Skip to content

update rustls-webpki to fix audit#48324

Merged
jkarneges merged 1 commit intomainfrom
jkarneges/audit-fix
Apr 21, 2026
Merged

update rustls-webpki to fix audit#48324
jkarneges merged 1 commit intomainfrom
jkarneges/audit-fix

Conversation

@jkarneges
Copy link
Copy Markdown
Member

@jkarneges jkarneges commented Apr 20, 2026
edited
Loading

Fixes:

Crate:     rustls-webpki
Version:   0.103.10
Title:     Name constraints for URI names were incorrectly accepted
Date:      2026-04-14
ID:        RUSTSEC-2026-0098
URL:       https://rustsec.org/advisories/RUSTSEC-2026-0098
Solution:  Upgrade to >=0.103.12, <0.104.0-alpha.1 OR >=0.104.0-alpha.6
Dependency tree:
rustls-webpki 0.103.10
└── rustls 0.23.37
    └── pushpin 1.42.0-dev

Crate:     rustls-webpki
Version:   0.103.10
Title:     Name constraints were accepted for certificates asserting a wildcard name
Date:      2026-04-14
ID:        RUSTSEC-2026-0099
URL:       https://rustsec.org/advisories/RUSTSEC-2026-0099
Solution:  Upgrade to >=0.103.12, <0.104.0-alpha.1 OR >=0.104.0-alpha.6

@jkarneges jkarneges requested a review from a team April 20, 2026 18:37
@jkarneges jkarneges merged commit 560f6f6 into main Apr 21, 2026
19 checks passed
@jkarneges jkarneges deleted the jkarneges/audit-fix branch April 21, 2026 14:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@deg4uss3r deg4uss3r deg4uss3r approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jkarneges @deg4uss3r