Closed sagiegurari closed 1 year ago
Chrono version used by this crate is really old and its using a really old time crate with a security issue (possible segmentation fault). see https://github.com/time-rs/time/issues/293 https://github.com/chronotope/chrono/issues/499
Severity:
A clear and concise description of the security vulnerability.
Add any other context about the problem here.
Thanks for reporting, fixed in 5.1.2
No, actually chrono is the latest version, the issue is that the latest version comes with the security issue if clock feature is not enabled.
clock
Description
Chrono version used by this crate is really old and its using a really old time crate with a security issue (possible segmentation fault). see https://github.com/time-rs/time/issues/293 https://github.com/chronotope/chrono/issues/499
Severity:
A clear and concise description of the security vulnerability.
Additional information
Add any other context about the problem here.