< thm> joeyh: ping < thm> can you update the embedded jquery-ui? (for cve 2010-5312, and/or 2012-6662)
I'll do this next time I spend some time on ikiwiki unless Joey or Amitai gets there first.
It doesn't look as though we actually use the vulnerable functionality.
This is more complicated than it looked at first glance because both jquery and jquery-ui have broken API since the version we embed, and we also ship other jquery plugins for attachment. Perhaps someone who knows jquery could check compatibility and propose a branch? --smcv