Skip to content

Update rkyv version in Cargo.toml to fix RUSTSEC-2026-0001#768

Closed
vikrantrathore wants to merge 1 commit intopaupino:masterfrom
vikrantrathore:patch-1
Closed

Update rkyv version in Cargo.toml to fix RUSTSEC-2026-0001#768
vikrantrathore wants to merge 1 commit intopaupino:masterfrom
vikrantrathore:patch-1

Conversation

@vikrantrathore
Copy link

@vikrantrathore vikrantrathore commented Jan 6, 2026

Changed the version of rkyv for undefined behaviour.

@vikrantrathore
Update rkyv version in Cargo.toml to fix RUSTSEC-2026-0001
a90ad09 
Changed the version of rkyv for undefined behaviour.
@Tony-Samuels
Copy link
Collaborator

Tony-Samuels commented Jan 6, 2026

This is fixed in rkyv as a backport. Unfortunately we can't accept this change, as upgrading from 0.7 to 0.8 would be a breaking change.

@vikrantrathore
Copy link
Author

vikrantrathore commented Jan 6, 2026

But cargo audit continue to emit security advice and as security error. May be it will be better to update the advisory as well.

@Tony-Samuels
Copy link
Collaborator

Tony-Samuels commented Jan 6, 2026

rustsec/advisory-db#2573

Not sure if this is the best place to update, but easy enough to do so I've submitted a PR

@vikrantrathore
Copy link
Author

vikrantrathore commented Jan 6, 2026

rustsec/advisory-db#2573

Not sure if this is the best place to update, but easy enough to do so I've submitted a PR

Thanks now cargo audit do not give audit error.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vikrantrathore @Tony-Samuels