Skip to content

Commit

Permalink
Merge #307: Fix CVE-2020-26235 vulnerability
Browse files Browse the repository at this point in the history 
70a9a9e fix: [#306] fix CVE-2020-26235 vulnerability (Jose Celano)

Pull request description:

  Fix [CVE-2020-26235](GHSA-wcg3-cvx6-7396) vulnerability by removing the `chrono` package feature that was using the `time` pacakage version with the vulnerability.

Top commit has no ACKs.

Tree-SHA512: 98d335695436d886255511a5cacb603ec8686b078854d360b2c70ce0c8dd9249f2c231eea955defa38533694c4fb4427a3ee0fb52a3f5a29b5fcfe75b5554db5
  • Loading branch information
@josecelano
josecelano committed Apr 17, 2023
2 parents 93782b0 + 70a9a9e commit a1c3535
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 25 deletions.
28 changes: 4 additions & 24 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ openssl = { version = "0.10", features = ["vendored"] }
config = "0.13"
log = { version = "0.4", features = ["release_max_level_info"] }
fern = "0.6"
chrono = "0.4"
chrono = { version = "0.4.24", default-features = false, features = ["clock"] }
r2d2 = "0.8"
r2d2_mysql = "23.0"
r2d2_sqlite = { version = "0.21", features = ["bundled"] }
Expand Down

0 comments on commit a1c3535

Please sign in to comment.