From c1cbd838a19836555638d2bc64bd1a93d579e328 Mon Sep 17 00:00:00 2001 From: Dan Abramov Date: Wed, 1 Aug 2018 20:39:26 +0100 Subject: [PATCH] Link to Vue and Preact releases --- content/blog/2018-08-01-react-v-16-4-2.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/blog/2018-08-01-react-v-16-4-2.md b/content/blog/2018-08-01-react-v-16-4-2.md index 296cd149..2ae8baf5 100644 --- a/content/blog/2018-08-01-react-v-16-4-2.md +++ b/content/blog/2018-08-01-react-v-16-4-2.md @@ -11,7 +11,7 @@ Today, we are releasing a fix for a vulnerability we discovered in the `react-do This vulnerability **can only affect some server-rendered React apps.** Purely client-rendered apps are **not** affected. Additionally, we expect that most server-rendered apps don't contain the vulnerable pattern described below. Nevertheless, we recommend to follow the mitigation instructions at the earliest opportunity. -While we were investigating this vulnerability, we found similar vulnerabilities in a few other popular front-end libraries. We have coordinated this release together with Vue and Preact releases fixing the same issue. The tracking number for this vulnerability is `CVE-2018-6341`. +While we were investigating this vulnerability, we found similar vulnerabilities in a few other popular front-end libraries. We have coordinated this release together with [Vue](https://github.com/vuejs/vue/releases/tag/v2.5.17) and [Preact](https://github.com/developit/preact-render-to-string/releases/tag/3.7.1) releases fixing the same issue. The tracking number for this vulnerability is `CVE-2018-6341`. ## Mitigation