From 2da8a9e59e8585425553402b8831fa53410b5719 Mon Sep 17 00:00:00 2001 From: Techassi Date: Tue, 31 Mar 2026 09:37:41 +0200 Subject: [PATCH 1/2] fix: Bump aws-lc-rs/aws-lc-sys to 1.16.2/0.39.1 This bump negates the following two advisories: - RUSTSEC-2026-0044 - RUSTSEC-2026-0048 --- Cargo.lock | 8 ++++---- Cargo.nix | 13 +++++++------ 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 73ba5ed3..6d2ffae6 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -194,9 +194,9 @@ checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" [[package]] name = "aws-lc-rs" -version = "1.16.1" +version = "1.16.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94bffc006df10ac2a68c83692d734a465f8ee6c5b384d8545a636f81d858f4bf" +checksum = "a054912289d18629dc78375ba2c3726a3afe3ff71b4edba9dedfca0e3446d1fc" dependencies = [ "aws-lc-sys", "zeroize", @@ -204,9 +204,9 @@ dependencies = [ [[package]] name = "aws-lc-sys" -version = "0.38.0" +version = "0.39.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4321e568ed89bb5a7d291a7f37997c2c0df89809d7b6d12062c81ddb54aa782e" +checksum = "83a25cf98105baa966497416dbd42565ce3a8cf8dbfd59803ec9ad46f3126399" dependencies = [ "cc", "cmake", diff --git a/Cargo.nix b/Cargo.nix index 7ee3108b..9fd155ec 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -600,10 +600,10 @@ rec { }; "aws-lc-rs" = rec { crateName = "aws-lc-rs"; - version = "1.16.1"; + version = "1.16.2"; edition = "2021"; - links = "aws_lc_rs_1_16_1_sys"; - sha256 = "1gzlb3c82vv3b9adi15kqpk8wps699rjssc3ijkc42pidl0grgwl"; + links = "aws_lc_rs_1_16_2_sys"; + sha256 = "1z6i8qs0xjnzvslxnkhvywzzwfkafb1s4nrpg3f2k1nii4i92m50"; libName = "aws_lc_rs"; authors = [ "AWS-LibCrypto" @@ -635,10 +635,10 @@ rec { }; "aws-lc-sys" = rec { crateName = "aws-lc-sys"; - version = "0.38.0"; + version = "0.39.1"; edition = "2021"; - links = "aws_lc_0_38_0"; - sha256 = "0bkqm9adn7f8c8hd3dnp16cgh39cgjckfzqs55ymmfw9xmlfa8a3"; + links = "aws_lc_0_39_1"; + sha256 = "16b32brldbf97s05kzfvz263mkk54padn5kl95kakfh5h7wmr8l3"; build = "builder/main.rs"; libName = "aws_lc_sys"; authors = [ @@ -666,6 +666,7 @@ rec { features = { "bindgen" = [ "dep:bindgen" ]; "default" = [ "all-bindings" ]; + "fips" = [ "dep:bindgen" ]; "ssl" = [ "bindgen" "all-bindings" ]; }; resolvedDefaultFeatures = [ "prebuilt-nasm" ]; From 74952d86ccd720b6e8e1d29bdf490582dbe3f9ac Mon Sep 17 00:00:00 2001 From: Techassi Date: Tue, 31 Mar 2026 09:40:12 +0200 Subject: [PATCH 2/2] fix: Bump rustls-webpki to 0.103.10 to negate RUSTSEC-2026-0049 --- Cargo.lock | 4 ++-- Cargo.nix | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 6d2ffae6..1494413a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3154,9 +3154,9 @@ checksum = "f87165f0995f63a9fbeea62b64d10b4d9d8e78ec6d7d51fb2125fda7bb36788f" [[package]] name = "rustls-webpki" -version = "0.103.9" +version = "0.103.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7df23109aa6c1567d1c575b9952556388da57401e4ace1d15f79eedad0d8f53" +checksum = "df33b2b81ac578cabaf06b89b0631153a3f416b0a886e8a7a1707fb51abbd1ef" dependencies = [ "aws-lc-rs", "ring", diff --git a/Cargo.nix b/Cargo.nix index 9fd155ec..78e86277 100644 --- a/Cargo.nix +++ b/Cargo.nix @@ -10505,9 +10505,9 @@ rec { }; "rustls-webpki" = rec { crateName = "rustls-webpki"; - version = "0.103.9"; + version = "0.103.10"; edition = "2021"; - sha256 = "0lwg1nnyv7pp2lfwwjhy81bxm233am99jnsp3iymdhd6k8827pyp"; + sha256 = "1vyipcdbazvhl6kyi1m8n0bg98sk25iv12bby2xcly653awb4cyz"; libName = "webpki"; dependencies = [ {