Open gendx opened 2 weeks ago
You might mention this issue on that thread as a heads up, i.e. "There's an open issue to file a security advisory for this"
You might mention this issue on that thread as a heads up, i.e. "There's an open issue to file a security advisory for this"
Done.
There is a pull request open for almost a year on the
ppv-lite86
to fix unsoundness: https://github.com/cryptocorrosion/cryptocorrosion/pull/72. I didn't see activity on the repository since November 2022, so this doesn't look like it will be addressed any time soon.Note that this is depended on by 14k crates, as it is a direct dependency of the
rand_chacha
crate.