Wrong update version for jsJobs in Know Vulnerabilities

  • OdraregPepper
  • Topic Author
  • Offline
  • Senior Member
  • Senior Member
More
2 years 11 months ago #7582 by OdraregPepper
Hi Jose

In DashboardVulnerabilities its listed com_jsjobs, in details show this

Description Class Published Affected versions Solution (1)
Js Jobs Component Other vulnerabilities Oct 14 2019 Version 1.1.5, 1.1.6, 1.2.5 and 1.2.6 Update to version 2.1.7

But the last version at Joomsky is 1.2.8 for both free and pro versions, so there is no way to update to 2.1.7

www.joomsky.com/products/js-jobs.html
www.joomsky.com/products/js-jobs-pro.html
If you please check the Version History will se that 1.2.8 is the last

Can you please check this?
Thanks in advance


The following user(s) said Thank You: Jose

Please Log in or Create an account to join the conversation.

More
2 years 11 months ago - 2 years 11 months ago #7583 by Jose
Hi Gerardo,

Solution row shows the version to update to when I publish the vulnerability, but as the (1) number says "there could be a newer version published". This is our case: when I published the vulnerability recommend version to update was 2.1.7 but currently there is a new version available ( 2.1.8 ), so updating to 2.1.8 should fix the vulnerability.

Anyway the database shows that your version ( 2.1.8 ) is vulnerable; I will check why.

Regards,
Jose
Last edit: 2 years 11 months ago by Jose.

Please Log in or Create an account to join the conversation.

More
2 years 11 months ago #7584 by jhvanee
This problem also still occurs for Huge IT version 1.1.0 ;)

Please Log in or Create an account to join the conversation.

More
2 years 11 months ago #7585 by Jose
Hi Gerardo,

Anyway the database shows that your version ( 2.1.8 ) is vulnerable; I will check why.

I know what happens: by mistake I changed vulnerable version in the update database xml. I will fix it in the next release.

This problem also still occurs for Huge IT version 1.1.0

Yes, it will also be fixed in the next version :)

Regards,
Jose

Please Log in or Create an account to join the conversation.

  • OdraregPepper
  • Topic Author
  • Offline
  • Senior Member
  • Senior Member
More
2 years 11 months ago #7586 by OdraregPepper
Thank you very much Jose!
Have a nice week

Please Log in or Create an account to join the conversation.

More
2 years 11 months ago #7588 by Jose
You're welcome!

And thank you very much to you for reporting this!

Regards,
Jose

Please Log in or Create an account to join the conversation.

Time to create page: 0.172 seconds