From 910f0cecbe7a4b3fdff603e5e74c2cb1c40b660b Mon Sep 17 00:00:00 2001 From: Lauri Ojansivu Date: Thu, 13 Aug 2020 17:28:08 +0300 Subject: Update vulnerable dependency elliptic that is dependency of meteor-node-stubs that is dependency of Wekan. Thanks to filipenevola, neeldug, L25inux and xet7. Closes #3234 --- package-lock.json | 188 ++++++++++++++++++++++++++++++++---------------------- package.json | 2 +- 2 files changed, 112 insertions(+), 78 deletions(-) diff --git a/package-lock.json b/package-lock.json index 5f3a4742..18198c8a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -3204,33 +3204,33 @@ "optional": true }, "meteor-node-stubs": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/meteor-node-stubs/-/meteor-node-stubs-0.4.1.tgz", - "integrity": "sha512-UO2OStvLOKoApmOdIP5eCqoLaa/ritMXRg4ffJVdkNLEsczzPvTjgC0Mxk4cM4R8MZkwll90FYgjDf5qUTJdMA==", + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/meteor-node-stubs/-/meteor-node-stubs-1.0.1.tgz", + "integrity": "sha512-I4PE/z7eAl45XEsebHA4pcQbgjqEdK3EBGgiUoIZBi3bMQcMq6blLWZo+WdtK4Or9X4NJOiYWw4GmHiubr3egA==", "requires": { "assert": "^1.4.1", - "browserify-zlib": "^0.1.4", - "buffer": "^4.9.1", + "browserify-zlib": "^0.2.0", + "buffer": "^5.2.1", "console-browserify": "^1.1.0", "constants-browserify": "^1.0.0", - "crypto-browserify": "^3.11.0", - "domain-browser": "^1.1.7", - "events": "^1.1.1", - "https-browserify": "0.0.1", - "os-browserify": "^0.2.1", - "path-browserify": "0.0.0", - "process": "^0.11.9", - "punycode": "^1.4.1", + "crypto-browserify": "^3.12.0", + "domain-browser": "^1.2.0", + "events": "^3.0.0", + "https-browserify": "^1.0.0", + "os-browserify": "^0.3.0", + "path-browserify": "^1.0.0", + "process": "^0.11.10", + "punycode": "^2.1.1", "querystring-es3": "^0.2.1", - "readable-stream": "^2.3.6", - "stream-browserify": "^2.0.1", - "stream-http": "^2.8.0", - "string_decoder": "^1.1.0", - "timers-browserify": "^1.4.2", - "tty-browserify": "0.0.0", + "readable-stream": "^3.3.0", + "stream-browserify": "^2.0.2", + "stream-http": "^3.0.0", + "string_decoder": "^1.2.0", + "timers-browserify": "^2.0.10", + "tty-browserify": "0.0.1", "url": "^0.11.0", - "util": "^0.10.3", - "vm-browserify": "0.0.4" + "util": "^0.11.1", + "vm-browserify": "^1.1.0" }, "dependencies": { "asn1.js": { @@ -3247,6 +3247,15 @@ "bundled": true, "requires": { "util": "0.10.3" + }, + "dependencies": { + "util": { + "version": "0.10.3", + "bundled": true, + "requires": { + "inherits": "2.0.1" + } + } } }, "base64-js": { @@ -3283,12 +3292,13 @@ } }, "browserify-des": { - "version": "1.0.1", + "version": "1.0.2", "bundled": true, "requires": { "cipher-base": "^1.0.1", "des.js": "^1.0.0", - "inherits": "^2.0.1" + "inherits": "^2.0.1", + "safe-buffer": "^5.1.2" } }, "browserify-rsa": { @@ -3313,19 +3323,18 @@ } }, "browserify-zlib": { - "version": "0.1.4", + "version": "0.2.0", "bundled": true, "requires": { - "pako": "~0.2.0" + "pako": "~1.0.5" } }, "buffer": { - "version": "4.9.1", + "version": "5.2.1", "bundled": true, "requires": { "base64-js": "^1.0.2", - "ieee754": "^1.1.4", - "isarray": "^1.0.0" + "ieee754": "^1.1.4" } }, "buffer-xor": { @@ -3433,7 +3442,7 @@ "bundled": true }, "elliptic": { - "version": "6.4.0", + "version": "6.5.3", "bundled": true, "requires": { "bn.js": "^4.4.0", @@ -3446,7 +3455,7 @@ } }, "events": { - "version": "1.1.1", + "version": "3.0.0", "bundled": true }, "evp_bytestokey": { @@ -3466,11 +3475,11 @@ } }, "hash.js": { - "version": "1.1.3", + "version": "1.1.7", "bundled": true, "requires": { "inherits": "^2.0.3", - "minimalistic-assert": "^1.0.0" + "minimalistic-assert": "^1.0.1" }, "dependencies": { "inherits": { @@ -3489,15 +3498,11 @@ } }, "https-browserify": { - "version": "0.0.1", + "version": "1.0.0", "bundled": true }, "ieee754": { - "version": "1.1.11", - "bundled": true - }, - "indexof": { - "version": "0.0.1", + "version": "1.1.13", "bundled": true }, "inherits": { @@ -3509,11 +3514,12 @@ "bundled": true }, "md5.js": { - "version": "1.3.4", + "version": "1.3.5", "bundled": true, "requires": { "hash-base": "^3.0.0", - "inherits": "^2.0.1" + "inherits": "^2.0.1", + "safe-buffer": "^5.1.2" } }, "miller-rabin": { @@ -3533,30 +3539,31 @@ "bundled": true }, "os-browserify": { - "version": "0.2.1", + "version": "0.3.0", "bundled": true }, "pako": { - "version": "0.2.9", + "version": "1.0.10", "bundled": true }, "parse-asn1": { - "version": "5.1.1", + "version": "5.1.4", "bundled": true, "requires": { "asn1.js": "^4.0.0", "browserify-aes": "^1.0.0", "create-hash": "^1.1.0", "evp_bytestokey": "^1.0.0", - "pbkdf2": "^3.0.3" + "pbkdf2": "^3.0.3", + "safe-buffer": "^5.1.1" } }, "path-browserify": { - "version": "0.0.0", + "version": "1.0.0", "bundled": true }, "pbkdf2": { - "version": "3.0.16", + "version": "3.0.17", "bundled": true, "requires": { "create-hash": "^1.1.2", @@ -3575,18 +3582,19 @@ "bundled": true }, "public-encrypt": { - "version": "4.0.2", + "version": "4.0.3", "bundled": true, "requires": { "bn.js": "^4.1.0", "browserify-rsa": "^4.0.0", "create-hash": "^1.1.0", "parse-asn1": "^5.0.0", - "randombytes": "^2.0.1" + "randombytes": "^2.0.1", + "safe-buffer": "^5.1.2" } }, "punycode": { - "version": "1.4.1", + "version": "2.1.1", "bundled": true }, "querystring": { @@ -3598,7 +3606,7 @@ "bundled": true }, "randombytes": { - "version": "2.0.6", + "version": "2.1.0", "bundled": true, "requires": { "safe-buffer": "^5.1.0" @@ -3613,16 +3621,12 @@ } }, "readable-stream": { - "version": "2.3.6", + "version": "3.3.0", "bundled": true, "requires": { - "core-util-is": "~1.0.0", - "inherits": "~2.0.3", - "isarray": "~1.0.0", - "process-nextick-args": "~2.0.0", - "safe-buffer": "~5.1.1", - "string_decoder": "~1.1.1", - "util-deprecate": "~1.0.1" + "inherits": "^2.0.3", + "string_decoder": "^1.1.1", + "util-deprecate": "^1.0.1" }, "dependencies": { "inherits": { @@ -3643,6 +3647,10 @@ "version": "5.1.2", "bundled": true }, + "setimmediate": { + "version": "1.0.5", + "bundled": true + }, "sha.js": { "version": "2.4.11", "bundled": true, @@ -3652,44 +3660,67 @@ } }, "stream-browserify": { - "version": "2.0.1", + "version": "2.0.2", "bundled": true, "requires": { "inherits": "~2.0.1", "readable-stream": "^2.0.2" + }, + "dependencies": { + "readable-stream": { + "version": "2.3.6", + "bundled": true, + "requires": { + "core-util-is": "~1.0.0", + "inherits": "~2.0.3", + "isarray": "~1.0.0", + "process-nextick-args": "~2.0.0", + "safe-buffer": "~5.1.1", + "string_decoder": "~1.1.1", + "util-deprecate": "~1.0.1" + }, + "dependencies": { + "inherits": { + "version": "2.0.3", + "bundled": true + } + } + }, + "string_decoder": { + "version": "1.1.1", + "bundled": true, + "requires": { + "safe-buffer": "~5.1.0" + } + } } }, "stream-http": { - "version": "2.8.1", + "version": "3.0.0", "bundled": true, "requires": { "builtin-status-codes": "^3.0.0", "inherits": "^2.0.1", - "readable-stream": "^2.3.3", - "to-arraybuffer": "^1.0.0", + "readable-stream": "^3.0.6", "xtend": "^4.0.0" } }, "string_decoder": { - "version": "1.1.1", + "version": "1.2.0", "bundled": true, "requires": { "safe-buffer": "~5.1.0" } }, "timers-browserify": { - "version": "1.4.2", + "version": "2.0.10", "bundled": true, "requires": { - "process": "~0.11.0" + "setimmediate": "^1.0.4" } }, - "to-arraybuffer": { - "version": "1.0.1", - "bundled": true - }, "tty-browserify": { - "version": "0.0.0", + "version": "0.0.1", "bundled": true }, "url": { @@ -3707,10 +3738,16 @@ } }, "util": { - "version": "0.10.3", + "version": "0.11.1", "bundled": true, "requires": { - "inherits": "2.0.1" + "inherits": "2.0.3" + }, + "dependencies": { + "inherits": { + "version": "2.0.3", + "bundled": true + } } }, "util-deprecate": { @@ -3718,11 +3755,8 @@ "bundled": true }, "vm-browserify": { - "version": "0.0.4", - "bundled": true, - "requires": { - "indexof": "0.0.1" - } + "version": "1.1.0", + "bundled": true }, "xtend": { "version": "4.0.1", diff --git a/package.json b/package.json index db8deb57..e07efb4c 100644 --- a/package.json +++ b/package.json @@ -68,7 +68,7 @@ "gridfs-stream": "^0.5.3", "jszip": "^3.4.0", "ldapjs": "^1.0.2", - "meteor-node-stubs": "^0.4.1", + "meteor-node-stubs": "^1.0.1", "mongodb": "^3.5.7", "os": "^0.1.1", "page": "^1.11.5", -- cgit v1.2.3-1-g7c22