Fix buffer over-read vulnerability existing in bl < 4.0.3 (#125)

See https://github.com/advisories/GHSA-pp7h-53gx-mx7r Fix: CVE-2020-8244
2020-09-09 08:14:54 +02:00 · 2020-09-09 08:14:54 +02:00 · 25e191eb66
commit 25e191eb66
parent b44f5937f9
1 changed files with 1 additions and 1 deletions
--- a/package.json
+++ b/package.json
@ -4,7 +4,7 @@
  "description": "tar-stream is a streaming tar parser and generator and nothing else. It is streams2 and operates purely using streams which means you can easily extract/parse tarballs without ever hitting the file system.",
  "author": "Mathias Buus <mathiasbuus@gmail.com>",
  "dependencies": {
-    "bl": "^4.0.1",
+    "bl": "^4.0.3",
    "end-of-stream": "^1.4.1",
    "fs-constants": "^1.0.0",
    "inherits": "^2.0.3",