Skip to content

1.3.11
Compare
Choose a tag to compare
@github-actions github-actions released this 20 Aug 13:37
v1.3.11
1e331cc

Security

  • Roll back serde_derive to version 1.0.171 and pin it there, to avoid using
    the new serde_derive that uses a pre-built binary compiler
    plugin    . The binary plugin has
    not been successfully reproduced from source when I last looked, and it
    represents an unacceptable security risk, since it can't be audited without
    disassembling the binary code. We'll need a longer-term plan for this.
Assets 5
Loading