Skip to content

*ring* is maintained again #2230

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
alex merged 1 commit into from
Feb 22, 2025
Merged

*ring* is maintained again #2230

alex merged 1 commit into from
Feb 22, 2025

Conversation

@djc
Copy link
Contributor

@djc djc commented Feb 22, 2025
edited
Loading

Remove unmaintained advisory RUSTSEC-2025-0007.

@ctz and the rustls maintainers now have access to the crates.io entry for ring.

@alex
Copy link
Member

alex commented Feb 22, 2025

I think the correct way to do this is to add withdrawn = "2025-02-22"?

@djc
Copy link
Contributor Author

djc commented Feb 22, 2025

I think the correct way to do this is to add withdrawn = "2025-02-22"?

Ahh, I was looking for something like that.

@djc djc force-pushed the retract-unmaintained-ring branch from 8ef4f2d to 2da2d90 Compare February 22, 2025 16:33
@djc
Copy link
Contributor Author

djc commented Feb 22, 2025

I think the correct way to do this is to add withdrawn = "2025-02-22"?

Fixed.

@Shnatsel
Copy link
Member

Shnatsel commented Feb 22, 2025

Thank you!

It would be nice to add a line or two about rustls maintainers getting access into the advisory text to make the situation more clear.

@djc djc force-pushed the retract-unmaintained-ring branch from 2da2d90 to ed51835 Compare February 22, 2025 16:38
djc
djc commented Feb 22, 2025
View reviewed changes
crates/ring/RUSTSEC-2025-0007.md
any reported security vulnerabilities may go unaddressed for prolonged periods
of time.

# Update: security maintenance only
Copy link
Contributor Author

@djc djc Feb 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ctz thoughts on this wording?

@alex alex merged commit e23da6c into rustsec:main Feb 22, 2025
1 check passed
This was referenced Feb 22, 2025
Closed
Open
@xxchan xxchan mentioned this pull request Feb 23, 2025
Closed
@g2p g2p mentioned this pull request Feb 25, 2025
Closed
@madsbv madsbv mentioned this pull request Mar 3, 2025
Closed
@nirbheek nirbheek mentioned this pull request Mar 4, 2025
Merged
@Gelbpunkt Gelbpunkt mentioned this pull request Apr 22, 2025
Closed
@mbrubeck mbrubeck mentioned this pull request Apr 29, 2025
Closed
@tnull tnull mentioned this pull request Aug 12, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alex alex alex approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@djc @alex @Shnatsel