Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security updates for rand, image, nalgebra versions in Cargo.toml #142

Closed
wants to merge 8 commits into from
Closed

Security updates for rand, image, nalgebra versions in Cargo.toml #142

wants to merge 8 commits into from

Conversation

ghost
Copy link

@ghost ghost commented Jul 7, 2021

Updated rand version to avoid vulnerability discovered here among others
Updated image version to correct vulnerability found here
Updated nalgebra to remove this vulnerability
Updated glutin to avoid several dependent vulnerabilities

mend-bolt-for-github bot and others added 4 commits July 7, 2021 08:51
@mend-bolt-for-github
Add .whitesource configuration file
4201b30
Updated rand, image, nalgebra versions in Cargo.toml
c7e263b 
Updated rand version to avoid vulnerability discovered here https://rustsec.org/advisories/RUSTSEC-2019-0035.html
Updated image version to correct bugs found here https://rustsec.org/advisories/RUSTSEC-2020-0073.html
Updated nalgebra to remove this vulnerability https://rustsec.org/advisories/RUSTSEC-2021-0070.html
Updated glutin to avoid several dependent vulnerabilities
Updated references to winit
fdc6e40 
Changed references from winit to glutin to remove errors from updating glutin
Updated references to winit and .to_rgba
802a3d2 
Changed references from winit to glutin to remove errors from updating glutin. Also changed deprecated function .to_rgba to .rgba8.
@ghost ghost marked this pull request as draft July 7, 2021 11:49
@ghost ghost marked this pull request as ready for review July 7, 2021 15:12
@PvdBerg1998
Copy link
Contributor

Ran into the issue of having an outdated version of image in coffee. @hecrj

@ghost ghost closed this by deleting the head repository Apr 2, 2023
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@PvdBerg1998