In order to help downstream users who are still stuck on the 1.x series protect themselves from a security vulnerability in older versions of the nix crate (https://rustsec.org/advisories/RUSTSEC-2021-0119), this new patch release increases the minimum supported version of the nix crate, and contains no other changes. The previous zbus release in the 1.x series, 1.9.2, is already technically safe from the aforementioned vulnerability; however, due to complications regarding dependency specifications in old versions of the nix crate, many downstream users find themselves unable to use 1.9.2 (or worse, find that Cargo has selected a version that contains a vulnerable nix). This is anticipated to be the final release in the zbus 1.x series, unless a similarly severe security vulnerability is encountered. Users are encouraged to upgrade to the zbus 2.x series, none of which have ever been subject to the vulnerability in question.
In order to help downstream users who are still stuck on the 1.x series protect themselves from a security vulnerability in older versions of the nix crate (https://rustsec.org/advisories/RUSTSEC-2021-0119), this new patch release increases the minimum supported version of the nix crate, and contains no other changes. The previous zbus release in the 1.x series, 1.9.2, is already technically safe from the aforementioned vulnerability; however, due to complications regarding dependency specifications in old versions of the nix crate, many downstream users find themselves unable to use 1.9.2 (or worse, find that Cargo has selected a version that contains a vulnerable nix). This is anticipated to be the final release in the zbus 1.x series, unless a similarly severe security vulnerability is encountered. Users are encouraged to upgrade to the zbus 2.x series, none of which have ever been subject to the vulnerability in question.