This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
should aws-smithy-client care webpki dos attack risk #2947
Comments
|
I think once rustls has changed its minimum version, we will update the minimum version of rustls. For now, you can fix this for your project by running |
thx, I have another question, I find that in mr #2675 removed the native-tls, and replace by rustls, why do that, does rustls is reliable than native-tls, I'm confused which one to use is the best choose. can you give some suggestions for me, very thx ... |
|
Answered in #2675 |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
https://rustsec.org/advisories/RUSTSEC-2023-0052.html rustsec report one risk on webpki, and webpki fix it in latest version https://github.com/rustls/webpki/releases/tag/v%2F0.101.4
should aws-smithy-client care about this risk and update webpki which used by rustls ( although rustls has not update webpki for now)
The text was updated successfully, but these errors were encountered: