Skip to content

Resolve today's new cargo-audit errors

Nick Mathewson requested to merge nickm/arti:audit-updates into main

To resolve the openssl error (https://rustsec.org/advisories/RUSTSEC-2023-0072) we just upgrade to a more recent openssl.

To resolve the rsa error, we add an exception to our cargo-audit script: Our use of the rsa crate is safe because we don't do any private-key rsa operations. (There is not yet a fixed constant-time version of the rsa crate.)

Edited by Nick Mathewson

Merge request reports

Loading