Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security scan detect utile as low level vulnerability WS-2018-0148 #1021

Closed
jpgcode opened this issue Mar 5, 2019 · 5 comments · Fixed by #1022
Closed

Security scan detect utile as low level vulnerability WS-2018-0148 #1021

jpgcode opened this issue Mar 5, 2019 · 5 comments · Fixed by #1022

Comments

@jpgcode
Copy link

jpgcode commented Mar 5, 2019

utile allocates uninitialized Buffers when number is passed in input.
Before version 0.3.0

Forever is still using utile 0.2.1.

Can we look for upgrade?
@kibertoad
Copy link
Contributor

Sure!

@kibertoad kibertoad mentioned this issue Mar 5, 2019
Merged
@kibertoad
Copy link
Contributor

Could you please test latest version from master?

@jpgcode
Copy link
Author

jpgcode commented Mar 5, 2019

It looks great, are we planning to release to NPM repo soon? Do not want to rely on master in PROD for long time.

@kibertoad
Copy link
Contributor

@indexzero Are we :)?

@kibertoad
Copy link
Contributor

New version with a fix is finally out! Sorry for the delay.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update utile to get rid of security warning foreversd/forever
2 participants
@jpgcode @kibertoad