chore(bors): merge pull request #925

mayastor-bors · tiagolobocastro · mayastor-bors · commit cfc415908c3e · 2025-02-04T12:19:26.000Z
925: Security Advisory Updates r=tiagolobocastro a=tiagolobocastro security(GHSA-rpmj-rpgj-qmpm): update openssl crate advisory: GHSA-rpmj-rpgj-qmpm cve id: CVE-2025-24898 --- security(GHSA-h97m-ww89-6jmq): update url and idna crate advisory: GHSA-h97m-ww89-6jmq CVE ID: CVE-2024-12224 Co-authored-by: Tiago Castro <tiagolobocastro@gmail.com>
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/control-plane/agents/Cargo.toml b/control-plane/agents/Cargo.toml
@@ -57,7 +57,7 @@ opentelemetry = { version = "0.26.0" }
 tracing = "0.1.40"
 nix = { version = "0.29.0", default-features = false }
 prost-types = "0.13.3"
-url = "2.5.2"
+url = "2.5.4"
 
 grpc = { path = "../grpc" }
 shutdown = { path = "../../utils/shutdown" }
@@ -74,7 +74,7 @@ tokio-udev = { version = "0.9.1" }
 [dev-dependencies]
 deployer-cluster = { path = "../../utils/deployer-cluster" }
 events-api = { path = "../../utils/dependencies/apis/events" }
-url = "2.5.2"
+url = "2.5.4"
 once_cell = "1.20.2"
 
 [dependencies.serde]
diff --git a/control-plane/csi-driver/Cargo.toml b/control-plane/csi-driver/Cargo.toml
@@ -46,7 +46,7 @@ lazy_static = "1.5.0"
 serde_json = "1.0.132"
 snafu = "0.8.5"
 tower = { version = "0.5.1", features = ["timeout", "util"] }
-url = "2.5.2"
+url = "2.5.4"
 uuid = { version = "1.11.0", features = ["v4"] }
 which = "7.0.0"
 k8s-openapi = { version = "0.22.0", features = ["v1_24"] }
@@ -61,4 +61,4 @@ serde = { version = "1.0.214", features = ["derive"] }
 [target.'cfg(target_os="linux")'.dependencies]
 udev = "0.9.1"
 devinfo = { path = "../../utils/dependencies/devinfo" }
-sys-mount = { version = "3.0.1", default-features = false }
+sys-mount = { version = "3.0.1", default-features = false }
diff --git a/control-plane/rest/Cargo.toml b/control-plane/rest/Cargo.toml
@@ -32,7 +32,7 @@ clap = { version = "4.5.20", features = ["color", "derive", "env", "string"] }
 futures = "0.3.31"
 anyhow = "1.0.92"
 snafu = "0.8.5"
-url = "2.5.2"
+url = "2.5.4"
 http = "1.1.0"
 tinytemplate = "1.2.1"
 jsonwebtoken = "9.3.0"
diff --git a/control-plane/stor-port/Cargo.toml b/control-plane/stor-port/Cargo.toml
@@ -7,7 +7,7 @@ description = "Persistent store and transport associated information for the con
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-url = "2.5.2"
+url = "2.5.4"
 uuid = { version = "1.11.0", features = ["v4"] }
 strum = "0.26.3"
 strum_macros = "0.26.4"
diff --git a/k8s/proxy/Cargo.toml b/k8s/proxy/Cargo.toml
@@ -25,4 +25,4 @@ hyper-body = { path = "../../utils/hyper-body" }
 
 anyhow = "1.0.92"
 thiserror = "1.0.68"
-url = "2.5.2"
+url = "2.5.4"
diff --git a/utils/pstor/Cargo.toml b/utils/pstor/Cargo.toml
@@ -6,7 +6,7 @@ edition = "2021"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-url = "2.5.2"
+url = "2.5.4"
 uuid = { version = "1.11.0", features = ["v4"] }
 strum = "0.26.3"
 strum_macros = "0.26.4"
diff --git a/utils/utils-lib/Cargo.toml b/utils/utils-lib/Cargo.toml
@@ -19,7 +19,7 @@ opentelemetry_sdk = { version = "0.26.0", features = ["rt-tokio-current-thread"]
 opentelemetry-otlp = { version = "0.26.0" }
 opentelemetry-semantic-conventions = "0.26.0"
 
-url = "2.5.2"
+url = "2.5.4"
 strum = "0.26.3"
 strum_macros = "0.26.4"
 heck = "0.5.0"
