Skip to content

Commit 4ab8747

Browse files
jhartquistCopilot
jhartquist
and
Copilot
committed
Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
1 parent ee6f697 commit 4ab8747

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

CHANGELOG.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ All notable changes to this project will be documented in this file. Format base
66

77
### Security
88

9-
- Python: bump `pyo3` and `numpy` (rust-numpy) from 0.28 to 0.29, resolving RUSTSEC-2026-0176 (out-of-bounds read in `PyList` / `PyTuple` iterators) and RUSTSEC-2026-0177 (missing `Sync` bound on `PyCFunction::new_closure`). The bindings never call the affected APIs, so the shipped wheel was not exploitable; this clears `cargo audit` and `pip-audit`. No public API changes.
9+
- Python: bump `pyo3` and `numpy` (rust-numpy) from 0.28 to 0.29, resolving RUSTSEC-2026-0176 (out-of-bounds read in `PyList` / `PyTuple` iterators) and RUSTSEC-2026-0177 (missing `Sync` bound on `PyCFunction::new_closure`). The bindings never call the affected APIs, so the shipped wheel was not exploitable; this clears `cargo audit`. No public API changes.
1010

1111
## [0.1.1] - 2026-04-24
1212

0 commit comments

Comments
 (0)