build(deps): bump openssl from 0.10.78 to 0.10.79#10513
Conversation
Bumps [openssl](https://github.com/rust-openssl/rust-openssl) from 0.10.78 to 0.10.79. - [Release notes](https://github.com/rust-openssl/rust-openssl/releases) - [Commits](rust-openssl/rust-openssl@openssl-v0.10.78...openssl-v0.10.79) --- updated-dependencies: - dependency-name: openssl dependency-version: 0.10.79 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
|
@dependabot[bot] I'm starting a first review of this pull request. You can view the conversation on Warp. I completed the review and no human review was requested for this pull request. Comment Powered by Oz |
![oz-for-oss[bot]](https://avatars.githubusercontent.com/in/3450139?s=60&v=4){kind=small}
There was a problem hiding this comment.
Overview
This Dependabot PR updates the locked openssl crate from 0.10.78 to 0.10.79 and openssl-sys from 0.9.114 to 0.9.115. The diff is limited to Cargo.lock, removes the transitive once_cell dependency from openssl, and keeps both crates pinned to crates.io checksums.
Concerns
- No correctness or security concerns found in the changed lockfile entries. The upstream MSRV bump to Rust 1.80 is compatible with this repository's pinned Rust 1.92.0 toolchain.
Verdict
Found: 0 critical, 0 important, 0 suggestions
Approve
Comment /oz-review on this pull request to retrigger a review (up to 3 times on the same pull request).
Powered by Oz
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 participant
Bumps openssl from 0.10.78 to 0.10.79.
Release notes
Sourced from openssl's releases.
Commits
649f2d9Release openssl 0.10.79 and openssl-sys 0.9.115 (#2632)257f9b2Fix output buffer overflow for AES key-wrap-with-padding ciphers (#2630)d43e917Reject non-UTF-8 OCSP responder URLs in X509Ref::ocsp_responders (#2631)f46519cAdd PkeyCtxRef::set_context_string for ML-DSA (#2629)ad9ae31Bind OSSL_PARAM_modified and use it for seed_into (#2628)4e25c9bFix process abort when verify/PSK callbacks fire after SSL_CTX swap (#2624)3dd8f42Add PKeyRef::seed_into for ML-DSA/ML-KEM seed extraction (#2626)2c5e5a8parallelize more builds in CI for cold caches (#2625)6685591Add PKey::private_key_from_seed for ML-DSA/ML-KEM key import (#2621)8f8fdceDrop once_cell in favor of std::sync::{LazyLock, OnceLock} (#2623)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.