Skip to content

Update aws-lc-sys and rustls-webpki to fix security vulnerabilities#455

Merged
Keruspe merged 1 commit intoamqp-rs:mainfrom
suryapandian:fix/update-vulnerable-deps
Mar 29, 2026
Merged

Update aws-lc-sys and rustls-webpki to fix security vulnerabilities#455
Keruspe merged 1 commit intoamqp-rs:mainfrom
suryapandian:fix/update-vulnerable-deps

Conversation

@suryapandian
Copy link
Copy Markdown
Contributor

@suryapandian suryapandian commented Mar 28, 2026

Summary

  • aws-lc-sys 0.38.0 → 0.39.1 — fixes RUSTSEC-2026-0044 (X.509 Name Constraints Bypass) and RUSTSEC-2026-0048 (CRL Distribution Point Scope Check Logic Error)
  • rustls-webpki 0.103.9 → 0.103.10 — fixes RUSTSEC-2026-0049 (CRLs not considered authoritative by Distribution Point)

Test plan

  • CI passes with updated lockfile

🤖 Generated with Claude Code

@suryapandian @claude
Update aws-lc-sys and rustls-webpki to fix security vulnerabilities
5f54c0d 
- aws-lc-sys 0.38.0 -> 0.39.1 (RUSTSEC-2026-0044, RUSTSEC-2026-0048)
- rustls-webpki 0.103.9 -> 0.103.10 (RUSTSEC-2026-0049)

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>
@suryapandian suryapandian marked this pull request as draft March 28, 2026 22:21
@suryapandian suryapandian mentioned this pull request Mar 28, 2026
Merged
@suryapandian suryapandian marked this pull request as ready for review March 29, 2026 17:29
@Keruspe Keruspe merged commit 4f0deb6 into amqp-rs:main Mar 29, 2026
9 checks passed
@suryapandian suryapandian deleted the fix/update-vulnerable-deps branch March 29, 2026 19:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@suryapandian @Keruspe