diff --git a/ci/do-audit.sh b/ci/do-audit.sh index 49c4510d7bb44f..771989d556b975 100755 --- a/ci/do-audit.sh +++ b/ci/do-audit.sh @@ -39,6 +39,15 @@ cargo_audit_ignores=( # URL: https://rustsec.org/advisories/RUSTSEC-2024-0344 # Solution: Upgrade to >=4.1.3 --ignore RUSTSEC-2024-0344 + + # Crate: tonic + # Version: 0.9.2 + # Title: Remotely exploitable Denial of Service in Tonic + # Date: 2024-10-01 + # ID: RUSTSEC-2024-0376 + # URL: https://rustsec.org/advisories/RUSTSEC-2024-0376 + # Solution: Upgrade to >=0.12.3 + --ignore RUSTSEC-2024-0376 ) scripts/cargo-for-all-lock-files.sh audit "${cargo_audit_ignores[@]}" | $dep_tree_filter # we want the `cargo audit` exit code, not `$dep_tree_filter`'s