[mythtv-commits] [MythTV/mythtv] 5a80d9: Security Update: semver vulnerable to Regular Expr...

Wed Jun 28 00:21:55 UTC 2023

  Branch: refs/heads/master
  Home:   https://github.com/MythTV/mythtv
  Commit: 5a80d98ca81298aee5f0b7828181ddf9d69bca21
      https://github.com/MythTV/mythtv/commit/5a80d98ca81298aee5f0b7828181ddf9d69bca21
  Author: Peter Bennett <pbennett at mythtv.org>
  Date:   2023-06-27 (Tue, 27 Jun 2023)

  Changed paths:
    M mythtv/html/backend/package-lock.json

  Log Message:
  -----------
  Security Update: semver vulnerable to Regular Expression Denial of Service

Versions of the package semver before 7.5.2 are vulnerable to
Regular Expression Denial of Service (ReDoS) via the function
new Range, when untrusted user data is provided as a range.

Updated semver to 7.5.2