diff options
| author | Linus Färnstrand <linus@mullvad.net> | 2024-03-21 10:41:04 +0100 |
|---|---|---|
| committer | Linus Färnstrand <linus@mullvad.net> | 2024-03-21 12:40:35 +0100 |
| commit | ffede2811f3c182db2bf8566d6c95b3f4e3cd6bb (patch) | |
| tree | bdfbb6c895300795172f5c3176e2f7aba085ac68 | |
| parent | b469ef65c4c8bde6b2dcf5f55f7fa4a8233d22d8 (diff) | |
| download | mullvadvpn-ffede2811f3c182db2bf8566d6c95b3f4e3cd6bb.tar.xz mullvadvpn-ffede2811f3c182db2bf8566d6c95b3f4e3cd6bb.zip | |
Upgrade aes-gcm to fix CVE-2023-42811
Only used via shadowsocks-rust, which is used for obfuscation by us. And
we don't rely on the cryptographic security of obfuscation anyway, so
this is not harmful to us, but good to upgrade away from vulns
https://osv.dev/vulnerability/CVE-2023-42811
| -rw-r--r-- | Cargo.lock | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/Cargo.lock b/Cargo.lock index 6ab3fc3104..078b11522c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -40,9 +40,9 @@ dependencies = [ [[package]] name = "aes-gcm" -version = "0.10.2" +version = "0.10.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "209b47e8954a928e1d72e86eca7000ebb6655fe1436d33eefc2201cad027e237" +checksum = "831010a0f742e1209b3bcea8fab6a8e149051ba6099432c8cb2cc117dec3ead1" dependencies = [ "aead", "aes", |