search

Icelk / kvarn

An extensible and efficient forward-thinking web server for the future.
https://kvarn.org
Apache License 2.0
15 stars 1 forks source link

build(deps): update x509-parser requirement from 0.13 to 0.14 #10

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 2 years ago

Updates the requirements on x509-parser to permit the latest version.

Changelog

Sourced from x509-parser's changelog.

0.14.0

Added/Changed

  • Add support for parsing signature parameters and value (closes #94)

  • Change ASN1Time::to_rfc2822() to return a Result

  • ASN1Time: modify from_timestamp to return a Result

  • ASN1Time: implement Display

  • Upgrade versions of asn1-rs, oid-registry and der-parser

  • AlgorithmIdentifier: add const methods to create object/access fields

  • Globally: start using asn1-rs types, simplify parsers:

    • AlgorithmIdentifier: automatically derive struct, use type ANY
    • Merge old FromDer trait into asn1_rs::FromDer (using X509Error)
    • Replace BitStringObject with BitString
    • AttributeTypeAndValue: use Any instead of DerObject
    • Extensions: replace UnparsedObject with Any
    • X509Error: add methods to simplify conversions
    • CRI Attributes: rewrite and simplify parsers
    • Simplify parsers for multiple types and extensions

Fixed

  • Fix ECDSA signature verification when CA and certificate use different curves

Thanks

0.13.2

Fixed

  • Fix panic in ASN1Time::to_rfc2822() when year is less than 1900

0.13.1

Fixed

  • Fix regression with certificate verification for ECDSA signatures using the P-256 curve and SHA-384 (#118)
  • Set minimum version of time to 0.3.7 (#119)
  • Allow empty SEQUENCE when OPTIONAL, for ex in CRL extensions (#120)

Thanks

0.13.0

Added/Changed/Fixed

Crate:

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)