Security patch for xss fixes

Hello all,

We just released a change for security vulnerabilities for a number of files. See the email attachments for a patch for the master branch and for open-release/juniper.master.

Without this patch, it is possible that a lot of files might be vulnerable to cross-site scripting (XSS).

This security patch uses code that escapes these vulnerabilities and fixes the xsslint issues for these files.

We advise you to patch your instances as soon as possible. The fix has been made public and merged into the respective branches.

If you have any questions, feel free to reach out to me.


Ali Akbar, edX Sustaining

sustaining_security_fixes.patch (10.4 KB)

For the record, here is the corresponding pull request on the open-release/juniper.master branch: