[GHSA-r6v5-fh4h-64xc] time vulnerable to stack exhaustion Denial of Service attack#6792
[GHSA-r6v5-fh4h-64xc] time vulnerable to stack exhaustion Denial of Service attack#6792jhpratt wants to merge 1 commit intojhpratt/advisory-improvement-6792from
Conversation
|
Hi there @jhpratt! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository. This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory |
github-actions
bot
changed the base branch from
main
to
jhpratt/advisory-improvement-6792
There was a problem hiding this comment.
Pull request overview
This PR updates a security advisory for the time Rust crate (GHSA-r6v5-fh4h-64xc) by correcting the commit reference that fixes a stack exhaustion denial of service vulnerability. The PR description indicates that the previous commit reference was incorrect and did not actually fix the security issue, characterizing it instead as an ordinary bugfix. The change updates the commit hash in the references section and increments the modified timestamp accordingly.
Changes:
- Updated the commit reference URL from an incorrect commit to the correct security fix commit
- Incremented the modified timestamp by one second to reflect the update
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
2 participants
Updates
Comments
The commit that was attached in my name and without my consent is objectively incorrect and does not fix a security issue. It is an ordinary bugfix.