chore(deps): bump openssl from 0.10.66 to 0.10.70 in /src-tauri #361
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.66 to 0.10.70. - [Release notes](https://github.com/sfackler/rust-openssl/releases) - [Commits](sfackler/rust-openssl@openssl-v0.10.66...openssl-v0.10.70) --- updated-dependencies: - dependency-name: openssl dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
|
@dependabot squash and merge
…On Mon Feb 3, 2025 at 7:46 PM CET, dependabot[bot] wrote:
This automated pull request fixes a security vulnerability (moderate severity).
Learn more about Dependabot security updates.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Bumps openssl from 0.10.66 to 0.10.70.
Release notes
Sourced from openssl's releases.
openssl v0.10.70
What's Changed
□ Attempt to fix CI by pinning to the Ubuntu 22.04 image by @alex in sfackler/rust-openssl#
2357
□ Remove EC_METHOD and EC_GROUP_new for LibreSSL 4.1 by @botovq in sfackler/rust-openssl#
2356
□ Test against 3.4.0 final release by @alex in sfackler/rust-openssl#2359
□ Expose SslMethod::{dtls_client,dtls_server} by @alex in sfackler/rust-openssl#2358
□ Fix lifetimes in ssl::select_next_proto by @sfackler in sfackler/rust-openssl#2360
Full Changelog: ***@***.***
openssl v0.10.69
What's Changed
□ build(deps): Update openssl-macro to version 0.1.1 by @caspermeijn in sfackler/
rust-openssl#2324
□ Enable set_alpn_select_callback for BoringSSL by @ViktoriiaKovalova in sfackler/
rust-openssl#2327
□ Switch the test to use prime256v1 based key by @dcermak in sfackler/rust-openssl#2330
□ Expose EVP_DigestSqueeze from Hasher by @initsecret in sfackler/rust-openssl#2275
□ Expose SSL_CTX_load_verify_locations by @sfackler in sfackler/rust-openssl#2353
New Contributors
□ @caspermeijn made their first contribution in sfackler/rust-openssl#2324
□ @ViktoriiaKovalova made their first contribution in sfackler/rust-openssl#2327
Full Changelog: ***@***.***
openssl-v0.10.68
What's Changed
□ fixes #2317 -- restore compatibility with our MSRV and release openssl 0.9.68 by @alex in
sfackler/rust-openssl#2318
Full Changelog: ***@***.***
openssl-v0.10.67
What's Changed
□ Added a utility function to ensure we never have an issue with 0-length slices from
pointers again by @alex in sfackler/rust-openssl#2268
□ Fix CI for the latest rustc by @alex in sfackler/rust-openssl#2271
□ Add binding for EVP_DigestSqueeze by @initsecret in sfackler/rust-openssl#2270
□ libressl 4.0: const correctness for X509_LOOKUP_METHOD by @botovq in sfackler/rust-openssl
#2276
□ Bump hex dev-dependency version by @alex in sfackler/rust-openssl#2277
□ Raise bindgen version by @alex in sfackler/rust-openssl#2278
□ Ensure Rsa::check_key doesn't leave errors on the stack by @alex in sfackler/rust-openssl#
2279
□ Update some docs to use the corresponds macro by @rushilmehra in sfackler/rust-openssl#
2282
□ Don't leave errors on the stack in MdCtxRef::digest_verify_final by @alex in sfackler/
rust-openssl#2283
□ Adjustments for LibreSSL 4 by @botovq in sfackler/rust-openssl#2287
□ Explicit rustfmt config by @kornelski in sfackler/rust-openssl#2285
□ add basic EVP_KDF bindings by @reaperhulk in sfackler/rust-openssl#2289
□ add ossl3 thread pool bindings by @reaperhulk in sfackler/rust-openssl#2293
□ add argon2id support for ossl 3.2+ by @reaperhulk in sfackler/rust-openssl#2290
□ fix 3.2.0 thread support and simplify by @reaperhulk in sfackler/rust-openssl#2294
□ add libctx arg to argon2id by @reaperhulk in sfackler/rust-openssl#2295
... (truncated)
Commits
• a4d399b Release openssl v0.10.70
• c9a33e2 Release openssl-sys v0.9.105
• f014afb Merge pull request #2360 from sfackler/fix-alpn-lifetimes
• 8e6e30b Fix lifetimes in ssl::select_next_proto
• 1aff280 Merge pull request #2358 from alex/expose-dlts
• 16ca5b2 Merge pull request #2359 from sfackler/alex-patch-1
• 4c9fbb0 Test against 3.4.0 final release
• 5ecb31d Update openssl/src/ssl/mod.rs
• 4830f5b Expose SslMethod::{dtls_client,dtls_server}
• bab03c4 Merge pull request #2356 from botovq/rm-ec-method
• Additional commits viewable in compare view
Dependabot compatibility score
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can
also trigger a rebase manually by commenting @dependabot rebase.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the
same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of
the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more
for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more
for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for
this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
You can view, comment on, or merge this pull request online at:
#361
Commit Summary
• e318eea chore(deps): bump openssl from 0.10.66 to 0.10.70 in /src-tauri
File Changes
(1 file)
• M src-tauri/Cargo.lock (8)
Patch Links:
• https://github.com/woollygoods/huehuehue/pull/361.patch
• https://github.com/woollygoods/huehuehue/pull/361.diff
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.*Message ID: <woollygoods/
***@***.***>
--
Cedric Schwyter
Software Engineer | ***@***.*** | +41 76 683 52 72
Ringstrasse 145, 8107 Buchs, CH
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps openssl from 0.10.66 to 0.10.70.
Release notes
Sourced from openssl's releases.
... (truncated)
Commits
a4d399bRelease openssl v0.10.70c9a33e2Release openssl-sys v0.9.105f014afbMerge pull request #2360 from sfackler/fix-alpn-lifetimes8e6e30bFix lifetimes in ssl::select_next_proto1aff280Merge pull request #2358 from alex/expose-dlts16ca5b2Merge pull request #2359 from sfackler/alex-patch-14c9fbb0Test against 3.4.0 final release5ecb31dUpdate openssl/src/ssl/mod.rs4830f5bExposeSslMethod::{dtls_client,dtls_server}bab03c4Merge pull request #2356 from botovq/rm-ec-methodDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.