Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 90743e7

Browse files
committed
Auto merge of #106685 - pietroalbini:pa-cve-stable, r=pietroalbini
[stable] Prepare Rust 1.66.1 and fix CVE-2022-46176 See https://blog.rust-lang.org/2023/01/10/cve-2022-46176.html r? `@ghost`
2 parents 69f9c33 + 7a70649 commit 90743e7

File tree

7 files changed

+68
-23
lines changed

7 files changed

+68
-23
lines changed

‎Cargo.lock

Lines changed: 50 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -194,6 +194,12 @@ dependencies = [
194194
"rustc-demangle",
195195
]
196196

197+
[[package]]
198+
name = "base64"
199+
version = "0.13.1"
200+
source = "registry+https://github.com/rust-lang/crates.io-index"
201+
checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8"
202+
197203
[[package]]
198204
name = "bitflags"
199205
version = "1.3.2"
@@ -288,10 +294,11 @@ dependencies = [
288294

289295
[[package]]
290296
name = "cargo"
291-
version = "0.67.0"
297+
version = "0.67.1"
292298
dependencies = [
293299
"anyhow",
294300
"atty",
301+
"base64",
295302
"bytesize",
296303
"cargo-platform 0.1.2",
297304
"cargo-test-macro",
@@ -309,6 +316,7 @@ dependencies = [
309316
"git2-curl",
310317
"glob",
311318
"hex 0.4.2",
319+
"hmac",
312320
"home",
313321
"humantime 2.0.1",
314322
"ignore",
@@ -336,6 +344,7 @@ dependencies = [
336344
"serde-value",
337345
"serde_ignored",
338346
"serde_json",
347+
"sha1",
339348
"shell-escape",
340349
"snapbox",
341350
"strip-ansi-escapes",
@@ -1004,11 +1013,12 @@ dependencies = [
10041013

10051014
[[package]]
10061015
name = "crypto-common"
1007-
version = "0.1.2"
1016+
version = "0.1.6"
10081017
source = "registry+https://github.com/rust-lang/crates.io-index"
1009-
checksum = "a4600d695eb3f6ce1cd44e6e291adceb2cc3ab12f20a33777ecd0bf6eba34e06"
1018+
checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
10101019
dependencies = [
10111020
"generic-array",
1021+
"typenum",
10121022
]
10131023

10141024
[[package]]
@@ -1095,12 +1105,13 @@ checksum = "524cbf6897b527295dff137cec09ecf3a05f4fddffd7dfcd1585403449e74198"
10951105

10961106
[[package]]
10971107
name = "digest"
1098-
version = "0.10.2"
1108+
version = "0.10.6"
10991109
source = "registry+https://github.com/rust-lang/crates.io-index"
1100-
checksum = "8cb780dce4f9a8f5c087362b3a4595936b2019e7c8b30f2c3e9a7e94e6ae9837"
1110+
checksum = "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f"
11011111
dependencies = [
11021112
"block-buffer",
11031113
"crypto-common",
1114+
"subtle",
11041115
]
11051116

11061117
[[package]]
@@ -1558,9 +1569,9 @@ dependencies = [
15581569

15591570
[[package]]
15601571
name = "git2"
1561-
version = "0.15.0"
1572+
version = "0.16.0"
15621573
source = "registry+https://github.com/rust-lang/crates.io-index"
1563-
checksum = "2994bee4a3a6a51eb90c218523be382fd7ea09b16380b9312e9dbe955ff7c7d1"
1574+
checksum = "be36bc9e0546df253c0cc41fd0af34f5e92845ad8509462ec76672fac6997f5b"
15641575
dependencies = [
15651576
"bitflags",
15661577
"libc",
@@ -1573,9 +1584,9 @@ dependencies = [
15731584

15741585
[[package]]
15751586
name = "git2-curl"
1576-
version = "0.16.0"
1587+
version = "0.17.0"
15771588
source = "registry+https://github.com/rust-lang/crates.io-index"
1578-
checksum = "ed817a00721e2f8037ba722e60358d4956dae9cca10315fc982f967907d3b0cd"
1589+
checksum = "7577f4e6341ba7c90d883511130a45b956c274ba5f4d205d9f9da990f654cd33"
15791590
dependencies = [
15801591
"curl",
15811592
"git2",
@@ -1676,6 +1687,15 @@ version = "0.4.2"
16761687
source = "registry+https://github.com/rust-lang/crates.io-index"
16771688
checksum = "644f9158b2f133fd50f5fb3242878846d9eb792e445c893805ff0e3824006e35"
16781689

1690+
[[package]]
1691+
name = "hmac"
1692+
version = "0.12.1"
1693+
source = "registry+https://github.com/rust-lang/crates.io-index"
1694+
checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e"
1695+
dependencies = [
1696+
"digest",
1697+
]
1698+
16791699
[[package]]
16801700
name = "home"
16811701
version = "0.5.3"
@@ -1963,9 +1983,9 @@ dependencies = [
19631983

19641984
[[package]]
19651985
name = "libgit2-sys"
1966-
version = "0.14.0+1.5.0"
1986+
version = "0.14.1+1.5.0"
19671987
source = "registry+https://github.com/rust-lang/crates.io-index"
1968-
checksum = "47a00859c70c8a4f7218e6d1cc32875c4b55f6799445b842b0d8ed5e4c3d959b"
1988+
checksum = "4a07fb2692bc3593bda59de45a502bb3071659f2c515e28c71e728306b038e17"
19691989
dependencies = [
19701990
"cc",
19711991
"libc",
@@ -4536,6 +4556,17 @@ dependencies = [
45364556
"digest",
45374557
]
45384558

4559+
[[package]]
4560+
name = "sha1"
4561+
version = "0.10.5"
4562+
source = "registry+https://github.com/rust-lang/crates.io-index"
4563+
checksum = "f04293dc80c3993519f2d7f6f511707ee7094fe0c6d3406feb330cdb3540eba3"
4564+
dependencies = [
4565+
"cfg-if 1.0.0",
4566+
"cpufeatures",
4567+
"digest",
4568+
]
4569+
45394570
[[package]]
45404571
name = "sha2"
45414572
version = "0.10.1"
@@ -4745,6 +4776,12 @@ version = "0.10.0"
47454776
source = "registry+https://github.com/rust-lang/crates.io-index"
47464777
checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623"
47474778

4779+
[[package]]
4780+
name = "subtle"
4781+
version = "2.4.1"
4782+
source = "registry+https://github.com/rust-lang/crates.io-index"
4783+
checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601"
4784+
47484785
[[package]]
47494786
name = "syn"
47504787
version = "1.0.102"
@@ -5106,9 +5143,9 @@ dependencies = [
51065143

51075144
[[package]]
51085145
name = "typenum"
5109-
version = "1.12.0"
5146+
version = "1.16.0"
51105147
source = "registry+https://github.com/rust-lang/crates.io-index"
5111-
checksum = "373c8a200f9e67a0c95e62a4f52fbf80c23b4381c05a17845531982fa99e6b33"
5148+
checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba"
51125149

51135150
[[package]]
51145151
name = "ucd-parse"

‎RELEASES.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,8 @@
1+
Version 1.66.1 (2023年01月10日)
2+
===========================
3+
4+
- Added validation of SSH host keys for git URLs in Cargo ([CVE-2022-46176](https://www.cve.org/CVERecord?id=CVE-2022-46176))
5+
16
Version 1.66.0 (2022年12月15日)
27
==========================
38

‎src/ci/docker/host-x86_64/x86_64-gnu-tools/checktools.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,6 @@ python3 "$X_PY" test --stage 2 src/tools/rustfmt
2727
python3 "$X_PY" test --stage 2 src/tools/miri
2828
# We natively run this script on x86_64-unknown-linux-gnu and x86_64-pc-windows-msvc.
2929
# Also cover some other targets (on both of these hosts) via cross-testing.
30-
python3 "$X_PY" test --stage 2 src/tools/miri --target i686-pc-windows-msvc
30+
#python3 "$X_PY" test --stage 2 src/tools/miri --target i686-pc-windows-msvc
3131
#FIXME(https://github.com/rust-lang/rust/issues/103519): macOS testing is currently disabled
3232
# python3 "$X_PY" test --stage 2 src/tools/miri --target aarch64-apple-darwin

‎src/ci/scripts/checkout-submodules.sh

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,8 @@ function fetch_github_commit_archive {
3636
rm $cached
3737
}
3838

39-
included="src/llvm-project src/doc/book src/doc/rust-by-example"
39+
#included="src/llvm-project src/doc/book src/doc/rust-by-example"
40+
included=""
4041
modules="$(git config --file .gitmodules --get-regexp '\.path$' | cut -d' ' -f2)"
4142
modules=($modules)
4243
use_git=""
@@ -60,9 +61,9 @@ done
6061
retry sh -c "git submodule deinit -f $use_git && \
6162
git submodule sync && \
6263
git submodule update -j 16 --init --recursive --depth 1 $use_git"
63-
STATUS=0
64-
for pid in ${bg_pids[*]}
65-
do
66-
wait $pid || STATUS=1
67-
done
68-
exit ${STATUS}
64+
#STATUS=0
65+
#for pid in ${bg_pids[*]}
66+
#do
67+
# wait $pid || STATUS=1
68+
#done
69+
#exit ${STATUS}

‎src/tools/tidy/src/deps.rs

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,7 @@ const EXCEPTIONS: &[(&str, &str)] = &[
4747
("dunce", "CC0-1.0"), // cargo (dev dependency)
4848
("similar", "Apache-2.0"), // cargo (dev dependency)
4949
("normalize-line-endings", "Apache-2.0"), // cargo (dev dependency)
50+
("subtle", "BSD-3-Clause"), // cargo
5051
];
5152

5253
const EXCEPTIONS_CRANELIFT: &[(&str, &str)] = &[
@@ -205,6 +206,7 @@ const PERMITTED_RUSTC_DEPENDENCIES: &[&str] = &[
205206
"snap",
206207
"stable_deref_trait",
207208
"stacker",
209+
"subtle",
208210
"syn",
209211
"synstructure",
210212
"tempfile",

‎src/version

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
1.66.0
1+
1.66.1

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /