Closed ijackson closed 1 year ago
Hi. When I read the Rust upstream reports about the cargo vuln, I was surprised and investigated what the underlying bug is. It appears to me to be in git2-rs, and I think other callers will be affected.
git2-rs
So I have filed https://github.com/rustsec/advisory-db/pull/1518.
I think it might be nice to publish a git2-rs version 0.15.1 which at least changes the default behaviour.
0.15.1
Closing per the discussion at https://github.com/rustsec/advisory-db/pull/1520.
Hi. When I read the Rust upstream reports about the cargo vuln, I was surprised and investigated what the underlying bug is. It appears to me to be in
git2-rs
, and I think other callers will be affected.So I have filed https://github.com/rustsec/advisory-db/pull/1518.
I think it might be nice to publish a
git2-rs
version0.15.1
which at least changes the default behaviour.