From e29a52709d023aa3c06f9269061a236a8c27e586 Mon Sep 17 00:00:00 2001 From: "Mark S. Lewis" Date: Sat, 11 Nov 2023 17:19:31 +0000 Subject: [PATCH] Update dependencies to address CVE-2023-45857 A vulnerable dependency was used by the CouchDB wallet implementation. Signed-off-by: Mark S. Lewis --- fabric-common/package.json | 2 +- fabric-network/package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/fabric-common/package.json b/fabric-common/package.json index cd3264532..5982adb73 100644 --- a/fabric-common/package.json +++ b/fabric-common/package.json @@ -27,7 +27,7 @@ "callsite": "^1.0.0", "elliptic": "^6.5.4", "fabric-protos": "file:../fabric-protos", - "js-sha3": "^0.8.0", + "js-sha3": "^0.9.2", "jsrsasign": "^10.5.25", "long": "^5.2.3", "nconf": "^0.12.0", diff --git a/fabric-network/package.json b/fabric-network/package.json index faffe232e..ab49150d4 100644 --- a/fabric-network/package.json +++ b/fabric-network/package.json @@ -27,7 +27,7 @@ "fabric-common": "file:../fabric-common", "fabric-protos": "file:../fabric-protos", "long": "^5.2.3", - "nano": "^9.0.5" + "nano": "^10.1.2" }, "nyc": { "exclude": [