github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-08-31 08:28:34 +00:00
Code Issues Projects Releases Wiki Activity

agent: update ttrpc-codegen to remove dependency on protobuf v2

Browse Source 
To fix CVE-2025-53605.

Fixes: https://github.com/kata-containers/kata-containers/security/dependabot/397
Fixes: #11570

Signed-off-by: Tim Zhang <tim@hyper.sh>
Signed-off-by: Fabiano Fidêncio <fidencio@northflank.com>
This commit is contained in:
Tim Zhang
2025-07-18 16:00:07 +02:00
committed by Fabiano Fidêncio
parent 60c3d89767
commit 222393375a
2 changed files with 10 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/agent/Cargo.lock generated
View File

@@ -3201,15 +3201,6 @@ dependencies = [
"thiserror 1.0.69",
]
[[package]]
name = "protobuf-codegen"
version = "2.28.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "033460afb75cf755fcfc16dfaed20b86468082a2ea24e05ac35ab4a099a017d6"
dependencies = [
"protobuf 2.28.0",
]
[[package]]
name = "protobuf-codegen"
version = "3.7.2"
@@ -4600,7 +4591,7 @@ dependencies = [
"log",
"nix 0.26.4",
"protobuf 3.7.2",
"protobuf-codegen 3.7.2",
"protobuf-codegen",
"thiserror 1.0.69",
"tokio",
"tokio-vsock 0.4.0",
@@ -4609,30 +4600,28 @@ dependencies = [
[[package]]
name = "ttrpc-codegen"
version = "0.5.0"
version = "0.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cdc0529f65223eca94fc5830e7d552d0d152ff42b74aff5c641edac39592f41f"
checksum = "0e5c657ef5cea6f6c6073c1be0787ba4482f42a569d4821e467daec795271f86"
dependencies = [
"home",
"protobuf 2.28.0",
"protobuf-codegen 3.7.2",
"protobuf 3.7.2",
"protobuf-codegen",
"protobuf-support",
"ttrpc-compiler",
]
[[package]]
name = "ttrpc-compiler"
version = "0.7.0"
version = "0.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9be3fb2fe509cb9c0099b3b5551b759ae714f2dde56dfc713f2a5bda8c16064a"
checksum = "3aa71f4a44711b3b9cc10ed0c7e239ff0fe4b8e6c900a142fb3bb26401385718"
dependencies = [
"derive-new",
"home",
"prost",
"prost-build",
"prost-types",
"protobuf 2.28.0",
"protobuf-codegen 2.28.0",
"protobuf 3.7.2",
"protobuf-codegen",
"tempfile",
]

2
src/libs/protocols/Cargo.toml
View File

@@ -19,5 +19,5 @@ serde_json = "1.0.68"
oci-spec = { version = "0.8.1", features = ["runtime"] }
[build-dependencies]
ttrpc-codegen = "0.5.0"
ttrpc-codegen = "0.6.0"
protobuf = { version = "3.7.2" }