Open GreeFine opened 2 months ago
When auditing my crate, I found out that this package needed an update.
Crate: rustls Version: 0.20.9 Title: rustls::ConnectionCommon::complete_io could fall into an infinite loop based on network input Date: 2024-04-19 ID: RUSTSEC-2024-0336 URL: https://rustsec.org/advisories/RUSTSEC-2024-0336 Severity: 7.5 (high) Solution: Upgrade to >=0.23.5 OR >=0.22.4, <0.23.0 OR >=0.21.11, <0.22.0 Dependency tree: rustls 0.20.9 └── rustls-ffi 0.8.2 . └── curl-sys 0.4.72+curl-8.6.0 . . └── curl 0.4.46 . . . └── faker 0.1.0
rustls::ConnectionCommon::complete_io
I updated rustls-ffi to the latest version, and it seems to work with no additional changes.
What I did to test:
When auditing my crate, I found out that this package needed an update.
I updated rustls-ffi to the latest version, and it seems to work with no additional changes.
What I did to test: