Auto merge of #110008 - klensy:deps-up-apr-06, r=Mark-Simulacrum - rust

diff options

author	bors <bors@rust-lang.org>	2023-04-10 06:53:15 +0000
committer	bors <bors@rust-lang.org>	2023-04-10 06:53:15 +0000
commit	7f7e8fbc99600eeb662a0321a778c56537ee4889 (patch)
tree	fced64a380fbd6cc7f6b45ea1ef98f6facb88570 /compiler/rustc_codegen_gcc/example/alloc_system.rs
parent	749b487be49b793dd713c429042b33262208f4f9 (diff)
parent	40b6095e88926801e002221d09e53f97cfb732f3 (diff)
download	rust-7f7e8fbc99600eeb662a0321a778c56537ee4889.tar.gz rust-7f7e8fbc99600eeb662a0321a778c56537ee4889.zip

Auto merge of #110008 - klensy:deps-up-apr-06, r=Mark-Simulacrum

bump few deps

Update few deps to fix security vulns, future incompatibilities, duplicates.

`jemalloc-sys` v0.5.0+5.3.0 -> v0.5.3+5.3.0-patched: fixes future-incompatibilities by dropping fs_extra (https://github.com/rust-lang-ci/rust/actions/runs/4626595610/jobs/8183514150#step:26:19499, https://github.com/tikv/jemallocator/blob/tikv-jemalloc-sys-0.5.3/CHANGELOG.md)

`openssl-src` v111.22.0+1.1.1q -> v111.25.0+1.1.1t: fixes few vulns:
https://www.openssl.org/news/vulnerabilities-1.1.1.html
https://www.cve.org/CVERecord?id=CVE-2022-4304
https://www.cve.org/CVERecord?id=CVE-2022-4450
https://www.cve.org/CVERecord?id=CVE-2023-0215
https://www.cve.org/CVERecord?id=CVE-2023-0286
There exist newer openssl version 1.1.1u with low severity vulns, but no crate update yet

`openssl` crate with deps 0.10.38 ->0.10.49 fixes vulns (https://github.com/sfackler/rust-openssl/blob/openssl-v0.10.49/openssl/CHANGELOG.md)
https://rustsec.org/advisories/RUSTSEC-2023-0022
https://rustsec.org/advisories/RUSTSEC-2023-0023
https://rustsec.org/advisories/RUSTSEC-2023-0024

update `env_logger` for `rustbook` and `cargo_metadata` for `tidy` to newer versions (still used by `rustfmt`, `miri`)

Diffstat (limited to 'compiler/rustc_codegen_gcc/example/alloc_system.rs')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: