Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[stable] Update point release to fix CVE-2023-38497 #114410

Merged
merged 2 commits into from
Aug 3, 2023
Merged

[stable] Update point release to fix CVE-2023-38497 #114410

merged 2 commits into from
Aug 3, 2023

Conversation

pietroalbini
Copy link
Member

This PR fixes CVE-2023-38497 on stable, by updating Cargo to a fixed version.

r? @ghost
cc @rust-lang/release

@rustbot rustbot added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-release Relevant to the release subteam, which will review and decide on the PR/issue. labels Aug 3, 2023
@rustbot
Copy link
Collaborator

rustbot commented Aug 3, 2023

Some changes occurred in src/tools/cargo

cc @ehuss

@pietroalbini
Copy link
Member Author

@bors r+ p=1000 rollup=never

@bors
Copy link
Contributor

bors commented Aug 3, 2023

📌 Commit 64611e1 has been approved by pietroalbini

It is now in the queue for this repository.

@bors bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Aug 3, 2023
@pietroalbini pietroalbini mentioned this pull request Aug 3, 2023
Merged
@bors
Copy link
Contributor

bors commented Aug 3, 2023

⌛ Testing commit 64611e1 with merge eb26296...

@bors
Copy link
Contributor

bors commented Aug 3, 2023

💥 Test timed out

@bors bors added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. and removed S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. labels Aug 3, 2023
@pietroalbini
Copy link
Member Author

@bors retry

@bors bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Aug 3, 2023
@bors
Copy link
Contributor

bors commented Aug 3, 2023

⌛ Testing commit 64611e1 with merge 792c9bcac96b57cb3356f8851aa152e7453cff0a...

@pietroalbini pietroalbini merged commit eb26296 into rust-lang:stable Aug 3, 2023
11 checks passed
@rustbot rustbot added this to the 1.71.1 milestone Aug 3, 2023
@pietroalbini pietroalbini deleted the pa-cve-2023-38497-stable branch August 3, 2023 16:55
@pietroalbini
Copy link
Member Author

Manually pushed eb26296b556cef10fb713a38f3d16b9886080f26 to stable: it timed out on the bors side, but the Ci build finished successfully, so we have full artifacts for it.

@rust-log-analyzer
Copy link
Collaborator

A job failed! Check out the build log: (web) (plain)

Click to see the possible cause of the failure (guessed by this bot)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. T-release Relevant to the release subteam, which will review and decide on the PR/issue.
Projects
None yet
Milestone
1.71.1
Development

Successfully merging this pull request may close these issues.
4 participants
@pietroalbini @rustbot @bors @rust-log-analyzer