Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[stable] Fix CVE-2024-43402 #129960

Merged
merged 3 commits into from
Sep 4, 2024
Merged

[stable] Fix CVE-2024-43402 #129960

merged 3 commits into from
Sep 4, 2024
+31 −7

Conversation

pietroalbini
Copy link
Member

Backport the fix for CVE-2024-43402 in the upcoming 1.81.0. See GHSA-2xg3-7mm6-98jj for more information about it.

This also includes #129944 as a last-minute fix to the relnotes.

cc @BoxyUwU as you are driving this release
r? @ghost

@rustbot rustbot added O-windows Operating system: Windows S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. T-libs Relevant to the library team, which will review and decide on the PR/issue. T-release Relevant to the release subteam, which will review and decide on the PR/issue. labels Sep 4, 2024
@pietroalbini pietroalbini marked this pull request as ready for review September 4, 2024 15:05
@pietroalbini
Copy link
Member Author

@bors r+ p=1000 rollup=never

@bors
Copy link
Contributor

bors commented Sep 4, 2024

📌 Commit b666f82 has been approved by pietroalbini

It is now in the queue for this repository.

@bors bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Sep 4, 2024
@pietroalbini pietroalbini mentioned this pull request Sep 4, 2024
Merged
@bors
Copy link
Contributor

bors commented Sep 4, 2024

⌛ Testing commit b666f82 with merge eeb90cd...

@pietroalbini pietroalbini mentioned this pull request Sep 4, 2024
Merged
@lqd
Copy link
Member

lqd commented Sep 4, 2024

Good luck with the CI gods, friend 🤞

@bors
Copy link
Contributor

bors commented Sep 4, 2024

☀️ Test successful - checks-actions
Approved by: pietroalbini
Pushing eeb90cd to stable...

@bors bors added the merged-by-bors This PR was explicitly merged by bors. label Sep 4, 2024
@bors bors merged commit eeb90cd into rust-lang:stable Sep 4, 2024
7 checks passed
@rustbot rustbot added this to the 1.81.0 milestone Sep 4, 2024
@pietroalbini pietroalbini deleted the pa-cve-2024-43402 branch September 4, 2024 17:38
@tgross35
Copy link
Contributor

tgross35 commented Sep 4, 2024

I'm in disbelief that the stable, beta and nightly PRs all made it in with no retries needed. Thanks Bors!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
merged-by-bors This PR was explicitly merged by bors. O-windows Operating system: Windows S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. T-libs Relevant to the library team, which will review and decide on the PR/issue. T-release Relevant to the release subteam, which will review and decide on the PR/issue.
Projects
None yet
Milestone
1.81.0
Development

Successfully merging this pull request may close these issues.
7 participants
@pietroalbini @bors @lqd @tgross35 @rustbot @ChrisDenton @Mark-Simulacrum