Closed huitseeker closed 3 years ago
Thanks @huitseeker, looks great! Any chance you can try updating tracing to handle the vulnerability notice?
@kobigurk that would require updating you forks, not this PR:
Crate: smallvec
Version: 1.4.2
Title: Buffer overflow in SmallVec::insert_many
Date: 2021-01-08
ID: RUSTSEC-2021-0003
URL: https://rustsec.org/advisories/RUSTSEC-2021-0003
Solution: Upgrade to >=0.6.14, <1.0.0 OR >=1.6.1
Dependency tree:
smallvec 1.4.2
??? tracing-subscriber 0.2.15
? ??? r1cs-core 0.1.1-alpha.0
? ? ??? r1cs-std 0.1.1-alpha.0
? ? ? ??? epoch-snark 0.2.0
? ? ? ? ??? bls-snark-sys 0.2.0
? ? ? ??? crypto-primitives 0.1.1-alpha.0
? ? ? ? ??? epoch-snark 0.2.0
? ? ? ? ??? bls-gadgets 0.2.0
? ? ? ? ? ??? epoch-snark 0.2.0
? ? ? ? ??? bls-crypto 0.2.0
? ? ? ? ??? epoch-snark 0.2.0
? ? ? ? ??? bls-snark-sys 0.2.0
? ? ? ? ??? bls-gadgets 0.2.0
? ? ? ??? bls-snark-sys 0.2.0
? ? ? ??? bls-gadgets 0.2.0
? ? ??? groth16 0.1.1-alpha.0
? ? ? ??? epoch-snark 0.2.0
? ? ? ??? crypto-primitives 0.1.1-alpha.0
? ? ? ??? bls-snark-sys 0.2.0
? ? ? ??? bls-gadgets 0.2.0
? ? ??? gm17 0.1.1-alpha.0
? ? ? ??? crypto-primitives 0.1.1-alpha.0
? ? ??? epoch-snark 0.2.0
? ? ??? crypto-primitives 0.1.1-alpha.0
? ? ??? bls-snark-sys 0.2.0
? ? ??? bls-gadgets 0.2.0
? ??? epoch-snark 0.2.0
? ??? bls-gadgets 0.2.0
??? peekmore 0.5.6
??? algebra-core 0.1.1-alpha.0
??? r1cs-core 0.1.1-alpha.0
??? groth16 0.1.1-alpha.0
??? gm17 0.1.1-alpha.0
??? ff-fft 0.1.1-alpha.0
? ??? groth16 0.1.1-alpha.0
? ??? gm17 0.1.1-alpha.0
? ??? crypto-primitives 0.1.1-alpha.0
??? epoch-snark 0.2.0
??? crypto-primitives 0.1.1-alpha.0
??? bls-gadgets 0.2.0
??? algebra 0.1.1-alpha.0
??? r1cs-std 0.1.1-alpha.0
??? epoch-snark 0.2.0
??? bls-snark-sys 0.2.0
??? bls-gadgets 0.2.0
??? bls-crypto 0.2.0
@huitseeker catching up on this - you can update smallvec
by running cargo update -p smallvec
, which worked for me locally
Thanks @huitseeker! cc @mstraka100 to rebase on this for the arkworks migration.
Description
A few panics can seamlessly be folded in the Error case of their enclosing Result