temporalio / sdk-python

Temporal Python SDK
MIT License
465 stars 69 forks source link

[Feature Request] Fix tonic Vulnerability by Updating Rust Package to Version 0.12.3 #671

Open rbtbar opened 2 weeks ago

rbtbar commented 2 weeks ago

Security scans have identified a vulnerability in one of the Rust dependencies. The current version of the package is affected by the following advisories:

GHSA-4jwc-w2hc-78qv CVE-2024-47609

If possible, package should be updated to version 0.12.3, which contains the necessary patches.

cretz commented 2 weeks ago

:+1: We will do this as part of our next Core upgrade