chore(deps): bump crossbeam-deque from 0.8.0 to 0.8.1 #2962

yangby-cryptape · 2021-08-23T02:38:25Z

What problem does this PR solve?

Fix RUSTSEC-2021-0093.

Problem Summary:

In the affected version of this crate, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never popped. If tasks are allocated on the heap, this can cause double free and a memory leak. If not, this still can cause a logical bug.

Crates using Stealer::steal, Stealer::steal_batch, or Stealer::steal_batch_and_pop are affected by this issue.

Release note

None: Exclude this PR from the release note.

driftluo · 2021-08-23T05:26:15Z

bors r=driftluo,zhangsoledad

bors · 2021-08-23T05:57:26Z

Build succeeded:

ci

chore(deps): bump crossbeam-deque from 0.8.0 to 0.8.1

c31ea12

yangby-cryptape requested a review from a team as a code owner August 23, 2021 02:38

yangby-cryptape requested review from doitian and driftluo August 23, 2021 02:38

driftluo approved these changes Aug 23, 2021

View reviewed changes

zhangsoledad approved these changes Aug 23, 2021

View reviewed changes

bors bot merged commit adce2ba into nervosnetwork:develop Aug 23, 2021

yangby-cryptape deleted the pr/cargo/crossbeam-deque-0.8.1 branch August 27, 2021 02:59

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump crossbeam-deque from 0.8.0 to 0.8.1 #2962

chore(deps): bump crossbeam-deque from 0.8.0 to 0.8.1 #2962

yangby-cryptape commented Aug 23, 2021

driftluo commented Aug 23, 2021

bors bot commented Aug 23, 2021

chore(deps): bump crossbeam-deque from 0.8.0 to 0.8.1 #2962

chore(deps): bump crossbeam-deque from 0.8.0 to 0.8.1 #2962

Conversation

yangby-cryptape commented Aug 23, 2021

What problem does this PR solve?

Release note

driftluo commented Aug 23, 2021

bors bot commented Aug 23, 2021