tarcieri
commented
2 weeks ago You might mention this issue on that thread as a heads up, i.e. "There's an open issue to file a security advisory for this"
Open gendx opened 2 weeks ago
tarcieri
commented
2 weeks ago You might mention this issue on that thread as a heads up, i.e. "There's an open issue to file a security advisory for this"
gendx
commented
1 week ago You might mention this issue on that thread as a heads up, i.e. "There's an open issue to file a security advisory for this"
Done.
There is a pull request open for almost a year on the
ppv-lite86to fix unsoundness: https://github.com/cryptocorrosion/cryptocorrosion/pull/72. I didn't see activity on the repository since November 2022, so this doesn't look like it will be addressed any time soon.Note that this is depended on by 14k crates, as it is a direct dependency of the
rand_chachacrate.