-
Notifications
You must be signed in to change notification settings - Fork 916
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[CVE] Resolve jpeg-js
to 0.4.4
#1753
Conversation
Addresses Denial of Service (DoS) issue where a particular piece of input will cause to enter an infinite loop and never return. CVE: https://vuln.whitesourcesoftware.com/vulnerability/CVE-2022-25851 Issue Resolved: opensearch-project#1725 Signed-off-by: Kawika Avilla <[email protected]>
This could be backported to |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Yeah I'm not sure if we'll be doing another patch release to 2.0 but it wouldn't hurt to get it there. |
Gotcha. I will add it if there is a bump in the patch version. |
Addresses Denial of Service (DoS) issue where a particular piece of input will cause to enter an infinite loop and never return. CVE: https://vuln.whitesourcesoftware.com/vulnerability/CVE-2022-25851 Issue Resolved: #1725 Signed-off-by: Kawika Avilla <[email protected]> (cherry picked from commit 2a159e8)
Addresses Denial of Service (DoS) issue where a particular piece of input will cause to enter an infinite loop and never return. CVE: https://vuln.whitesourcesoftware.com/vulnerability/CVE-2022-25851 Issue Resolved: #1725 Signed-off-by: Kawika Avilla <[email protected]> (cherry picked from commit 2a159e8) Co-authored-by: Kawika Avilla <[email protected]>
…h-project#1757) Addresses Denial of Service (DoS) issue where a particular piece of input will cause to enter an infinite loop and never return. CVE: https://vuln.whitesourcesoftware.com/vulnerability/CVE-2022-25851 Issue Resolved: opensearch-project#1725 Signed-off-by: Kawika Avilla <[email protected]> (cherry picked from commit 2a159e8) Co-authored-by: Kawika Avilla <[email protected]>
…h-project#1757) Addresses Denial of Service (DoS) issue where a particular piece of input will cause to enter an infinite loop and never return. CVE: https://vuln.whitesourcesoftware.com/vulnerability/CVE-2022-25851 Issue Resolved: opensearch-project#1725 Signed-off-by: Kawika Avilla <[email protected]> (cherry picked from commit 2a159e8) Co-authored-by: Kawika Avilla <[email protected]>
Issue Resolve opensearch-project#1725 Backport PR opensearch-project#1753 Signed-off-by: Anan Zhuang <[email protected]>
Issue Resolve opensearch-project#1725 Backport PR opensearch-project#1753 Signed-off-by: Anan Zhuang <[email protected]>
Issue Resolve opensearch-project#1725 Backport PR opensearch-project#1753 Signed-off-by: Anan Zhuang <[email protected]>
Issue Resolve #1725 Backport PR #1753 Signed-off-by: Anan Zhuang <[email protected]> Co-authored-by: Josh Romero <[email protected]>
Issue Resolve #1725 Backport PR #1753 Signed-off-by: Anan Zhuang <[email protected]> Co-authored-by: Josh Romero <[email protected]> (cherry picked from commit 637d545) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> # Conflicts: # CHANGELOG.md
Issue Resolve #1725 Backport PR #1753 Signed-off-by: Anan Zhuang <[email protected]> Co-authored-by: Josh Romero <[email protected]> (cherry picked from commit 637d545) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> # Conflicts: # CHANGELOG.md Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Description
Addresses Denial of Service (DoS) issue where a particular piece of input
will cause to enter an infinite loop and never return.
CVE: https://vuln.whitesourcesoftware.com/vulnerability/CVE-2022-25851
Signed-off-by: Kawika Avilla [email protected]
Issues Resolved
#1725
Check List
yarn test:jest
yarn test:jest_integration
yarn test:ftr