4.0.x release availability

[Anees Shanavas]

Hi Team,

The latest available reviewboard version 3.0.17 has jQuery version 1.8.24, which has a lot of security vulnerabilities. We are asked to upgrade this jQuery version as per our company security policy.

I could see from the below RB, the latest jQuery 3.3.x will be integrated in RB 4.0.x version.

https://reviews.reviewboard.org/r/9714/

Could you please let us know the expected date of 4.0.x release? Is there an ETA?

Thanks & Regards,

Anees

[David Trowbridge]

We're planning on getting a first beta of 4.0 out within the next few weeks. The time from then to final release is probably a few months, but will depend on how stable it is.

I would like to clarify the versions, though. Review Board 3.0.x ships jQuery 1.11.1 and jQuery UI 1.8.24. jQuery 1.11.1 has two known vulnerabilities, but neither affects Review Board. jQuery UI 1.8.24 has a single known XSS vulnerability, but again, it is not in a part of the code that Review Board uses.

David

--
Supercharge your Review Board with Power Pack: https://www.reviewboard.org/powerpack/
Want us to host Review Board for you? Check out RBCommons: https://rbcommons.com/
Happy user? Let us know! https://www.reviewboard.org/users/
---
You received this message because you are subscribed to the Google Groups "Review Board Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/reviewboard/f72c1818-dfc9-45d0-b020-ac92f93aa34a%40googlegroups.com.

[Danila Ladner]

How hard would it be to upgrade from 3.0.8 to 4.0? And is it worth it? Features vs stability concern here?

Thank you.

To view this discussion on the web visit https://groups.google.com/d/msgid/reviewboard/CAFS3VNVkLiU7DD13Cky5Or97y-18cOgCcMtdX0JLULVgY5NGxA%40mail.gmail.com.