| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| add_missing_semicolon.patch | in the Debian way of building, it seems that this missing semicolon isn't noticed by nodejs =================================================================== |
Paul Gevers <elbrus@debian.org> | no | |||
| match_css_source_to_release.patch | the concatenated jquery-ui.css in the upstream 1.12.1 release is slightly different from the source. Match them by adjusting the source. =================================================================== |
Paul Gevers <elbrus@debian.org> | no | |||
| use_system_files_in_examples.patch | The upstream examples don't use the Debian installed versions of files and the Debian packaging doesn't work with the provided relative paths. This patch makes the examples use the system-wide files. (Most required changes are done via sed commands in debian/rules). =================================================================== |
Paul Gevers <elbrus@debian.org> | not-needed | |||
| CVE-2021-41182.patch | Datepicker: Make sure altField is treated as a CSS selector | Micha Gobiowski-Owczarek | not-needed | upstream | upstream, https://github.com/jquery/jquery-ui/commit/32850869 | 2021-12-06 |
| CVE-2021-41183.patch | Make sure text option are text, shorten HTML strings | Micha Gobiowski-Owczarek | not-needed | upstream | upstream, https://github.com/jquery/jquery-ui/pull/1953 | 2021-12-06 |
| CVE-2021-41184.patch | Make sure `of` is treated as a CSS selector (Closes: CVE-2021-41184) fix "option of the `.position()` util from untrusted sources may execute untrusted code" | Micha Gobiowski-Owczarek <m.goleb@gmail.com> | not-needed | upstream | upstream, https://github.com/jquery/jquery-ui/commit/effa323f | 2021-11-08 |
| CVE-2022-31160.patch | Checkboxradio: Don't re-evaluate text labels as HTML | Micha Gobiowski-Owczarek <m.goleb@gmail.com> | not-needed | upstream | upstream, https://github.com/jquery/jquery-ui/commit/8cc5bae1 | 2023-05-31 |