1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
Description: Fix prototype Pollution vulnerability
Author: Michał Gołębiowski-Owczarek <https://github.com/mgol>
Origin: upstream, https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b
Bug: https://github.com/jquery/jquery/pull/4333
Bug-Debian: https://bugs.debian.org/927385
Forwarded: not-needed
Reviewed-By: Xavier Guimard <yadd@debian.org>
Last-Update: 2019-04-23
--- a/src/core.js
+++ b/src/core.js
@@ -157,7 +157,7 @@
copy = options[ name ];
// Prevent never-ending loop
- if ( target === copy ) {
+ if ( name === "__proto__" || target === copy ) {
continue;
}
|
