This repository was archived by the owner on Apr 8, 2025. It is now read-only.
This repository was archived by the owner on Apr 8, 2025. It is now read-only.
upgrade rustls to resolve RUSTSEC-2024-0336 #18
Open
Description
rustls 0.20 has a denial-of-service vulnerability, reported in RUSTSEC-2024-0336.
Because rustls 0.20 is no longer receiving fixes, a project including hyper-alpn (or a2) will set of alarms due to the unfixed vulnerability.
There are several open PRs (#15, #16) that attempt to upgrade the rustls dependency. Can one of those be merged?
Metadata
Metadata
Assignees
Labels
No labels