aws-solutions · abewub · Nov 27, 2024 · Nov 27, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,12 @@
  The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
  and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+ ## [2.0.1] - 2024-11-27
+
+### Changed
+
+- Updated dependencies to address cross-spawn CVE-2024-21538
+
 ## [2.0.0] - 2024-10-03
  ### Added
   - Amazon Q Topics for the data sources Security Hub and CloudTrail

diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,8 @@
+Reporting Security Issues
+-------------------------------------------------------------------------------------------------------------------------------------------------
+We take all security reports seriously. When we receive such reports, we will investigate and
+subsequently address any potential vulnerabilities as quickly as possible. If you discover a potential
+security issue in this project, please notify AWS/Amazon Security via
+our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or
+directly via email to [AWS Security](mailto:aws-security@amazon.com). Please do not create a public GitHub issue in this
+project.
diff --git a/package-lock.json b/package-lock.json
diff --git a/source/resources/package-lock.json b/source/resources/package-lock.json
diff --git a/source/resources/package.json b/source/resources/package.json
@@ -1,6 +1,6 @@
 {
   "name": "security-insights-on-aws",
-  "version": "2.0.0",
+  "version": "2.0.1",
   "description": "Security Insights on AWS(SO0228)",
   "license": "Apache-2.0",
   "repository": {

diff --git a/source/resources/test/__snapshots__/security-insights-on-aws-snapshot.test.ts.snap b/source/resources/test/__snapshots__/security-insights-on-aws-snapshot.test.ts.snap
@@ -95,7 +95,7 @@ exports[`Snapshot test for canary alarm 1`] = `
         "SendAnonymizedUsageData": "True",
         "SolutionName": "Security Insights on AWS",
         "UserAgentString": "",
-        "Version": "v2.0.0",
+        "Version": "v2.0.1",
       },
     },
   },
@@ -518,7 +518,7 @@ exports[`Snapshot test for canary alarm 1`] = `
           },
           "Solutions:SolutionID": "SO0228",
           "Solutions:SolutionName": "security-insights-on-aws",
-          "Solutions:SolutionVersion": "v2.0.0",
+          "Solutions:SolutionVersion": "v2.0.1",
         },
       },
       "Type": "AWS::ServiceCatalogAppRegistry::Application",
@@ -1612,7 +1612,7 @@ exports[`Snapshot test for canary alarm 1`] = `
               ],
             ],
           },
-          "S3Key": "security-insights-on-aws/v2.0.0/setAthenaThresholdValue.zip",
+          "S3Key": "security-insights-on-aws/v2.0.1/setAthenaThresholdValue.zip",
         },
         "Description": "Lambda function to convert Athena threshold value to bytes",
         "Environment": {
@@ -1858,7 +1858,7 @@ exports[`Snapshot test for canary alarm 1`] = `
               ],
             ],
           },
-          "S3Key": "security-insights-on-aws/v2.0.0/createLakeFormationPermissions.zip",
+          "S3Key": "security-insights-on-aws/v2.0.1/createLakeFormationPermissions.zip",
         },
         "Description": "Lambda function to create LakeFormation Permissions",
         "Environment": {
@@ -2356,7 +2356,7 @@ exports[`Snapshot test for canary alarm 1`] = `
               ],
             ],
           },
-          "S3Key": "security-insights-on-aws/v2.0.0/createQuickSightDataSets.zip",
+          "S3Key": "security-insights-on-aws/v2.0.1/createQuickSightDataSets.zip",
         },
         "Description": "Lambda function to create data and update data sets for QuickSight",
         "Environment": {
@@ -2818,7 +2818,7 @@ exports[`Snapshot test for canary alarm 1`] = `
               ],
             ],
           },
-          "S3Key": "security-insights-on-aws/v2.0.0/createQuickSightDataSetRefreshSchedules.zip",
+          "S3Key": "security-insights-on-aws/v2.0.1/createQuickSightDataSetRefreshSchedules.zip",
         },
         "Description": "Lambda function to create refresh schedule for quicksight datasets",
         "Environment": {
@@ -4082,7 +4082,7 @@ exports[`Snapshot test for canary alarm 1`] = `
               ],
             ],
           },
-          "S3Key": "security-insights-on-aws/v2.0.0/createSolutionReleaseNotification.zip",
+          "S3Key": "security-insights-on-aws/v2.0.1/createSolutionReleaseNotification.zip",
         },
         "Description": "Lambda function to create new release notifications",
         "Environment": {
@@ -4105,7 +4105,7 @@ exports[`Snapshot test for canary alarm 1`] = `
                 "Arn",
               ],
             },
-            "CURRENT_RELEASE_TAG": "release/v2.0.0",
+            "CURRENT_RELEASE_TAG": "release/v2.0.1",
             "DELAY_IN_SECONDS_FOR_RATE_LIMITING": "1",
             "LAMBDA_EXECUTION_ROLE_ARN": {
               "Fn::GetAtt": [
@@ -5687,7 +5687,7 @@ exports[`Snapshot test for canary alarm 1`] = `
               ],
             ],
           },
-          "S3Key": "security-insights-on-aws/v2.0.0/quickSightUserGroupManager.zip",
+          "S3Key": "security-insights-on-aws/v2.0.1/quickSightUserGroupManager.zip",
         },
         "Description": "Creates default user groups and assigns permissions to view the Security Insights Dashboard and Analyses",
         "Environment": {
@@ -7450,7 +7450,7 @@ exports[`Snapshot test for canary alarm 1`] = `
               ],
             ],
           },
-          "S3Key": "security-insights-on-aws/v2.0.0/sendMetrics.zip",
+          "S3Key": "security-insights-on-aws/v2.0.1/sendMetrics.zip",
         },
         "Description": "Lambda function to send athena metrics",
         "Environment": {
@@ -8636,7 +8636,7 @@ exports[`Snapshot test for canary alarm 1`] = `
               ],
             ],
           },
-          "S3Key": "security-insights-on-aws/v2.0.0/uuidGenerator.zip",
+          "S3Key": "security-insights-on-aws/v2.0.1/uuidGenerator.zip",
         },
         "Description": "UUID Generator Lambda Function",
         "Environment": {
@@ -9231,7 +9231,7 @@ exports[`Snapshot test for canary alarm 1`] = `
               ],
             ],
           },
-          "S3Key": "security-insights-on-aws/v2.0.0/updateSsmParameters.zip",
+          "S3Key": "security-insights-on-aws/v2.0.1/updateSsmParameters.zip",
         },
         "Description": "Lambda function to update SSM Parameters",
         "Environment": {

diff --git a/source/resources/test/security-insights-on-aws-snapshot.test.ts b/source/resources/test/security-insights-on-aws-snapshot.test.ts
@@ -16,7 +16,7 @@ export const props: SecurityInsightsOnAwStackProps = {
   solutionName: 'security-insights-on-aws',
   solutionProvider: 'AWS Solutions',
   solutionTradeMarkName: 'security-insights-on-aws',
-  solutionVersion: 'v2.0.0'
+  solutionVersion: 'v2.0.1'
 };
 
 /*

diff --git a/source/services/createLakeFormationPermissions/package-lock.json b/source/services/createLakeFormationPermissions/package-lock.json
diff --git a/source/services/createLakeFormationPermissions/package.json b/source/services/createLakeFormationPermissions/package.json
@@ -1,6 +1,6 @@
 {
   "name": "security-lake-configuration",
-  "version": "2.0.0",
+  "version": "2.0.1",
   "description": "Lambda function to get security lake configuration",
   "main": "./index.js",
   "author": {

diff --git a/source/services/createQuickSightDataSetRefreshSchedules/package-lock.json b/source/services/createQuickSightDataSetRefreshSchedules/package-lock.json
diff --git a/source/services/createQuickSightDataSetRefreshSchedules/package.json b/source/services/createQuickSightDataSetRefreshSchedules/package.json
@@ -1,6 +1,6 @@
 {
   "name": "security-lake-configuration",
-  "version": "2.0.0",
+  "version": "2.0.1",
   "description": "Lambda function to create refresh schedules for datasets",
   "main": "./index.js",
   "author": {

diff --git a/source/services/createQuickSightDataSets/package-lock.json b/source/services/createQuickSightDataSets/package-lock.json
diff --git a/source/services/createQuickSightDataSets/package.json b/source/services/createQuickSightDataSets/package.json
@@ -1,6 +1,6 @@
 {
   "name": "security-lake-configuration",
-  "version": "2.0.0",
+  "version": "2.0.1",
   "description": "Lambda function to create quicksight datasets",
   "main": "./index.js",
   "author": {

diff --git a/source/services/createSolutionReleaseNotification/package-lock.json b/source/services/createSolutionReleaseNotification/package-lock.json
diff --git a/source/services/createSolutionReleaseNotification/package.json b/source/services/createSolutionReleaseNotification/package.json
@@ -1,6 +1,6 @@
 {
   "name": "security-lake-configuration",
-  "version": "2.0.0",
+  "version": "2.0.1",
   "description": "Lambda function to check for the latest solution version available",
   "main": "./index.js",
   "author": {

diff --git a/source/services/quickSightUserGroupManager/package-lock.json b/source/services/quickSightUserGroupManager/package-lock.json
diff --git a/source/services/quickSightUserGroupManager/package.json b/source/services/quickSightUserGroupManager/package.json
@@ -1,6 +1,6 @@
 {
   "name": "security-lake-configuration",
-  "version": "2.0.0",
+  "version": "2.0.1",
   "description": "Lambda function to create quicksight user groups",
   "main": "./index.js",
   "author": {