Skip to content

Security patch release

Pre-release
Pre-release
Compare
Choose a tag to compare
@mdegans mdegans released this 02 Feb 00:22
0.0.2
1b18339
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

This git-only patch release addresses a security vulnerability in the nix crate upstream used by the socketcan crate, version 1.7.0. There doesn't appear to be an exploit chain that could make either socketcan or jeep dangerous, however in the interest of caution, and to silence dependabot, users of this crate might wish to pin this repo and commit hash in their Cargo.toml rather than the one on crates.io. A fix to socketcan has been submitted upstream. 0.0.3 will be the next crates.io release.

What's Changed

Full Changelog: 0.0.1...0.0.2

Contributors

mdegans
Assets 2
Loading