RUSTSEC-2021-0073: Conversion from `prost_types::Timestamp` to `SystemTime` can cause an overflow and panic
github-actions opened this issue · comments
Conversion from
prost_types::Timestamp
toSystemTime
can cause an overflow and panic
Details | |
---|---|
Package | prost-types |
Version | 0.7.0 |
URL | tokio-rs/prost#438 |
Date | 2021-07-08 |
Patched versions | >=0.8.0 |
Affected versions of this crate contained a bug in which untrusted input could cause an overflow and panic when converting a Timestamp
to SystemTime
.
It is recommended to upgrade to prost-types
v0.8 and switch the usage of From<Timestamp> for SystemTime
to TryFrom<Timestamp> for SystemTime
.
See #438 for more information.
See advisory page for additional details.