Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RUSTSEC-2024-0336: rustls::ConnectionCommon::complete_io could fall into an infinite loop based on network input #1843

Closed
MitchTurner opened this issue Apr 19, 2024 · 0 comments
Closed

RUSTSEC-2024-0336: rustls::ConnectionCommon::complete_io could fall into an infinite loop based on network input #1843

MitchTurner opened this issue Apr 19, 2024 · 0 comments

Comments

@MitchTurner
Copy link
Member

Usually the github-actions would create this but it hasn't yet, so I'm adding it just in case.
@MitchTurner MitchTurner mentioned this issue Apr 19, 2024
Merged
9 tasks
xgreenx pushed a commit that referenced this issue Apr 19, 2024
@MitchTurner
Ignore vulnerability RUSTSEC-2024-0336 (#1842)
2ef6078 
Issue for tracking the vulnerability:
#1843

## Checklist
- [ ] Breaking changes are clearly marked as such in the PR description
and changelog
- [ ] New behavior is reflected in tests
- [ ] [The specification](https://github.com/FuelLabs/fuel-specs/)
matches the implemented behavior (link update PR if changes are needed)

### Before requesting review
- [x] I have reviewed the code myself
- [x] I have created follow-up issues caused by this PR and linked them
here

### After merging, notify other teams

[Add or remove entries as needed]

- [ ] [Rust SDK](https://github.com/FuelLabs/fuels-rs/)
- [ ] [Sway compiler](https://github.com/FuelLabs/sway/)
- [ ] [Platform
documentation](https://github.com/FuelLabs/devrel-requests/issues/new?assignees=&labels=new+request&projects=&template=NEW-REQUEST.yml&title=%5BRequest%5D%3A+)
(for out-of-organization contributors, the person merging the PR will do
this)
- [ ] Someone else?
crypto523 pushed a commit to crypto523/fuel-core that referenced this issue Oct 7, 2024
Ignore vulnerability RUSTSEC-2024-0336 (#1842)
64833dc 
Issue for tracking the vulnerability:
FuelLabs/fuel-core#1843

## Checklist
- [ ] Breaking changes are clearly marked as such in the PR description
and changelog
- [ ] New behavior is reflected in tests
- [ ] [The specification](https://github.com/FuelLabs/fuel-specs/)
matches the implemented behavior (link update PR if changes are needed)

### Before requesting review
- [x] I have reviewed the code myself
- [x] I have created follow-up issues caused by this PR and linked them
here

### After merging, notify other teams

[Add or remove entries as needed]

- [ ] [Rust SDK](https://github.com/FuelLabs/fuels-rs/)
- [ ] [Sway compiler](https://github.com/FuelLabs/sway/)
- [ ] [Platform
documentation](https://github.com/FuelLabs/devrel-requests/issues/new?assignees=&labels=new+request&projects=&template=NEW-REQUEST.yml&title=%5BRequest%5D%3A+)
(for out-of-organization contributors, the person merging the PR will do
this)
- [ ] Someone else?
@AurelienFT AurelienFT mentioned this issue Oct 23, 2024
Merged
AurelienFT added a commit that referenced this issue Oct 23, 2024
@AurelienFT @xgreenx
Remove ignore RUSTSEC-2024-0336 (#2384)
481d4bb 
## Linked Issues/PRs
Resolves #1843

## Description
This has been fixed in #1954.
Verified it by running cargo audit on my own did had this warning.

Co-authored-by: Green Baneling <XgreenX9999@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MitchTurner @AurelienFT