From c6ce05e3a262918a4bce197df46a31bbeae414a5 Mon Sep 17 00:00:00 2001
From: Moritz Kiefer <moritz.kiefer@purelyfunctional.org>
Date: Mon, 3 Aug 2020 15:51:05 +0200
Subject: [PATCH] Upgrade jpeg-js to address security vulnerabilities (#6949)

Tested locally that Navigator still works.

changelog_begin
changelog_end
---
 navigator/frontend/package.json | 3 ++-
 navigator/frontend/yarn.lock    | 8 ++++----
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/navigator/frontend/package.json b/navigator/frontend/package.json
index 6307b261a5..1c820adecd 100644
--- a/navigator/frontend/package.json
+++ b/navigator/frontend/package.json
@@ -89,6 +89,7 @@
   "resolutions": {
     "**/apollo-client": "~1.4.0",
     "**/elliptic": "^6.5.3",
-    "**/resize-img": "^2.0.0"
+    "**/resize-img": "^2.0.0",
+    "**/jpeg-js": "^0.4.1"
   }
 }
diff --git a/navigator/frontend/yarn.lock b/navigator/frontend/yarn.lock
index 046fb1fa6c..5c19883a0c 100644
--- a/navigator/frontend/yarn.lock
+++ b/navigator/frontend/yarn.lock
@@ -4953,10 +4953,10 @@ jimp@^0.8.3:
     core-js "^2.5.7"
     regenerator-runtime "^0.13.3"
 
-jpeg-js@^0.3.4:
-  version "0.3.7"
-  resolved "https://registry.yarnpkg.com/jpeg-js/-/jpeg-js-0.3.7.tgz#471a89d06011640592d314158608690172b1028d"
-  integrity sha512-9IXdWudL61npZjvLuVe/ktHiA41iE8qFyLB+4VDTblEsWBzeg8WQTlktdUK4CdncUqtUgUg0bbOmTE2bKBKaBQ==
+jpeg-js@^0.3.4, jpeg-js@^0.4.1:
+  version "0.4.1"
+  resolved "https://registry.yarnpkg.com/jpeg-js/-/jpeg-js-0.4.1.tgz#937a3ae911eb6427f151760f8123f04c8bfe6ef7"
+  integrity sha512-jA55yJiB5tCXEddos8JBbvW+IMrqY0y1tjjx9KNVtA+QPmu7ND5j0zkKopClpUTsaETL135uOM2XfcYG4XRjmw==
 
 "js-tokens@^3.0.0 || ^4.0.0", js-tokens@^4.0.0:
   version "4.0.0"