Issue with owning_ref

betarelease · August 2, 2022, 9:40pm

We are using libp2p rust and just ran into this issue where cargo audit failed.
When I looked into it I found that owning_ref has a vulnerability that was discovered on Jan 26 2022 which has not yet been fixed but we are noticing this issue now.

Have you faced this problem? Do you have a fix you can share?

Thanks,
Sudhindra.

betarelease · August 2, 2022, 9:41pm

mxinden · August 3, 2022, 8:24am

Hi @betarelease,

Thanks for raising this. Let’s move the discussion to RUSTSEC-2022-0040: Multiple soundness issues in `owning_ref` · Issue #2794 · libp2p/rust-libp2p · GitHub

Topic		Replies	Views
Help with Prometheus_client Implementers and Contributors	5	354	August 8, 2022
About the rust category rust	5	1450	November 16, 2020
1st rust-libp2p Communtiy Call News and announcements	2	394	August 8, 2022
Questions regarding peer discovery in libp2p Users and Developers	0	302	May 31, 2022
7th rust-libp2p open maintainers call News and announcements	1	339	November 7, 2022

Issue with owning_ref

Related topics