Skip to content

Commit e3ff839

Browse files
opensearch-trigger-bot[bot]opensearch-trigger-bot[bot]
authored
[CVE] Bump follow-redirects to 1.15.2 to fix CVE-2022-0155 and CVE-2022-0536 (opensearch-project#2653) (opensearch-project#2935)
Signed-off-by: Zilong Xia <zilongx@amazon.com> (cherry picked from commit caed667)
1 parent 6d6f2cd commit e3ff839

File tree

3 files changed

+7
-9
lines changed

3 files changed

+7
-9
lines changed

CHANGELOG.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,8 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
88

99
### 🛡 Security
1010
* [CVE-2022-0144] Bump shelljs from 0.8.4 to 0.8.5 ([#2511](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2511))
11+
* [CVE-2022-0155] Bump follow-redirects to 1.15.2 [#2653](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2653))
12+
* [CVE-2022-0536] Bump follow-redirects to 1.15.2 [#2653](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2653))
1113

1214
### 📈 Features/Enhancements
1315

package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -79,6 +79,7 @@
7979
"**/ansi-regex": "^5.0.1",
8080
"**/axios": "^0.21.4",
8181
"**/ejs": "^3.1.6",
82+
"**/follow-redirects": "^1.15.2",
8283
"**/front-matter": "^4.0.2",
8384
"**/glob-parent": "^6.0.0",
8485
"**/hoist-non-react-statics": "^3.3.2",

yarn.lock

Lines changed: 4 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -11322,15 +11322,10 @@ focus-trap@^2.0.1:
1132211322
dependencies:
1132311323
tabbable "^1.0.3"
1132411324

11325-
follow-redirects@1.12.1:
11326-
version "1.12.1"
11327-
resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.12.1.tgz#de54a6205311b93d60398ebc01cf7015682312b6"
11328-
integrity sha512-tmRv0AVuR7ZyouUHLeNSiO6pqulF7dYa3s19c6t+wz9LD69/uSzdMxJ2S91nTI9U3rt/IldxpzMOFejp6f0hjg==
11329-
11330-
follow-redirects@^1.0.0, follow-redirects@^1.14.0:
11331-
version "1.14.3"
11332-
resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.14.3.tgz#6ada78118d8d24caee595595accdc0ac6abd022e"
11333-
integrity sha512-3MkHxknWMUtb23apkgz/83fDoe+y+qr0TdgacGIA7bew+QLBo3vdgEN2xEsuXNivpFy4CyDhBBZnNZOtalmenw==
11325+
follow-redirects@1.12.1, follow-redirects@^1.0.0, follow-redirects@^1.14.0, follow-redirects@^1.15.2:
11326+
version "1.15.2"
11327+
resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.2.tgz#b460864144ba63f2681096f274c4e57026da2c13"
11328+
integrity sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==
1133411329

1133511330
font-awesome@4.7.0:
1133611331
version "4.7.0"

0 commit comments

Comments
 (0)