Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use of a Broken or Risky Cryptographic Algorithm #39

Closed
ehamery opened this issue Nov 25, 2021 · 6 comments
Closed

Use of a Broken or Risky Cryptographic Algorithm #39

ehamery opened this issue Nov 25, 2021 · 6 comments

Comments

@ehamery
Copy link

ehamery commented Nov 25, 2021

The elliptic package is reported as not safe by npm audit, see the advisory. It needs to be updated to a version >=6.5.4.

@qianbin
Copy link
Member

qianbin commented Nov 25, 2021

The elliptic package is reported as not safe by npm audit, see the advisory. It needs to be update to a version >=6.5.4.

thanks. I'll check it soon.

@qianbin
Copy link
Member

qianbin commented Nov 26, 2021

just published v2.0.2 fixes the problem.

@ehamery
Copy link
Author

ehamery commented Nov 26, 2021

Thanks, then could you update connex as well?

@ehamery
Copy link
Author

ehamery commented Nov 26, 2021

I created a PR to fix the other vulnerabilities.

@qianbin
Copy link
Member

qianbin commented Nov 29, 2021

Thanks, then could you update connex as well?

Connex was updated.

@ehamery
Copy link
Author

ehamery commented Dec 2, 2021

This issue is fixed, so I am closing it, but there are other vulnerabilities that are fixed by this PR.

@ehamery ehamery closed this as completed Dec 2, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants