chore(deps): update rust crate cargo to 0.85.0 #472
GitHub Actions / Security audit
failed
Jan 9, 2025 in 1s
Security advisories found
1 advisory(ies), 1 other
Details
Vulnerabilities
RUSTSEC-2024-0357
MemBio::get_bufhas undefined behavior with empty buffers
| Details | |
|---|---|
| Package | openssl |
| Version | 0.10.57 |
| URL | sfackler/rust-openssl#2266 |
| Date | 2024-07-21 |
| Patched versions | >=0.10.66 |
Previously, MemBio::get_buf called slice::from_raw_parts with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed.
Loading