0

jquery version upgrade in zk.jar version (5.0.6)

asked 2019-09-03 16:01:26 +0800

Ronak9 gravatar image Ronak9
1

Hello ZK team ,

We have scan zk.jar of version 5.0.6 version in DCT scan it is showing vulnerability for files zk.jar\web\js\zk\ext\jquery.js and zk.jar\web\js\zk\ext\jquery.src.js and if we scan zk.jar of version 8.6.0.1 version then also it is showing vulnerability for same files zk.jar\web\js\zk\ext\jquery.js and zk.jar\web\js\zk\ext\jquery.src.js

how can we upgrade jquery version to 3.4.1 in zk jar. For jQuery versions before 3.4.0 all versions are coming in vulnerable list.

Can you please guide us on this situation ? Can you please let us know in which version of zk jquery version 3.4.1 is used ?

Regards, Ronak Joshi

delete flag offensive retag edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2019-09-05 12:35:24 +0800

cor3000 gravatar image cor3000
4671 2 7
ZK Team

updated 2019-09-05 14:16:31 +0800

jquery 3.4.1 is not used in any ZK version yet. ZK 9 will contain 1.12.4 ZK-3719

If it was that simple we would have already done it... sorry but as of now there's no simple upgrade approach.

However for your custom JS needs it is possible to use another jquery versions side by side ZK's internal version.

https://www.zkoss.org/wiki/ZK%20Client-side%20Reference/Introduction

ZK 5.0.6 is quite old, you should also consider upgrading your ZK version in order to get additional bugfixes (including important and even critical security fixes).

link publish delete flag offensive edit
Your answer
Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!

[hide preview]

Question tools

Follow
2 followers

RSS

Stats

Asked: 2019-09-03 16:01:26 +0800

Seen: 11 times

Last updated: Sep 05

Support Options
  • Email Support
  • Training
  • Consulting
  • Outsourcing
Learn More