DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-03-05 20:52:15 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Fix for CVE-2019-10772

Browse source 
Vuln in SVG sanitizer library
This commit is contained in:
snipe 2020-03-04 22:15:31 -08:00
parent 15518852aa
commit 5307e57bd9
2 changed files with 11 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
composer.json
View file

@ -14,7 +14,7 @@
"doctrine/inflector": "^1.3", "doctrine/inflector": "^1.3",
"doctrine/instantiator": "^1.2", "doctrine/instantiator": "^1.2",
"eduardokum/laravel-mail-auto-embed": "^1.0", "eduardokum/laravel-mail-auto-embed": "^1.0",
"enshrined/svg-sanitize": "^0.13.0", "enshrined/svg-sanitize": "^0.13.3",
"erusev/parsedown": "^1.7", "erusev/parsedown": "^1.7",
"fideloper/proxy": "^4.1", "fideloper/proxy": "^4.1",
"guzzlehttp/guzzle": "^6.3", "guzzlehttp/guzzle": "^6.3",

18
composer.lock generated
View file

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically" "This file is @generated automatically"
], ],
"content-hash": "745e56814dad4b004d4d815075801416", "content-hash": "97bcbb894d4d50de7b4057c72584fc4c",
"packages": [ "packages": [
{ {
"name": "asm89/stack-cors", "name": "asm89/stack-cors",
@ -112,12 +112,12 @@
"version": "v0.11.4", "version": "v0.11.4",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/barryvdh/laravel-cors.git", "url": "https://github.com/fruitcake/laravel-cors.git",
"reference": "03492f1a3bc74a05de23f93b94ac7cc5c173eec9" "reference": "03492f1a3bc74a05de23f93b94ac7cc5c173eec9"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/barryvdh/laravel-cors/zipball/03492f1a3bc74a05de23f93b94ac7cc5c173eec9", "url": "https://api.github.com/repos/fruitcake/laravel-cors/zipball/03492f1a3bc74a05de23f93b94ac7cc5c173eec9",
"reference": "03492f1a3bc74a05de23f93b94ac7cc5c173eec9", "reference": "03492f1a3bc74a05de23f93b94ac7cc5c173eec9",
"shasum": "" "shasum": ""
}, },
@ -1288,16 +1288,16 @@
}, },
{ {
"name": "enshrined/svg-sanitize", "name": "enshrined/svg-sanitize",
"version": "0.13.0", "version": "0.13.3",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/darylldoyle/svg-sanitizer.git", "url": "https://github.com/darylldoyle/svg-sanitizer.git",
"reference": "4cf8d0f61edf9f00b84e162fc229176a362da247" "reference": "bc66593f255b7d2613d8f22041180036979b6403"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/darylldoyle/svg-sanitizer/zipball/4cf8d0f61edf9f00b84e162fc229176a362da247", "url": "https://api.github.com/repos/darylldoyle/svg-sanitizer/zipball/bc66593f255b7d2613d8f22041180036979b6403",
"reference": "4cf8d0f61edf9f00b84e162fc229176a362da247", "reference": "bc66593f255b7d2613d8f22041180036979b6403",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -1325,7 +1325,7 @@
} }
], ],
"description": "An SVG sanitizer for PHP", "description": "An SVG sanitizer for PHP",
"time": "2019-11-07T09:16:31+00:00" "time": "2020-01-20T01:34:17+00:00"
}, },
{ {
"name": "erusev/parsedown", "name": "erusev/parsedown",
@ -2784,6 +2784,7 @@
"cron", "cron",
"schedule" "schedule"
], ],
"abandoned": "dragonmantank/cron-expression",
"time": "2017-01-23T04:29:33+00:00" "time": "2017-01-23T04:29:33+00:00"
}, },
{ {
@ -6443,6 +6444,7 @@
"psr", "psr",
"psr-7" "psr-7"
], ],
"abandoned": "laminas/laminas-diactoros",
"time": "2019-08-06T17:53:53+00:00" "time": "2019-08-06T17:53:53+00:00"
} }
], ],