Opened 13 months ago

Closed 13 months ago

Last modified 9 months ago

#17877 closed enhancement (fixed)

rustc-1.68.2

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: normal Milestone: 12.0
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New point version

Change History (4)

comment:1 by Douglas R. Reno, 13 months ago

This one does contain a really important fix. GitHub's private RSA key was leaked recently, and Cargo needs to be patched expediently to fix it.

Update the GitHub RSA host key bundled within Cargo. The key was rotated by GitHub on 2023-03-24 after the old one leaked.

Mark the old GitHub RSA host key as revoked. This will prevent Cargo from accepting the leaked key even when trusted by the system.

Add support for @revoked and a better error message for @cert-authority in Cargo's SSH host key verification

Last edited 13 months ago by Douglas R. Reno (previous) (diff)

comment:2 by Douglas R. Reno, 13 months ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:3 by Douglas R. Reno, 13 months ago

Resolution: fixed
Status: assignedclosed

Fixed at 98b722543f8566f95484fe2828f02bd972464c97

comment:4 by Bruce Dubbs, 9 months ago

Milestone: 11.412.0

Milestone renamed

Note: See TracTickets for help on using tickets.