Update dependency jpeg-js to 0.4.4 [SECURITY] #129

renovate · 2022-09-15T18:24:56Z

This PR contains the following updates:

Package	Change
jpeg-js	`0.4.2` -> `0.4.4`

Closed #107

GitHub Vulnerability Alerts

CVE-2022-25851

The package jpeg-js before 0.4.4 is vulnerable to Denial of Service (DoS) where a particular piece of input will cause the program to enter an infinite loop and never return.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.

Update dependency jpeg-js to 0.4.4 [SECURITY]

81557ee

renovate bot assigned TheKingTermux Sep 15, 2022

renovate bot requested a review from TheKingTermux September 15, 2022 18:24

TheKingTermux approved these changes Sep 15, 2022

View reviewed changes

TheKingTermux merged commit 6e112af into main Sep 15, 2022

TheKingTermux deleted the renovate/npm-jpeg-js-vulnerability branch September 15, 2022 22:29

github-actions bot locked as resolved and limited conversation to collaborators Sep 17, 2022

TheKingTermux added this to the Alice 1.0.6 milestone Sep 21, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependency jpeg-js to 0.4.4 [SECURITY] #129

Update dependency jpeg-js to 0.4.4 [SECURITY] #129

renovate bot commented Sep 15, 2022 •

edited by TheKingTermux

Update dependency jpeg-js to 0.4.4 [SECURITY] #129

Update dependency jpeg-js to 0.4.4 [SECURITY] #129

Conversation

renovate bot commented Sep 15, 2022 • edited by TheKingTermux

GitHub Vulnerability Alerts

CVE-2022-25851

Configuration

renovate bot commented Sep 15, 2022 •

edited by TheKingTermux