From 637d54576b67c57918e55aafbc605d3fff174bb1 Mon Sep 17 00:00:00 2001 From: Anan Zhuang Date: Mon, 17 Apr 2023 11:18:58 -0700 Subject: [PATCH] [CVE-2022-25851][1.x] Bump jpeg-js from 0.4.1 to 0.4.4 (#3741) Issue Resolve https://github.com/opensearch-project/OpenSearch-Dashboards/issues/1725 Backport PR https://github.com/opensearch-project/OpenSearch-Dashboards/pull/1753 Signed-off-by: Anan Zhuang Co-authored-by: Josh Romero --- CHANGELOG.md | 1 + yarn.lock | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 56fa191f2d0e..602ce0e26cae 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) - [CVE-2021-23382] Bump postcss from `8.2.10` to `8.2.13` ([#3739](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3739)) - [CVE-2021-3803] Bump nth-check from `1.0.2` to `2.0.1` ([#3729](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3729)) - [CVE-2022-25858] Bump terser from `4.8.0` to `4.8.1` ([#3726](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3726)) +- [CVE-2022-25851] Bump jpeg-js from `0.4.1` to `0.4.4` ([#3741](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3741)) ### 📈 Features/Enhancements diff --git a/yarn.lock b/yarn.lock index d01ed199296c..14509b0f0e9c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -13279,9 +13279,9 @@ joi@13.x.x, joi@^13.5.2: topo "3.x.x" jpeg-js@^0.4.0: - version "0.4.1" - resolved "https://registry.yarnpkg.com/jpeg-js/-/jpeg-js-0.4.1.tgz#937a3ae911eb6427f151760f8123f04c8bfe6ef7" - integrity sha512-jA55yJiB5tCXEddos8JBbvW+IMrqY0y1tjjx9KNVtA+QPmu7ND5j0zkKopClpUTsaETL135uOM2XfcYG4XRjmw== + version "0.4.4" + resolved "https://registry.yarnpkg.com/jpeg-js/-/jpeg-js-0.4.4.tgz#a9f1c6f1f9f0fa80cdb3484ed9635054d28936aa" + integrity sha512-WZzeDOEtTOBK4Mdsar0IqEU5sMr3vSV2RqkAIzUEV2BHnUfKGyswWFPFwK5EeDo93K3FohSHbLAjj0s1Wzd+dg== jquery@^3.5.0: version "3.5.0"