Skip to content

Security patch release

Pre-release
Pre-release
Compare
Choose a tag to compare
@mdegans mdegans released this 02 Feb 00:22
1b18339

This git-only patch release addresses a security vulnerability in the nix crate upstream used by the socketcan crate, version 1.7.0. There doesn't appear to be an exploit chain that could make either socketcan or jeep dangerous, however in the interest of caution, and to silence dependabot, users of this crate might wish to pin this repo and commit hash in their Cargo.toml rather than the one on crates.io. A fix to socketcan has been submitted upstream. 0.0.3 will be the next crates.io release.

What's Changed

Full Changelog: 0.0.1...0.0.2