You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible

This forum contains topics that were moved from Get Satisfaction
Kateryna Grynko
Posts: 0
Joined: Thu Nov 15, 2012 9:13 am

You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible

Post by Kateryna Grynko »

Hello,

We updated PhoneGap version to 3.6.3 (Android only).

Kateryna Grynko
Posts: 0
Joined: Thu Nov 15, 2012 9:13 am

You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible

Post by Kateryna Grynko »

Hi Chandra,

https://getsatisfaction.com/apperyio/... unfortunately we do not have tutorials on how to do it.

You can change libraries version in App Settings but this can cause errors that you will have to fix manually as these Cordova versions differ a lot.

Maurice
Posts: 0
Joined: Sun Mar 23, 2014 5:25 pm

You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible

Post by Maurice »

Hi Kateryna
Thanks for the update. I have just updated my app to the new library 2.1 which includes the Cordova 3.6 version. I have exported my apk and published it on the Play store. All seems to be good so far.
Thanks for your assistance.

Mary
Posts: 0
Joined: Mon Oct 27, 2014 4:52 pm

You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible

Post by Mary »

npm install -g cordova
cd my_project
cordova platform update android

Evgene Karachevtsev
Posts: 12
Joined: Mon Apr 28, 2014 1:12 pm

You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible

Post by Evgene Karachevtsev »

Hello Mary,

This is not very suitable for Appery.io project. But we have already updated Cordoba to 3.6, so the problem has been resolved

Mary
Posts: 0
Joined: Mon Oct 27, 2014 4:52 pm

You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible

Post by Mary »

My apologies, Evgene. I jumped in without checking the platform, etc.
In your opinion, is this a critical vulnerability? Do you know if most people are upgrading to 3.5.1 or above?

I looked at the CVE's for it and the one I found most concerning is cve 2014-3500 (the xas one) because it can be exploited remotely-
"This vulnerability enables theft of sensitive information from Cordova-based apps both locally by malware and also remotely by using drive-by exploitation techniques."

I do security for my organization and usually deal with web application servers, databases, etc. This is something I wish I knew more about, and I'm getting push back from developers on upgrading Cordova, due to the fact that they will be moving to another platform... (no date mentioned, need to find that out.)

BTW- You've upgraded to 3.6, nice!

Evgene Karachevtsev
Posts: 12
Joined: Mon Apr 28, 2014 1:12 pm

You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible

Post by Evgene Karachevtsev »

Mary,

Yes, we upgraded Cordova to 3.6 in library version 2.0 and version 2.1. In the old and new Builder. I.e. by choosing these lib versions in your project you will have Cordova 3.6

silva delasto
Posts: 0
Joined: Sat Nov 08, 2014 7:06 pm

You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible

Post by silva delasto »

where I can download cordova 3.6 jar?

Illya Stepanov
Posts: 0
Joined: Mon Mar 18, 2013 8:48 am

You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible

Post by Illya Stepanov »

Hi Silva --

Please check here -- http://cordova.apache.org/#download

Dinesh Bastakoti
Posts: 0
Joined: Tue Oct 14, 2014 4:13 pm

You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible

Post by Dinesh Bastakoti »

I upgraded to 3.6.3 from 2.x. Everything works fine, and the app store warning goes away, but somehow the InAppBrowser does not work. My project is not CLI based, so I am not sure how to import plugin.

Post Reply