Vulnerable version of tough-cookie in tripleo-ui dependency list
Bug #1687945 reported by
Honza Pokorny
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
Low
|
Jiri Tomasek |
Bug Description
We depend on a package that uses tough-cookie@2.2.2. Everything before 2.3.0 is considered vulnerable.
https:/
tough-cookie => request => phantomjs-prebuild => svg2png => jimp => favicons => favicons-
Changed in tripleo: | |
milestone: | none → pike-2 |
Changed in tripleo: | |
milestone: | pike-2 → pike-3 |
Changed in tripleo: | |
milestone: | pike-3 → pike-rc1 |
Changed in tripleo: | |
milestone: | pike-rc1 → queens-1 |
Changed in tripleo: | |
milestone: | queens-1 → queens-2 |
Changed in tripleo: | |
milestone: | queens-2 → queens-3 |
Changed in tripleo: | |
milestone: | queens-3 → queens-rc1 |
To post a comment you must log in.
favicons- webpack- plugin dependency has been removed by https:/ /review. openstack. org/#/c/ 534954/