NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/chartjs: security bump to 2.9.4

Browse Source 
CVE-2020-7746 (https://nvd.nist.gov/vuln/detail/CVE-2020-7746)

    The options parameter is not properly sanitized when it is processed.
    When the options are processed, the existing options (or the defaults
    options) are deeply merged with provided options. However, during this
    operation, the keys of the object being set are not checked, leading to
    a prototype pollution.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Joeri Barbarien 2021-01-19 16:46:05 +01:00 committed by Peter Korsgaard
parent 0244b11597
commit a20a86d7f6
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/chartjs/chartjs.hash
View File

@ -1,3 +1,3 @@
# Locally computed:
sha256 8079d8fd39131fcfaec33f1c7799412bcf8e051e25b10bd6e37fc16159417aa1 chartjs-2.9.3.tar.gz
sha256 9ef3697e279a585c79730f35dba16ad4e24ddeed49a150adb341c31f191fb78e chartjs-2.9.4.tar.gz
sha256 7b43caae91f31b18dc81fae6e0f7aa1acbecaa6d84e3249905cbe15308307d67 LICENSE.md

2
package/chartjs/chartjs.mk
View File

@ -4,7 +4,7 @@
#
################################################################################
CHARTJS_VERSION = 2.9.3
CHARTJS_VERSION = 2.9.4
CHARTJS_SITE = $(call github,chartjs,Chart.js,v$(CHARTJS_VERSION))
CHARTJS_LICENSE = MIT
CHARTJS_LICENSE_FILES = LICENSE.md