Skip to content

Commit

Permalink
chore(deps): upgrade openssl crate
Browse files Browse the repository at this point in the history
```
error[vulnerability]: `MemBio::get_buf` has undefined behavior with empty buffers
    ┌─ /home/runner/work/ckb/ckb/Cargo.lock:313:1
    │
313 │ openssl 0.10.64 registry+https://github.com/rust-lang/crates.io-index
    │ --------------------------------------------------------------------- security vulnerability detected
    │
    = ID: RUSTSEC-2024-0357
    = Advisory: https://rustsec.org/advisories/RUSTSEC-2024-0357
    = Previously, `MemBio::get_buf` called `slice::from_raw_parts` with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed.
    = Announcement: sfackler/rust-openssl#2266
    = Solution: Upgrade to >=0.10.66 (try `cargo update -p openssl`)
```

Signed-off-by: Yadong Ding <[email protected]>
  • Loading branch information
Desiki-high committed Jul 22, 2024
1 parent a6bd8cc commit a482274
Showing 1 changed file with 12 additions and 11 deletions.
23 changes: 12 additions & 11 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit a482274

Please sign in to comment.