Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency idna to v3.7 #155

Closed
wants to merge 1 commit into from
Closed

chore(deps): update dependency idna to v3.7 #155

wants to merge 1 commit into from

Conversation

mend-for-github-com[bot]
Copy link

This PR contains the following updates:

Package Update Change
idna (changelog) minor ==3.4 -> ==3.7

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity CVSS Score CVE
High High 7.5 CVE-2024-3651

Release Notes

kjd/idna (idna)

v3.7

Compare Source

What's Changed

  • Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

Full Changelog: kjd/idna@v3.6...v3.7

v3.6

Compare Source

v3.5

Compare Source

  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by Mend label Jul 13, 2024
@github-actions GitHub Actions
Copy link

This PR was marked stale due to lack of activity. It will be closed in 7 days.

@github-actions github-actions bot added the Stale label Jul 20, 2024
@github-actions GitHub Actions
Copy link

Closed as inactive. Feel free to reopen if this PR is still being worked on.

@github-actions github-actions bot closed this Jul 27, 2024
@mend-for-github-com mend-for-github-com bot deleted the whitesource-remediate/loadgenerator branch July 27, 2024 03:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ps48 ps48 Awaiting requested review from ps48 ps48 is a code owner

@kavithacm kavithacm Awaiting requested review from kavithacm kavithacm is a code owner

@derek-ho derek-ho Awaiting requested review from derek-ho derek-ho is a code owner

@joshuali925 joshuali925 Awaiting requested review from joshuali925 joshuali925 is a code owner

@dai-chen dai-chen Awaiting requested review from dai-chen dai-chen is a code owner

@YANG-DB YANG-DB Awaiting requested review from YANG-DB YANG-DB is a code owner

@rupal-bq rupal-bq Awaiting requested review from rupal-bq rupal-bq is a code owner

@mengweieric mengweieric Awaiting requested review from mengweieric mengweieric is a code owner

@vamsi-amazon vamsi-amazon Awaiting requested review from vamsi-amazon vamsi-amazon is a code owner

@Swiddis Swiddis Awaiting requested review from Swiddis Swiddis is a code owner

Assignees

@ps48 ps48

@kavithacm kavithacm

@derek-ho derek-ho

@joshuali925 joshuali925

@Swiddis Swiddis

@dai-chen dai-chen

@YANG-DB YANG-DB

@rupal-bq rupal-bq

@mengweieric mengweieric

@vamsi-amazon vamsi-amazon

Labels
security fix Security fix generated by Mend Stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
10 participants
@ps48 @kavithacm @derek-ho @joshuali925 @Swiddis @dai-chen @YANG-DB @rupal-bq @mengweieric @vamsi-amazon