Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto merge of #13068 - rust-lang:renovate/crate-openssl-vulnerability…
…, r=weihanglo chore(deps): update rust crate openssl to 0.10.60 [security] [![Mend Renovate logo banner](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [openssl](https://togithub.com/sfackler/rust-openssl) | workspace.dependencies | patch | `0.10.57` -> `0.10.60` | ### GitHub Vulnerability Alerts #### [GHSA-xphf-cx8h-7q9g](https://togithub.com/sfackler/rust-openssl/issues/2096) This function returned a reference into an OpenSSL datastructure, but there was no way to ensure OpenSSL would not mutate the datastructure behind one's back. Use of this function should be replaced with `X509StoreRef::all_certificates`. --- ### Release Notes <details> <summary>sfackler/rust-openssl (openssl)</summary> ### [`v0.10.60`](https://togithub.com/sfackler/rust-openssl/releases/tag/openssl-v0.10.60) [Compare Source](https://togithub.com/sfackler/rust-openssl/compare/openssl-v0.10.59...openssl-v0.10.60) #### What's Changed - Correct off-by-one in minimum output buffer size computation by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2088 - Expose a few more (bad) ciphers in cipher::Cipher by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2084 - add temp key bindings by [`@​jmayclin](https://togithub.com/jmayclin)` in [sfackler/rust-openssl#2076 - Expose ChaCha20 on LibreSSL by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2093 - Revert "Correct off-by-one in minimum output buffer size computation" by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2090 - Added `update_unchecked` to `symm::Crypter` by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2100 - fixes [#​2096](https://togithub.com/sfackler/rust-openssl/issues/2096) -- deprecate `X509StoreRef::objects`, it is unsound by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2099 - Don't leak when overwriting ex data by [`@​sfackler](https://togithub.com/sfackler)` in [sfackler/rust-openssl#2102 - Release openssl v0.10.60 and openssl-sys v0.9.96 by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2104 **Full Changelog**: sfackler/rust-openssl@openssl-v0.10.59...openssl-v0.10.60 ### [`v0.10.59`](https://togithub.com/sfackler/rust-openssl/releases/tag/openssl-v0.10.59) [Compare Source](https://togithub.com/sfackler/rust-openssl/compare/openssl-v0.10.58...openssl-v0.10.59) #### What's Changed - Add binding to NID of Chacha20-Poly1305 cipher by [`@​Arnavion](https://togithub.com/Arnavion)` in [sfackler/rust-openssl#2081 - Fixed cfg for RSA_PSS by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2079 - fixes [#​2050](https://togithub.com/sfackler/rust-openssl/issues/2050) -- build and test on libressl 3.8.2 by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2082 - Release openssl v0.10.59 and openssl-sys v0.9.95 by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2083 #### New Contributors - [`@​Arnavion](https://togithub.com/Arnavion)` made their first contribution in [sfackler/rust-openssl#2081 **Full Changelog**: sfackler/rust-openssl@openssl-v0.10.58...openssl-v0.10.59 ### [`v0.10.58`](https://togithub.com/sfackler/rust-openssl/releases/tag/openssl-v0.10.58) [Compare Source](https://togithub.com/sfackler/rust-openssl/compare/openssl-v0.10.57...openssl-v0.10.58) #### What's Changed - LibreSSL 3.8.1 support by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2035 - Update vendored version to openssl 3 by [`@​amousset](https://togithub.com/amousset)` in [sfackler/rust-openssl#1925 - Test against 3.2.0-alpha1 by [`@​sfackler](https://togithub.com/sfackler)` in [sfackler/rust-openssl#2037 - Removed reference to non-existent method by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2039 - Bump CI to 1.1.1w by [`@​sfackler](https://togithub.com/sfackler)` in [sfackler/rust-openssl#2040 - \[openssl-sys] Add X509\_check\_{host,email,ip,ip_asc} fns by [`@​jgallagher](https://togithub.com/jgallagher)` in [sfackler/rust-openssl#2042 - Expose CBC mode for several more (bad) ciphers by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2045 - Expose two additional Pkey IDs by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2046 - Add support for CRL extensions and the Authority Information Access e… by [`@​AdmiralGT](https://togithub.com/AdmiralGT)` in [sfackler/rust-openssl#2003 - Fix clippy warnings produced by newer Rust by [`@​wiktor-k](https://togithub.com/wiktor-k)` in [sfackler/rust-openssl#2052 - Use osslconf on BoringSSL by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2056 - Make X509\_ALGOR opaque for LibreSSL by [`@​botovq](https://togithub.com/botovq)` in [sfackler/rust-openssl#2060 - Don't ignore ECDSA tests without GF2m support by [`@​botovq](https://togithub.com/botovq)` in [sfackler/rust-openssl#2061 - Clarify 'possible LibreSSL bug' by [`@​botovq](https://togithub.com/botovq)` in [sfackler/rust-openssl#2062 - Enable BN_mod_sqrt() for upcoming LibreSSL 3.8.2 by [`@​botovq](https://togithub.com/botovq)` in [sfackler/rust-openssl#2063 - Enable SHA-3 for LibreSSL 3.8.0 by [`@​botovq](https://togithub.com/botovq)` in [sfackler/rust-openssl#2064 - Remove DH_generate_parameters for LibreSSL 3.8.2 by [`@​botovq](https://togithub.com/botovq)` in [sfackler/rust-openssl#2065 - Use EVP_MD_CTX\_{new,free}() in LibreSSL 3.8.2 by [`@​botovq](https://togithub.com/botovq)` in [sfackler/rust-openssl#2067 - Enable HKDF support for LibreSSL >= 3.6.0 by [`@​botovq](https://togithub.com/botovq)` in [sfackler/rust-openssl#2066 - Two build script fixes for LibreSSL by [`@​botovq](https://togithub.com/botovq)` in [sfackler/rust-openssl#2068 - Respect OPENSSL_NO_OCB on AES functions by [`@​GuyLewin](https://togithub.com/GuyLewin)` in [sfackler/rust-openssl#2070 - Support OPENSSL_NO_SCRYPT by [`@​GuyLewin](https://togithub.com/GuyLewin)` in [sfackler/rust-openssl#2071 - Bump 3.2.0 beta by [`@​sfackler](https://togithub.com/sfackler)` in [sfackler/rust-openssl#2073 - add security level bindings by [`@​jmayclin](https://togithub.com/jmayclin)` in [sfackler/rust-openssl#2074 - Release openssl v0.10.58 and openssl-sys v0.9.94 by [`@​alex](https://togithub.com/alex)` in [sfackler/rust-openssl#2078 #### New Contributors - [`@​amousset](https://togithub.com/amousset)` made their first contribution in [sfackler/rust-openssl#1925 - [`@​jgallagher](https://togithub.com/jgallagher)` made their first contribution in [sfackler/rust-openssl#2042 - [`@​AdmiralGT](https://togithub.com/AdmiralGT)` made their first contribution in [sfackler/rust-openssl#2003 - [`@​botovq](https://togithub.com/botovq)` made their first contribution in [sfackler/rust-openssl#2060 - [`@​GuyLewin](https://togithub.com/GuyLewin)` made their first contribution in [sfackler/rust-openssl#2070 - [`@​jmayclin](https://togithub.com/jmayclin)` made their first contribution in [sfackler/rust-openssl#2074 **Full Changelog**: sfackler/rust-openssl@openssl-v0.10.57...openssl-v0.10.58 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/rust-lang/cargo). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy41OS44IiwidXBkYXRlZEluVmVyIjoiMzcuNTkuOCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciJ9-->
- Loading branch information