Skip to content

Commit

Permalink
Bump our use of ed25519-dalek 2.0.0-rc3
Browse files Browse the repository at this point in the history
We were not vulnerable to the "Double Public Key Signing Function
Oracle Attack on `ed25519-dalek`" either way, since it was fixed
at 2.0.0-rc2.
See dalek-cryptography/ed25519-dalek#205

Ref: https://rustsec.org/advisories/RUSTSEC-2022-0093
  • Loading branch information
MOZGIII committed Aug 15, 2023
1 parent 431247a commit 603c64b
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 8 deletions.
14 changes: 7 additions & 7 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion crates/robonode-crypto/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ edition = "2021"
publish = false

[dependencies]
ed25519-dalek = { version = "2.0.0-rc.3", default-features = false, features = ["rand_core", "zeroize"] }
ed25519-dalek = { version = "2", default-features = false, features = ["rand_core", "zeroize"] }

[dev-dependencies]
hex-literal = "0.4.1"
Expand Down

0 comments on commit 603c64b

Please sign in to comment.