Commit 43cf4d4
chore(deps): bump quinn-proto 0.11.14 → 0.11.15 (RUSTSEC-2026-0185) (#5562)
Lockfile-only bump to clear the security-audit CI job. quinn-proto
v0.11.14 is vulnerable to remote memory exhaustion from unbounded
out-of-order stream reassembly (RUSTSEC-2026-0185, fix >=0.11.15);
it is a transitive dep via the reqwest/quinn HTTP/3 stack. No other
dependency churn.
Co-authored-by: Ralph Küpper <ralph2@skelpo.com>1 parent f442827 commit 43cf4d4
1 file changed
Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
0 commit comments