Backport a fix for CVE-2024-47764 to the 4.x branch

joshbuker · joshbuker · commit fb7aba2be05e · 2024-10-07T10:53:50.000-07:00
For details, see: expressjs#6017 (comment)
diff --git a/History.md b/History.md
@@ -1,3 +1,8 @@
+unreleased
+==========
+
+* Backported a fix for CVE-2024-47764
+
 4.21.0 / 2024-09-11
 ==========
 
diff --git a/package.json b/package.json
@@ -33,7 +33,7 @@
     "body-parser": "1.20.3",
     "content-disposition": "0.5.4",
     "content-type": "~1.0.4",
-    "cookie": "0.6.0",
+    "cookie": "^0.7.1",
     "cookie-signature": "1.0.6",
     "debug": "2.6.9",
     "depd": "2.0.0",
