[oVirt/openshift-status-cachet] One of your dependencies may have a security vulnerability
Eyal Edri
eedri at redhat.com
Mon Jan 22 15:57:59 UTC 2018
Adding Duck who seems to be the owner of the repo.
On Mon, Jan 22, 2018 at 5:50 PM, Yaniv Kaul <ykaul at redhat.com> wrote:
>
> ---------- Forwarded message ----------
> From: GitHub <notifications at github.com>
> Date: Mon, Jan 22, 2018 at 5:48 PM
> Subject: [oVirt/openshift-status-cachet] One of your dependencies may
> have a security vulnerability
> To: oVirt/openshift-status-cachet <openshift-status-cachet@
> noreply.github.com>
> Cc: Security alert <security_alert at noreply.github.com>
>
>
> We found a potential security vulnerabilty in one of your dependencies
> [image: GitHub]
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBlaoUQ7ZnNSfaod-2BRPoWgKQ-3D_3MNPSO65UvAatF7RiIwz3ybXiXiTKRt5fOrXJwUnCUw8SfWkbG-2Bkt9Akea1-2Firw7EKBEUaeQHQP7QtZevMErZIm4pEeS4NLVfpYA2WSzrvwhwdXcwylXZNR3qLb9qrteggv09J6yFY0273so-2BN9HeGN8evNpkxlSlTzck3ScQmWLaeOWkuK6aPq-2BQ9VrOpQ7OCwPTytCGC97R4VpG-2BfVpRJsmHoulU9eu8v3Tv9UlBcaUfhaG34LB-2Byrv62uVqy7> Sign
> in
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBluE-2FGrtUQ7WwbM8S6nEaj0-3D_3MNPSO65UvAatF7RiIwz3ybXiXiTKRt5fOrXJwUnCUw8SfWkbG-2Bkt9Akea1-2Firw7LmySqSdteZJJwBXSgjTDXuzV1zZjynAfqj6vCNnfQxyM1LUZcew7iM6udfv3b6VQrlgCylBiNv1uqdB8IIYcx6O1V1Tzm9BgAYiYbjh9-2BJ-2FKtsPIz6RGZSM5yeGV3AVEduvADVEBtZZVysMzGSBrFN1-2FjojUWXcIKCU9OWCmSDYDaQoxC6FM1VRRC-2FD0sVs7>
> *mykaul,*
>
> We found a potential security vulnerability in a repository which you have
> been granted security alert access.
> [image: @oVirt] oVirt/openshift-status-cachet
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBsTdbr6tFZvS4r1RdSmLgtRX7AvYEQJFoWFR2JMuAkCi-2BzG0jazCYPBq2j-2FZVNZDeQ-3D-3D_3MNPSO65UvAatF7RiIwz3ybXiXiTKRt5fOrXJwUnCUw8SfWkbG-2Bkt9Akea1-2Firw76mv3CW457tgjXdmcx-2FKHSxNyK1NmFgmPENqkT-2FJW-2BxP2tdYENp-2Fa7xAZhnqY13NDFsNoReO1b1u0Z-2Be-2Fwjc65i7L4RlXTkJ0sTLb75W8ouaxXEQzR3-2Bcr8P1fEXMDJThwD1HIIzPtOmz5tumftZfgS206ebmljSavANpAP-2FysJdnXKVONe-2BMWh3nnoVF4M1x>
> Known * moderate severity* security vulnerability detected in jquery <
> 3.0.0 defined in package.json
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBsTdbr6tFZvS4r1RdSmLgtRX7AvYEQJFoWFR2JMuAkCid5qoaOEFaM-2BzXwzwa2MGqtRpTSLXwXDQZvqSm-2BD7zPECTjTGskK8sLtPhMtUXfNM_3MNPSO65UvAatF7RiIwz3ybXiXiTKRt5fOrXJwUnCUw8SfWkbG-2Bkt9Akea1-2Firw7AwyAcMPuY9R2EU1-2Bd5sfvbxs0MLgmTRpRWARuhzdeQ-2FRqFvpvBz70EHaF43uyq5kqVJ7ft3irwqK3affYdfwK-2BHY2PxuLHOrhwT-2F9leAedE9Czj5Qj7b35L54Jh9rwR-2BEyPBjyGw4DU2n6m4KVRrGQXnQIvM28IjBtS3TCpYZtL-2BQPIUzecy86TdoKrOKnpF>.
>
> package.json
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBsTdbr6tFZvS4r1RdSmLgtRX7AvYEQJFoWFR2JMuAkCid5qoaOEFaM-2BzXwzwa2MGqtRpTSLXwXDQZvqSm-2BD7zPECTjTGskK8sLtPhMtUXfNM_3MNPSO65UvAatF7RiIwz3ybXiXiTKRt5fOrXJwUnCUw8SfWkbG-2Bkt9Akea1-2Firw7tPXavHTpKS4XqyR2MXToHeptWA7-2BC29aMpv8X1zXV4V-2BEzNSNKibW8iofUI-2BIrKLvlgrUNc2xyUp9cYrqyVP3Yq-2BXm0Xpd4AL2DTDOQ28ENXZ-2Fv46k-2F7Gktsb3O-2ByFUOBmI-2BXBRnbatFniEh8pwwfHt6p5C8Gfk-2B-2BUdJuUm-2FW4azZUOLCCR0ikz10HBIfBgg>
> update suggested: jquery ~> 3.0.0.
> Always verify the validity and compatibility of suggestions with your
> codebase.
> Review vulnerable dependency
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBsTdbr6tFZvS4r1RdSmLgtRX7AvYEQJFoWFR2JMuAkCi8YlnsZCgWu-2F-2B1ur318Uv1fJJlmBk37DsJAW7RNARoxQ-3D_3MNPSO65UvAatF7RiIwz3ybXiXiTKRt5fOrXJwUnCUw8SfWkbG-2Bkt9Akea1-2Firw7zj8LSsj-2F31UT-2B-2FF2qXAOMLCb-2BQolndGC0FcAI0kM8pUYsi4gwFGuz97k4HKI5fG4H2Qazl31s1qR-2F2Q2xgMDJECjxkxQuiFes2lYrCvvikmCnFv1CMf4sv-2F-2Bc3tEJF80WgznHoVKENjhb3qQ-2FE7wfRg6gyAY37KPTUlntiVaA0pVZLVRZKaGDw7W7a9DK5rL>
> ------------------------------
>
> Only users who have been assigned access to security alerts will receive
> these notifications.
> Unsubscribe
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBh4tM-2BvbnAt1ZCBIm0TQChRsti2oUDbPtOO7snnCj3QE6DOLgZ2oiYwpTyEZ-2B4taZVchlHxZhbyXOl29mLHqv-2Fn7FoyKjtUA-2Bw3vLpe2-2BFKqvThgoRXdIdAqPaos6PN0PQ-3D-3D_3MNPSO65UvAatF7RiIwz3ybXiXiTKRt5fOrXJwUnCUw8SfWkbG-2Bkt9Akea1-2Firw71jqU4SAwOsUs2JJ1-2BVjG9MDcEhd9JD6q-2Fz3D8BDgKBvuhUo84WU195RMQSxLQ5j-2BlvNQ81scVCNinXTUeBnCnxeJup1NVA0JsIQxkQFJlj0krZePJhx7NewsrQ215-2FLR3z4cbXvpL0rs38eGsNEGHqZY3hssauFGTSd-2BEfHP031rafnZY8-2BBpu4rvyBOSOAF>
> · Email preferences
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBlttXBNYv-2BeGM-2FMVHbSBvTrPDvaZJ5yvsxfEVwy5gWOO_3MNPSO65UvAatF7RiIwz3ybXiXiTKRt5fOrXJwUnCUw8SfWkbG-2Bkt9Akea1-2Firw7-2FrZD8LGPGy4oHr-2FSqSMQf4KATi8urYfivQ7hdG7wqNIyJS6PLaG-2Bbtts5eCAOsDr-2BaMuQZhgsAb48xPZEB27NTS3-2BlRrqg2k9GyU-2FgC0MAYyApMr8luxJ2a-2FY81imTaynuzpjEAgZx52alDwolMHfhHCsGlUQ09FuHM3aWdv-2FqtYFM-2BQSqmECPcFi9Iewwzu>
> · Terms
> <http://sgmail.githubmail.com/wf/click?upn=H-2FQ3yMxnv4jw-2BxNnSBX80-2FAtA3t7vDbetmbWolVUHkI7aIK5sDG6eHhf6PFf2GZEMdAPO1mXdWyaS9GI2aLnBA-3D-3D_3MNPSO65UvAatF7RiIwz3ybXiXiTKRt5fOrXJwUnCUw8SfWkbG-2Bkt9Akea1-2Firw7Xe-2FkEaCs7vwTVmgfp49lA7rVlWpBiIyjws3w6a1GFWBTRCW9hJMEkHFd53T0gieXm8c7ayIg4mt-2B7KIhqCBEwT5KyWyuqn1jmLxSr-2FHX3CViHpEvUFHmtH-2Fa3DFmwrrJ5sNfjEUUzU0klLwbDBobI5JPWZCwOlGeEvkx7MFpF0QS7ETyQQaW2g8xHYaVBbB1>
> · Privacy
> <http://sgmail.githubmail.com/wf/click?upn=H-2FQ3yMxnv4jw-2BxNnSBX80-2FAtA3t7vDbetmbWolVUHkKdSMxJcKXeaeoPn0qQqs-2Fw-2BqmMjx3QOoJQotJaBhy-2FxQ-3D-3D_3MNPSO65UvAatF7RiIwz3ybXiXiTKRt5fOrXJwUnCUw8SfWkbG-2Bkt9Akea1-2Firw7daannPAT0e1-2BkTRar3P8SD9va06wcSOjzmmRVdLMhADBytJXiGcifZPEvx3AIW99661cIGznU4mBOl41mDrtKvSt3BmYfT3hKeuo2DSV4tnqSyqUWMhPRNBjzqmcW0YCiSqiItZ4Mr4jOARLWr-2FkL7whRBwYT-2FGuEuF7tTJKiTHJTrKUgCtN6PiTK9Q8yZEz>
> · Sign into GitHub
> <http://sgmail.githubmail.com/wf/click?upn=lYxq-2FYU7yocrdKNILYalBluE-2FGrtUQ7WwbM8S6nEaj0-3D_3MNPSO65UvAatF7RiIwz3ybXiXiTKRt5fOrXJwUnCUw8SfWkbG-2Bkt9Akea1-2Firw7RTcZPZNaCyyagzbND9VzJWEmDC0SWliuTGfLiDx6k7e597C44jB8k2kSET-2BOCeliOykMxQcm5gQYywu7pohFqCpSodt69NYoj7bz6vQbypIKfw-2BxmTvlb9cDQYAKm1XqtEc8H2RhKC1orqRZSspEZyaa37S1e-2BB61uKpdt1Q2SWkNTaqvEHGMpvDBhFJt1VE>
>
> GitHub, Inc.
> 88 Colin P Kelly Jr St.
> San Francisco, CA 94107
> <https://maps.google.com/?q=88+Colin+P+Kelly+Jr+St.%0D+San+Francisco,+CA+94107&entry=gmail&source=g>
>
>
> _______________________________________________
> Infra mailing list
> Infra at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/infra
>
>
--
Eyal edri
MANAGER
RHV DevOps
EMEA VIRTUALIZATION R&D
Red Hat EMEA <https://www.redhat.com/>
<https://red.ht/sig> TRIED. TESTED. TRUSTED. <https://redhat.com/trusted>
phone: +972-9-7692018
irc: eedri (on #tlv #rhev-dev #rhev-integ)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/infra/attachments/20180122/0b662316/attachment-0001.html>
More information about the Infra
mailing list