Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade wildduck from 1.21.0 to 1.42.0 #26

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade wildduck from 1.21.0 to 1.42.0 #26

wants to merge 1 commit into from

Conversation

saurabharch
Copy link

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 658/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-NODEMAILER-6219989		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: wildduck The new version differs by 250 commits.
  • 94434ca chore(master): release 1.42.0 [skip-ci] (#583)
  • 857e4c0 fix(deps): bumped deps to upgrade mailauth for fixed ed25519 DKIM support
  • 84ab0c0 feat(api-health): Added `/health` endpoint to check Wildduck API health during runtime ZMS-120 (#607)
  • 01b22ec Merge branch 'master' of github.com:nodemailer/wildduck
  • 29566d1 Bumped commit hash
  • 816114f fix(message-threading): Take non-standard but conventional subject prefixes into account (#605)
  • 85e09ec feat(api-addresses): ZMS-115 (#608)
  • e17f37f Use mongo6 for github action test runner
  • 76d0e8f feat(api-mailboxes): Mailboxes API endpoints added to automatic API docs generation ZMS-114 (#602)
  • 5721047 fix(journal-parse): Improve idle CPU performance ZMS-109 (#597)
  • 8b7f6c9 feat(api-upload): Allow to upload a draft message with incorrect (non-emal) `to` addresses ZMS-117 (#595)
  • 6bdeeaa feat(upload): ZMS-111 (#584)
  • eecb31a fix(pop3): if connection is closed during authentication, then do not process the response. Fixes #596
  • a4ae3d7 feat(api-search): Allow searching for messages by uid (#587)
  • 299cc37 Merge pull request #594 from nodemailer/ZMS-118
  • 5165f3e Merge branch 'master' into ZMS-118
  • b0d0e7b fix securitySchemes
  • fae91d1 fix(api-docs): Fixed requestBody in API docs ZMS-118 (#593)
  • 896a7cb Updated Node install script
  • 3b6ba9a Revert "optimize CPU usage"
  • 17232dd fix requestBody issues for API generation
  • 713a06c fix requestBody issues in API docs generation
  • 6f0fa1d Updated Node install script
  • 20e390d Updated Node install script

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

@snyk-bot
fix: package.json to reduce vulnerabilities
3ee7a83 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NODEMAILER-6219989
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@saurabharch @snyk-bot