Angular core version 2.4.4 represents a minor update in the Angular 2.x series, building upon the solid foundation established by version 2.4.3. Both versions share the same core framework description and maintain consistent peer dependencies on RxJS (version 5.0.1 or higher) and Zone.js (version 0.7.2 or higher), ensuring compatibility with existing Angular projects. The MIT license continues to apply, providing developers with the freedom to use and modify the framework. Crucially, the underlying Git repository remains unchanged, indicating that the core development and maintenance are still actively managed within the Angular project.
The primary distinction between the versions lies in their release dates and potentially some minor bug fixes and performance enhancements. Version 2.4.4 was released on January 19, 2017, a week after the release of version 2.4.3 on January 11, 2017. While the package descriptions for both releases are identical, this short interval hints at possible refinements and stability improvements rolled out in version 2.4.4. Developers migrating from 2.4.3 to 2.4.4 likely experienced a smoother and more stable ecosystem. Interested users can obtain the specific version via npm using the provided tarball links or by specifying the version in the package.json file.
All the vulnerabilities related to the version 2.4.4 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
