Skip to content

Commit

Permalink
chore(deps): upgrade openssl crate
Browse files Browse the repository at this point in the history 
```
error[vulnerability]: `MemBio::get_buf` has undefined behavior with empty buffers
    ┌─ /home/runner/work/ckb/ckb/Cargo.lock:313:1
    │
313 │ openssl 0.10.64 registry+https://github.com/rust-lang/crates.io-index
    │ --------------------------------------------------------------------- security vulnerability detected
    │
    = ID: RUSTSEC-2024-0357
    = Advisory: https://rustsec.org/advisories/RUSTSEC-2024-0357
    = Previously, `MemBio::get_buf` called `slice::from_raw_parts` with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed.
    = Announcement: sfackler/rust-openssl#2266
    = Solution: Upgrade to >=0.10.66 (try `cargo update -p openssl`)
```
  • Loading branch information
@doitian
doitian committed Jul 22, 2024
1 parent 31e0287 commit 4957ce8
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 4957ce8

Please sign in to comment.