Commit 40acc43
committed
bump libgit2
Fixes:
```
[cargo-make] INFO - Execute Command: "cargo" "shear"
Analyzing /home/runner/work/mpc/mpc
No unused dependencies!
[cargo-make] INFO - Running Task: cargo-deny
[cargo-make] INFO - Execute Command: "cargo" "deny" "--all-features" "check"
error[unsound]: Potential undefined behavior when dereferencing Buf struct
┌─ /home/runner/work/mpc/mpc/Cargo.lock:278:1
│
278 │ git2 0.20.2 registry+https://github.com/rust-lang/crates.io-index
│ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ unsound advisory detected
│
├ ID: RUSTSEC-2026-0008
├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0008
├ if we dereference the Buf struct right after calling new() or default() on Buf struct, it passes Null Pointer to the unsafe function slice::from_raw_parts. Based on the safety section documentation of function,
data must be non-null and aligned even for zero-length slices or slices of ZSTs. Thus, passing Null Pointer will lead to undefined behavior.
├ Announcement: rust-lang/git2-rs#1213
├ Solution: Upgrade to >=0.20.4 (try cargo update -p git2)
├ git2 v0.20.2
└── built v0.8.0
└── (build) mpc-node v3.4.0
└── backup-cli v3.4.0
advisories FAILED, bans ok, licenses ok, sources ok
```1 parent 21578a9 commit 40acc43
1 file changed
Lines changed: 4 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
0 commit comments