From e228236e2f3063fe660200a0a6c5bd96bf91353b Mon Sep 17 00:00:00 2001 From: AWSHurneyt Date: Wed, 4 Sep 2024 16:53:35 -0700 Subject: [PATCH] Fix CVE-2024-4067. (#1074) * Fix CVE-2024-4067. Signed-off-by: AWSHurneyt * Updated release notes. Signed-off-by: AWSHurneyt --------- Signed-off-by: AWSHurneyt (cherry picked from commit 0a32d05b590e7821dd5fc2bf607e18c074bd9d10) Signed-off-by: AWSHurneyt --- package.json | 3 ++- ...search-alerting-dashboards-plugin.release-notes-2.17.0.0.md | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 353aa3979..ad9182627 100644 --- a/package.json +++ b/package.json @@ -62,7 +62,8 @@ "semver": "^5.7.2", "**/d3-color": "^3.1.0", "@cypress/request": "^3.0.0", - "braces": "^3.0.3" + "braces": "^3.0.3", + "micromatch": "^4.0.8" }, "engines": { "yarn": "^1.21.1" diff --git a/release-notes/opensearch-alerting-dashboards-plugin.release-notes-2.17.0.0.md b/release-notes/opensearch-alerting-dashboards-plugin.release-notes-2.17.0.0.md index b301a53fb..d5175f5a4 100644 --- a/release-notes/opensearch-alerting-dashboards-plugin.release-notes-2.17.0.0.md +++ b/release-notes/opensearch-alerting-dashboards-plugin.release-notes-2.17.0.0.md @@ -4,6 +4,7 @@ Compatible with OpenSearch Dashboards 2.17.0 ### Maintenance * Increment version to 2.17.0.0 ([#1054](https://github.com/opensearch-project/alerting-dashboards-plugin/pull/1054)) * [CVE-2024-4068] Pinned package version for braces ([#1024](https://github.com/opensearch-project/alerting-dashboards-plugin/pull/1024)) +* [CVE-2024-4067] Fix CVE-2024-4067. ([#1074](https://github.com/opensearch-project/alerting-dashboards-plugin/pull/1074)) ### Refactoring * support date_nanos type when select time field for creating monitor ([#954](https://github.com/opensearch-project/alerting-dashboards-plugin/pull/954))