GuiltySpark Update dependency @solana/web3.js to v1.66.6 [SECURITY]

Update dependency @solana/web3.js to v1.66.6 [SECURITY]

Open renovate[bot] opened this issue 6 months ago • 0 comments

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@solana/web3.js (source)	`1.66.2` -> `1.66.6`

GitHub Vulnerability Alerts

CVE-2024-30253

Using particular inputs with @solana/web3.js will result in memory exhaustion (OOM).

If you have a server, client, mobile, or desktop product that accepts untrusted input for use with @solana/web3.js, your application/service may crash, resulting in a loss of availability.

Release Notes

solana-labs/solana-web3.js (@solana/web3.js)

`v1.66.5`

Compare Source

Bug Fixes

verify commitment level when confirming transactions with one-shot fetch (#28969) (a206ab6)

`v1.66.4`

Compare Source

Bug Fixes

remove Buffer from transaction signature verification (#27868) (7498c1a)

`v1.66.3`

Compare Source

Bug Fixes

add confirmation status to ConfirmedSignatureInfo web3.js response (#28555) (f6fd2cf)
web3.js transaction confirmation now double-checks for already-confirmed txs (#28290) (772c788)

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Aug 06 '24 06:08 renovate[bot]

GuiltySpark GuiltySpark copied to clipboard

Update dependency @solana/web3.js to v1.66.6 [SECURITY]

GitHub Vulnerability Alerts

CVE-2024-30253

Release Notes

v1.66.5

Bug Fixes

v1.66.4

Bug Fixes

v1.66.3

Bug Fixes

Configuration

GuiltySpark
GuiltySpark copied to clipboard

`v1.66.5`

`v1.66.4`

`v1.66.3`