Skip to content

Commit

Permalink
Fix vulnerability of moment.js
Browse files Browse the repository at this point in the history 
The javascript package moment.js had a vulnerability regarding
regular expresions.

moment/moment#4163

This change updates moment.js to a fixed version.
  • Loading branch information
@kmerz
kmerz committed Mar 7, 2018
1 parent 6564083 commit bdf02c2
Show file tree
Hide file tree
Showing 3 changed files with 49 additions and 7 deletions.
2 changes: 1 addition & 1 deletion graylog2-web-interface/packages/graylog-web-plugin/package.json
View file
Expand Up @@ -40,7 +40,7 @@
"html-webpack-plugin": "^2.22.0",
"javascript-natural-sort": "^0.7.1",
"jquery": "^3.3.1",
"moment": "2.14.1",
"moment": "2.21.0",
"moment-timezone": "0.5.7",
"prop-types": "^15.5.10",
"react": "^15.6.1",
Expand Down
46 changes: 44 additions & 2 deletions graylog2-web-interface/webpack/vendor-module-ids.json
View file
Expand Up @@ -804,7 +804,28 @@
"node_modules/moment/locale ../../../../../../../^/.//.*$": 801,
"node_modules/moment-timezone/node_modules/moment/locale ../../../../../../../^/.//.*$": 802,
"node_modules/moment-timezone/node_modules/moment/locale ../../../../../../^/.//.*$": 803,
"node_modules/moment/locale ../../../../../../^/.//.*$": 804
"node_modules/moment/locale ../../../../../../^/.//.*$": 804,
"node_modules/moment/locale/ar-dz.js": 805,
"node_modules/moment/locale/ar-kw.js": 806,
"node_modules/moment/locale/ar-ly.js": 807,
"node_modules/moment/locale/bm.js": 808,
"node_modules/moment/locale/de-ch.js": 809,
"node_modules/moment/locale/en-il.js": 810,
"node_modules/moment/locale/es-us.js": 811,
"node_modules/moment/locale/gom-latn.js": 812,
"node_modules/moment/locale/gu.js": 813,
"node_modules/moment/locale/kn.js": 814,
"node_modules/moment/locale/mi.js": 815,
"node_modules/moment/locale/mt.js": 816,
"node_modules/moment/locale/nl-be.js": 817,
"node_modules/moment/locale/sd.js": 818,
"node_modules/moment/locale/tet.js": 819,
"node_modules/moment/locale/tg.js": 820,
"node_modules/moment/locale/ug-cn.js": 821,
"node_modules/moment/locale/ur.js": 822,
"node_modules/moment/locale/uz-latn.js": 823,
"node_modules/moment/locale/yo.js": 824,
"node_modules/moment/locale/zh-hk.js": 825
},
"usedIds": {
"0": 0,
Expand Down Expand Up @@ -1611,7 +1632,28 @@
"801": 801,
"802": 802,
"803": 803,
"804": 804
"804": 804,
"805": 805,
"806": 806,
"807": 807,
"808": 808,
"809": 809,
"810": 810,
"811": 811,
"812": 812,
"813": 813,
"814": 814,
"815": 815,
"816": 816,
"817": 817,
"818": 818,
"819": 819,
"820": 820,
"821": 821,
"822": 822,
"823": 823,
"824": 824,
"825": 825
}
},
"chunks": {
Expand Down
8 changes: 4 additions & 4 deletions graylog2-web-interface/yarn.lock
View file
Expand Up @@ -3359,7 +3359,7 @@ graceful-fs@^4.1.11, graceful-fs@^4.1.2, graceful-fs@^4.1.6, graceful-fs@^4.1.9:
html-webpack-plugin "^2.22.0"
javascript-natural-sort "^0.7.1"
jquery "^3.3.1"
moment "2.14.1"
moment "2.21.0"
moment-timezone "0.5.7"
prop-types "^15.5.10"
react "^15.6.1"
Expand Down Expand Up @@ -5286,9 +5286,9 @@ moment-timezone@0.5.7:
dependencies:
moment ">= 2.6.0"

moment@2.14.1:
version "2.14.1"
resolved "https://registry.yarnpkg.com/moment/-/moment-2.14.1.tgz#b35b27c47e57ed2ddc70053d6b07becdb291741c"
moment@2.21.0:
version "2.21.0"
resolved "https://registry.yarnpkg.com/moment/-/moment-2.21.0.tgz#2a114b51d2a6ec9e6d83cf803f838a878d8a023a"

"moment@>= 2.6.0":
version "2.19.2"
Expand Down

0 comments on commit bdf02c2

Please sign in to comment.