Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cargo: update hyper to v0.9.18 #2686

Merged
merged 3 commits into from Jan 15, 2018
Merged

Cargo: update hyper to v0.9.18 #2686

merged 3 commits into from Jan 15, 2018

Conversation

overvenus
Copy link
Member

@overvenus overvenus commented Jan 15, 2018
edited

Update hyper in order to fix a vulnerability of hyper:

The vulnerability of hyper:

ID: RUSTSEC-2017-0002
Crate: hyper
Version: 0.9.10
Date: 2017-01-23
URL: https://github.com/hyperium/hyper/wiki/Security-001
Title: headers containing newline characters can split messages
Solution: upgrade to: >= 0.10.2, < 0.10.0, >= 0.9.18

@ngaut
Copy link
Member

ngaut commented Jan 15, 2018

LGTM

huachaohuang
huachaohuang approved these changes Jan 15, 2018
View reviewed changes
Copy link
Contributor

@huachaohuang huachaohuang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@siddontang
Copy link
Contributor

Does Prometheus need to do it? @overvenus

CI failed

@overvenus
Copy link
Member Author

/rebuild

@overvenus
Copy link
Member Author

@siddontang
No, Prometheus is fine. It only affects crates that keep the Cargo.lock and the hyper's version is lower than 0.9.18.

@siddontang
Copy link
Contributor

LGTM

@overvenus overvenus merged commit bc84f1b into tikv:master Jan 15, 2018
@overvenus overvenus deleted the update-hyper branch January 15, 2018 11:30
overvenus added a commit to overvenus/tikv that referenced this pull request Jan 15, 2018
@overvenus
Cargo: update hyper to v0.9.18 (tikv#2686)
f412609
overvenus added a commit that referenced this pull request Jan 18, 2018
@overvenus
Cherry pick several bug fixes (#2688)
2949e08 
* Cargo: update prometheus to v0.3.7 (#2684)

* Cargo: update hyper to v0.9.18 (#2686)

* pd: cancel call when refreshing client (#2669)

* ci-build/test.sh: add execute permission (#2472)
sticnarf pushed a commit to sticnarf/tikv that referenced this pull request Oct 27, 2019
@overvenus
Cargo: update hyper to v0.9.18 (tikv#2686)
3a2516f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@huachaohuang huachaohuang huachaohuang approved these changes

@siddontang siddontang Awaiting requested review from siddontang

@BusyJay BusyJay Awaiting requested review from BusyJay

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@overvenus @ngaut @siddontang @huachaohuang