Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update tungstenite to 0.20.1 for security update #166

Merged
merged 1 commit into from
Feb 2, 2024

Conversation

jhg
Copy link
Contributor

@jhg jhg commented Nov 20, 2023

Crate: tungstenite
Version: 0.16.0
Title: Tungstenite allows remote attackers to cause a denial of service
Date: 2023-09-25
ID: RUSTSEC-2023-0065
URL: https://rustsec.org/advisories/RUSTSEC-2023-0065
Solution: Upgrade to >=0.20.1

@jhg
Copy link
Contributor Author

jhg commented Nov 21, 2023

I see now the Cargo.lock file, I'll update that to fix the error in the workflow.

@lemunozm
Copy link
Owner

Thanks a lot for your contribution!

Crate:         tungstenite
Version:       0.16.0
Title:         Tungstenite allows remote attackers to cause a denial of service
Date:          2023-09-25
ID:            RUSTSEC-2023-0065
URL:           https://rustsec.org/advisories/RUSTSEC-2023-0065
Solution:      Upgrade to >=0.20.1
@jhg jhg force-pushed the update-tungstenite-RUSTSEC-2023-0065 branch from 1d5e0a9 to 842a88c Compare January 29, 2024 17:24
@jhg
Copy link
Contributor Author

jhg commented Jan 29, 2024

Excuse me to late, it's done now. The Cargo.lock file is updated and it'll use tungstenite 0.21.0, the check and test show only warnings but without errors.

@lemunozm is there an estimated date for next release?

@lemunozm
Copy link
Owner

Thanks for fixing it! I'll try this week

@lemunozm lemunozm merged commit 08f2504 into lemunozm:master Feb 2, 2024
7 checks passed
@lemunozm
Copy link
Owner

lemunozm commented Feb 2, 2024

This change is in v0.18.1

@jhg jhg deleted the update-tungstenite-RUSTSEC-2023-0065 branch May 10, 2024 03:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants