By default the oldtime feature is enabled, which brings in the deprecated version of time dependency, which exposes dependency the risk of CVE-2020-26235.
This fix manually disables the oldtime feature of chrono.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
progwriter
commented
1 year ago
By default the
oldtimefeature is enabled, which brings in the deprecated version oftimedependency, which exposes dependency the risk of CVE-2020-26235.This fix manually disables the
oldtimefeature of chrono.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.