Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crono not maintaned - CVE-2020-26235 in time #44

Closed
acim opened this issue Oct 11, 2021 · 2 comments
Closed

crono not maintaned - CVE-2020-26235 in time #44

acim opened this issue Oct 11, 2021 · 2 comments

Comments

@acim
Copy link

acim commented Oct 11, 2021

crono depends on vulnerable version of time and it seems not to be well maintained. Could you maybe replace it completely with some newer version of time as suggested here.
@blackbeam
Copy link
Owner

blackbeam commented Oct 12, 2021
edited
Loading

Hi.
Thanks, I'll remove chrono from the default set of features in the next release (as well as the time v2).
For now you can disable it yourself. For this you need to add mysql_common as an explicit dependency into your create and override the default set of features.

@jxs jxs mentioned this issue Dec 11, 2021
Merged
@blackbeam
Copy link
Owner

blackbeam commented Dec 17, 2021
edited
Loading

v0.28.0 disables chrono and time features by default.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@blackbeam @acim