[cfe-dev] Fwd: [llvm-mirror/clang-tools-extra] One of your dependencies may have a security vulnerability
Will Dietz via cfe-dev
cfe-dev at lists.llvm.org
Tue Oct 16 22:00:58 PDT 2018
Hi folks, haven't looked into it but thought I'd forward this in case it's
useful and worth acting on. Apologies if entirely noise, but better safe
than sorry :).
---------- Forwarded message ---------
From: GitHub <notifications at github.com>
Date: Tue, Oct 16, 2018, 12:02 PM
Subject: [llvm-mirror/clang-tools-extra] One of your dependencies may have
a security vulnerability
To: llvm-mirror/clang-tools-extra <clang-tools-extra at noreply.github.com>
Cc: Security alert <security_alert at noreply.github.com>
We found a potential security vulnerabilty in one of your dependencies
[image: GitHub] <https://github.com> Sign in <https://github.com/login>
We found a potential security vulnerability in a repository for which you
have been granted security alert access.
[image: @llvm-mirror] llvm-mirror/clang-tools-extra
Known * high severity* security vulnerability detected in YamlDotNet <=
4.3.2 defined in packages.config
update suggested: YamlDotNet ~> 5.0.0.
Always verify the validity and compatibility of suggestions with your
Review vulnerable dependency
Only users who have been assigned access to security alerts will receive
· Email preferences <https://github.com/settings/emails> · Terms
<https://help.github.com/articles/github-terms-of-service/> · Privacy
<https://help.github.com/articles/github-privacy-policy/> · Sign into GitHub
88 Colin P Kelly Jr St.
San Francisco, CA 94107
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cfe-dev