Skip to content

Commit

Permalink
Update the dependencies
Browse files Browse the repository at this point in the history 
cargo-audit reports that we are using a vulnerable version of smallvec. Updating the dependencies fixes the issue.

devolutions-jet (master)> cargo audit
    Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 31 security advisories (from /home/sduquette/.cargo/advisory-db)
    Scanning Cargo.lock for vulnerabilities (218 crate dependencies)
error: Vulnerable crates found!

ID:	 RUSTSEC-2019-0009
Crate:	 smallvec
Version: 0.6.9
Date:	 2019-06-06
URL:	 servo/rust-smallvec#148
Title:	 Double-free and use-after-free in SmallVec::grow()
Solution: upgrade to: >= 0.6.10
  • Loading branch information
@sduquette-devolutions
sduquette-devolutions committed Jul 11, 2019
1 parent b90faef commit 97d70f4
Showing 1 changed file with 474 additions and 389 deletions.
Loading

0 comments on commit 97d70f4

Please sign in to comment.