Skip to content

Commit

Permalink
Merge pull request #308 from himmelblau-idm/stable-0.6.x_CVE-2024-11738
Browse files Browse the repository at this point in the history 
Fix CVE-2024-11738: rustls network-reachable panic in `Acceptor::accept`
  • Loading branch information
@dmulder
dmulder authored Dec 2, 2024
2 parents 721a178 + 6fa2c29 commit c730a21
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ members = [
resolver = "2"

[workspace.package]
version = "0.6.15"
version = "0.6.16"
authors = [
"David Mulder <[email protected]>"
]
Expand Down Expand Up @@ -52,6 +52,7 @@ os-release = "^0.1.0"
jsonwebtoken = "^9.2.0"
zeroize = "^1.7.0"
idmap = { path = "src/idmap" }
rustls = ">=0.23.19" # CVE-2024-11738

# Kanidm deps
argon2 = { version = "0.5.2", features = ["alloc"] }
Expand All @@ -77,7 +78,7 @@ tracing-forest = "^0.1.6"
rusqlite = "^0.32.0"
hashbrown = { version = "0.14.0", features = ["serde", "inline-more", "ahash"] }
lru = "^0.12.3"
kanidm_lib_crypto = { path = "./src/crypto", version = "0.6.15" }
kanidm_lib_crypto = { path = "./src/crypto", version = "0.6.16" }
kanidm_utils_users = { path = "./src/users" }
walkdir = "2"
csv = "1.2.2"
Expand Down

0 comments on commit c730a21

Please sign in to comment.