Skip to content
This repository has been archived by the owner on Mar 25, 2024. It is now read-only.

Commit

Permalink
[CVE] Update package info and changelog for loader-utils bump to 2.0.…
Browse files Browse the repository at this point in the history
…4 fixing CVE-2022-37599 and CVE-2022-37603 (opensearch-project#3031)

Signed-off-by: Zilong Xia <[email protected]>
Co-authored-by: Josh Romero <[email protected]>
Signed-off-by: David Sinclair <[email protected]>
  • Loading branch information
2 people authored and sikhote committed Apr 24, 2023
1 parent 01a643f commit 1557cc0
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 1 deletion.
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,8 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
- Resolve sub-dependent d3-color version and potential security issue ([#2454](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2454))
- [CVE-2022-3517] Bumps minimatch from 3.0.4 to 3.0.5 and [IBM X-Force ID: 220063] unset-value from 1.0.1 to 2.0.1 ([#2640](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2640))
- [CVE-2022-37601] Bump loader-utils to 2.0.3 ([#2689](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2689))
- [CVE-2022-37599] Bump loader-utils to 2.0.4 ([#3031](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3031))
- [CVE-2022-37603] Bump loader-utils to 2.0.4 ([#3031](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3031))
- [WS-2021-0638][Security] bump mocha to 10.1.0 ([#2711](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2711))

### 📈 Features/Enhancements
Expand Down
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@
"**/hoist-non-react-statics": "^3.3.2",
"**/json-schema": "^0.4.0",
"**/kind-of": ">=6.0.3",
"**/loader-utils": "^2.0.3",
"**/loader-utils": "^2.0.4",
"**/node-jose": "^2.1.0",
"**/nth-check": "^2.0.1",
"**/qs": "^6.10.3",
Expand Down

0 comments on commit 1557cc0

Please sign in to comment.