extend = function() {
+                       for ( name in options ) {
+                               src = target[ name ];
+                               copy = options[ name ];
++                              // Prevent Object.prototype pollution
+                               // Prevent never-ending loop
+-                              if ( target === copy ) {
++                              if ( name === "__proto__" || target === copy ) {
+                                       continue;
+                               }
diff --git a/resources/lib/jquery/jquery.js b/resources/lib/jquery/jquery.js
index 9b5206b..34a5703 100644 (file)
--- a/resources/lib/jquery/jquery.js
+++ b/resources/lib/jquery/jquery.js
@@ -261,8 +261,9 @@ jQuery.extend = jQuery.fn.extend = function() {
                                src = target[ name ];
                                copy = options[ name ];
 
                                src = target[ name ];
                                copy = options[ name ];
 
+                               // Prevent Object.prototype pollution
                                // Prevent never-ending loop
                                // Prevent never-ending loop
-                               if ( target === copy ) {
+                               if ( name === "__proto__" || target === copy ) {
                                        continue;
                                }
 
                                        continue;
                                }
 
Wiklou, le Wiki du Wiklou