Skip to content

Commit 32c242a

Browse files
petermetzpetermetz
committed
fix: mitigate CVE-2024-42461 - bump elliptic to v6.5.7
Improper Verification of Cryptographic Signature https://security.snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916 Signed-off-by: Peter Somogyvari <[email protected]>
1 parent 8579017 commit 32c242a

File tree

3 files changed

+3
-32
lines changed

3 files changed

+3
-32
lines changed

package.json

+1
Original file line numberDiff line numberDiff line change
@@ -91,6 +91,7 @@
9191
"axios": ">=0.27.2",
9292
"braces": ">=3.0.3",
9393
"x-dicer": ">0.3.1",
94+
"elliptic": ">=6.5.7",
9495
"engine.io": ">=6.4.2",
9596
"get-func-name": ">=2.0.1",
9697
"glob-parent": ">=5.1.2",

weaver/sdks/fabric/interoperation-node-sdk/package-local.json

+1-1
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@
4040
"@grpc/grpc-js": "1.11.3",
4141
"@grpc/proto-loader": "0.7.13",
4242
"@hyperledger/cacti-weaver-protos-js": "file:./protos-js",
43-
"elliptic": "6.5.4",
43+
"elliptic": "6.5.7",
4444
"fabric-common": "2.2.20",
4545
"fabric-network": "2.2.20",
4646
"fabric-protos": "2.2.20",

yarn.lock

+1-31
Original file line numberDiff line numberDiff line change
@@ -26576,22 +26576,7 @@ __metadata:
2657626576
languageName: node
2657726577
linkType: hard
2657826578

26579-
"elliptic@npm:6.5.4, elliptic@npm:^6.4.0, elliptic@npm:^6.4.1, elliptic@npm:^6.5.2, elliptic@npm:^6.5.3, elliptic@npm:^6.5.4":
26580-
version: 6.5.4
26581-
resolution: "elliptic@npm:6.5.4"
26582-
dependencies:
26583-
bn.js: "npm:^4.11.9"
26584-
brorand: "npm:^1.1.0"
26585-
hash.js: "npm:^1.0.0"
26586-
hmac-drbg: "npm:^1.0.1"
26587-
inherits: "npm:^2.0.4"
26588-
minimalistic-assert: "npm:^1.0.1"
26589-
minimalistic-crypto-utils: "npm:^1.0.1"
26590-
checksum: 10/2cd7ff4b69720dbb2ca1ca650b2cf889d1df60c96d4a99d331931e4fe21e45a7f3b8074e86618ca7e56366c4b6258007f234f9d61d9b0c87bbbc8ea990b99e94
26591-
languageName: node
26592-
linkType: hard
26593-
26594-
"elliptic@npm:6.5.7":
26579+
"elliptic@npm:>=6.5.7":
2659526580
version: 6.5.7
2659626581
resolution: "elliptic@npm:6.5.7"
2659726582
dependencies:
@@ -26606,21 +26591,6 @@ __metadata:
2660626591
languageName: node
2660726592
linkType: hard
2660826593

26609-
"elliptic@npm:^6.5.5":
26610-
version: 6.5.5
26611-
resolution: "elliptic@npm:6.5.5"
26612-
dependencies:
26613-
bn.js: "npm:^4.11.9"
26614-
brorand: "npm:^1.1.0"
26615-
hash.js: "npm:^1.0.0"
26616-
hmac-drbg: "npm:^1.0.1"
26617-
inherits: "npm:^2.0.4"
26618-
minimalistic-assert: "npm:^1.0.1"
26619-
minimalistic-crypto-utils: "npm:^1.0.1"
26620-
checksum: 10/5444b4f18e0c0fdfa14de26f69f7dbc44c78a211e91825823d698dcc91071ef1a3954d87730f364183fc83b0a86d8affed864e347da2e549bdcead3b46de126f
26621-
languageName: node
26622-
linkType: hard
26623-
2662426594
"emittery@npm:0.10.0":
2662526595
version: 0.10.0
2662626596
resolution: "emittery@npm:0.10.0"

0 commit comments

Comments
 (0)