From ade5b983e2a5d8e077d642e6536641b44837f7e8 Mon Sep 17 00:00:00 2001
From: Sylvain <sylvain@sleede.com>
Date: Thu, 17 Nov 2022 12:29:36 +0100
Subject: [PATCH] (security) CVE-2022-37601, CVE-2022-37603, CVE-2022-37599

---
 CHANGELOG.md | 2 ++
 yarn.lock    | 6 +++---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 26a699844..622527731 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,7 @@
 # Changelog Fab-manager
 
+- Fix a security issue: updated loader-utils to 2.0.4 to fix [CVE-2022-37601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37601), [CVE-2022-37603](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37603) and [CVE-2022-37599](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37599)
+
 ## v5.5.3 2022 November 17
 
 - By default, sort invoices by date in the admin list
diff --git a/yarn.lock b/yarn.lock
index f02c143f3..b65b14898 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -5382,9 +5382,9 @@ loader-utils@^1.0.2, loader-utils@^1.1.0, loader-utils@^1.4.0:
     json5 "^1.0.1"
 
 loader-utils@^2.0.0:
-  version "2.0.2"
-  resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-2.0.2.tgz#d6e3b4fb81870721ae4e0868ab11dd638368c129"
-  integrity sha512-TM57VeHptv569d/GKh6TAYdzKblwDNiumOdkFnejjD0XwTH87K90w3O7AiJRqdQoXygvi1VQTJTLGhJl7WqA7A==
+  version "2.0.4"
+  resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-2.0.4.tgz#8b5cb38b5c34a9a018ee1fc0e6a066d1dfcc528c"
+  integrity sha512-xXqpXoINfFhgua9xiqD8fPFHgkoq1mmmpE92WlDbm9rNRd/EbRb+Gqf908T2DMfuHjjJlksiK2RbHVOdD/MqSw==
   dependencies:
     big.js "^5.2.2"
     emojis-list "^3.0.0"