By default the oldtime feature is enabled, which brings in the deprecated version of time dependency, which exposes dependency the risk of CVE-2020-26235.
This fix manually disables the oldtime feature of chrono.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
By default the
oldtime
feature is enabled, which brings in the deprecated version oftime
dependency, which exposes dependency the risk of CVE-2020-26235.This fix manually disables the
oldtime
feature of chrono.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.