Closed github-actions[bot] closed 3 years ago
arr! macro erases lifetimes
generic-array
0.12.3
>=0.14.0
<0.8.0
Affected versions of this crate allowed unsoundly extending lifetimes using arr! macro. This may result in a variety of memory corruption scenarios, most likely use-after-free.
arr!
See advisory page for additional details.
This comes from an outdated sha2 in our ironcore-search-helpers
sha2
ironcore-search-helpers
ironoxide will now pull the patched version (0.12.4), so there's nothing more we have to do
ironoxide
generic-array
0.12.3
>=0.14.0
<0.8.0
Affected versions of this crate allowed unsoundly extending lifetimes using
arr!
macro. This may result in a variety of memory corruption scenarios, most likely use-after-free.See advisory page for additional details.