Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade crypto library to version 0.31.0 #80

Merged
merged 1 commit into from
Jan 7, 2025
Merged

Upgrade crypto library to version 0.31.0 #80

merged 1 commit into from
Jan 7, 2025

Conversation

omordyk
Copy link
Contributor

@omordyk omordyk commented Dec 12, 2024

CVE-2024-45337
Applications and libraries which misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass.
Description: #79
Test:
Screenshot 2024-12-12 at 15 19 49

geforcelive2
geforcelive2 previously approved these changes Dec 13, 2024
Copy link

@geforcelive2 geforcelive2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@omordyk
Copy link
Contributor Author

omordyk commented Dec 13, 2024

@bencourliss pls merge

@naphelps naphelps dismissed geforcelive2’s stale review January 2, 2025 17:23

The merge-base changed after approval.

Copy link
Member

@naphelps naphelps left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@omordyk The Vault version change present in your git history needs to be rebased out. Alternatively, you can create your changes over with a fresh branch from the main branch.

@omordyk
Copy link
Contributor Author

omordyk commented Jan 7, 2025

@naphelps rebased

@omordyk omordyk requested a review from naphelps January 7, 2025 15:32
@naphelps naphelps merged commit e0df8dc into master Jan 7, 2025
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants