From 677709b8b383c55c5940694b28e62f03a756f208 Mon Sep 17 00:00:00 2001 From: Zhongnan Su Date: Fri, 10 Feb 2023 15:09:30 -0800 Subject: [PATCH] [CVE-2022-25881] Resolve http-cache-semantics to 4.1.1 (#3409) Signed-off-by: Su Co-authored-by: Anan Zhuang Signed-off-by: Arpit Bandejiya --- CHANGELOG.md | 1 + yarn.lock | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 394ec6f5f9b2..45509e565491 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -163,6 +163,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) - [CVE-2022-37599] Bump loader-utils to 2.0.4 ([#3031](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3031)) - [CVE-2022-37603] Bump loader-utils to 2.0.4 ([#3031](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3031)) - [WS-2021-0638][security] bump mocha to 10.1.0 ([#2711](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2711)) +- [CVE-2022-25881] Resolve http-cache-semantics to 4.1.1 ([#3409](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3409)) ### 📈 Features/Enhancements diff --git a/yarn.lock b/yarn.lock index d6a6fc47aedb..35c597fb8496 100644 --- a/yarn.lock +++ b/yarn.lock @@ -9677,9 +9677,9 @@ htmlparser2@^7.0: entities "^3.0.1" http-cache-semantics@^4.0.0, http-cache-semantics@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/http-cache-semantics/-/http-cache-semantics-4.1.0.tgz#49e91c5cbf36c9b94bcfcd71c23d5249ec74e390" - integrity sha512-carPklcUh7ROWRK7Cv27RPtdhYhUsela/ue5/jKzjegVvXDqM2ILE9Q2BGn9JZJh1g87cp56su/FgQSzcWS8cQ== + version "4.1.1" + resolved "https://registry.yarnpkg.com/http-cache-semantics/-/http-cache-semantics-4.1.1.tgz#abe02fcb2985460bf0323be664436ec3476a6d5a" + integrity sha512-er295DKPVsV82j5kw1Gjt+ADA/XYHsajl82cGNQG2eyoPkvgUhX+nDIyelzhIWbbsXP39EHcI6l5tYs2FYqYXQ== http-headers@^3.0.2: version "3.0.2"