Project

General

Profile

Actions

Bug #15597

closed

Update relayd dependencies to fix RUSTSEC-2019-0013

Added by Alexis Mousset over 4 years ago. Updated over 4 years ago.

Status:
Released
Priority:
N/A
Category:
Relay server or API
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:

Description

cd relayd && cargo audit
    Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 34 security advisories (from /home/jenkins/.cargo/advisory-db)
    Scanning Cargo.lock for vulnerabilities (273 crate dependencies)
error: Vulnerable crates found!

ID:     RUSTSEC-2019-0013
Crate:     spin
Version: 0.5.1
Date:     2019-08-27
URL:     https://github.com/mvdnes/spin-rs/issues/65
Title:     Wrong memory orderings in RwLock potentially violates mutual exclusion
Solution: upgrade to: >= 0.5.2
Actions

Also available in: Atom PDF