Bump openssl from 0.10.72 to 0.10.78#1421
Open
dependabot[bot] wants to merge 1 commit intomainfrom
Open
Conversation
dependabot
Bot
added
Changed
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
Coverage Report for CI Build 25210151577Coverage remained the same at 80.674%Details
Uncovered ChangesNo uncovered changes found. Coverage RegressionsNo coverage regressions found. Coverage Stats
💛 - Coveralls |
dependabot
Bot
force-pushed
the
dependabot/cargo/openssl-0.10.78
branch
from
881d061 to
d20846d
Compare
Bumps [openssl](https://github.com/rust-openssl/rust-openssl) from 0.10.72 to 0.10.78. - [Release notes](https://github.com/rust-openssl/rust-openssl/releases) - [Commits](rust-openssl/rust-openssl@openssl-v0.10.72...openssl-v0.10.78) --- updated-dependencies: - dependency-name: openssl dependency-version: 0.10.78 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/cargo/openssl-0.10.78
branch
from
d20846d to
a42fc5e
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps openssl from 0.10.72 to 0.10.78.
Release notes
Sourced from openssl's releases.
... (truncated)
Commits
a6debf5Release openssl v0.10.78 and openssl-sys v0.9.114 (#2609)09b425eCheck derive output buffer length on OpenSSL 1.1.x (#2606)826c388Error for short out in MdCtxRef::digest_final() (#2608)1d10902Validate callback-returned lengths in PSK and cookie trampolines (#2607)5af6895Reject oversized length returns from password callback trampoline (#2605)718d07ffix inverted bounds assertion in AES key unwrap (#2604)53cc69dAdd support for LibreSSL 4.3.x (#2603)0b41e79Fix dangling stack pointer in custom extension add callback (#2599)cbdedf8Avoid panic for overlong OIDs (#2598)1fc51efopenssl 4 support (#2591)Note
Medium Risk
Updates the
openssl/openssl-syscrates used for cryptographic operations; while change is limited to dependency versions, it can affect TLS/crypto behavior and native linking across platforms.Overview
Bumps the workspace
openssldependency to0.10.78and updates the lockfile accordingly (includingopenssl-systo0.9.114).No application code changes; this is a dependency refresh that pulls in upstream OpenSSL binding fixes and compatibility updates.
Reviewed by Cursor Bugbot for commit a42fc5e. Bugbot is set up for automated code reviews on this repo. Configure here.