Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update lockfile curl-sys #130938

Closed
wants to merge 1 commit into from

Conversation

daltenty
Copy link
Contributor

The current version of curl has a couple of CVEs reported against it:

CVE-2024-8096
CVE-2024-7264

so we should probably update it to a fixed version.

The current version of curl has a couple of CVEs reported against it:

CVE-2024-8096
CVE-2024-7264

so update it to a fixed version.
@rustbot
Copy link
Collaborator

rustbot commented Sep 27, 2024

Thanks for the pull request, and welcome! The Rust team is excited to review your changes, and you should hear from @Mark-Simulacrum (or someone else) some time within the next two weeks.

Please see the contribution instructions for more information. Namely, in order to ensure the minimum review times lag, PR authors and assigned reviewers should ensure that the review label (S-waiting-on-review and S-waiting-on-author) stays updated, invoking these commands when appropriate:

  • @rustbot author: the review is finished, PR author should check the comments and take action accordingly
  • @rustbot review: the author is ready for a review, this PR will be queued again in the reviewer's queue

@rustbot rustbot added the S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. label Sep 27, 2024
@rustbot
Copy link
Collaborator

rustbot commented Sep 27, 2024

These commits modify the Cargo.lock file. Unintentional changes to Cargo.lock can be introduced when switching branches and rebasing PRs.

If this was unintentional then you should revert the changes before this PR is merged.
Otherwise, you can ignore this comment.

@Noratrieb
Copy link
Member

huh, i'm confused by the diff... this should have been updated by #129624?

@Noratrieb
Copy link
Member

yeah, it's already updated on master??

rust/Cargo.lock

Line 843 in a3f76a2

name = "curl-sys"

somehow GitHub doesn't want to show that in the diff though, I thought it diffed with current master and not your base?

@Noratrieb
Copy link
Member

but yeah, it has already been updated. thank you though! though it would be funny to just merge it anyways

@daltenty
Copy link
Contributor Author

Ah, I guess that must have merged between the time I started and finished my PR. Thanks! I'll just close this off then.

@daltenty daltenty closed this Sep 27, 2024
@daltenty daltenty deleted the daltenty/update-curl-sys branch September 27, 2024 19:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
S-waiting-on-review Status: Awaiting review from the assignee but also interested parties.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants