chore: Update aws-lc-rs 1.16.2

zulinx86 · zulinx86 · commit 2e1a4c016e20 · 2026-03-23T10:56:00.000Z
A vulnerability was found in aws-lc-sys [1]. Although Firecracker isn't affected as it doesn't use AWS-LC to validate CN, update aws-lc-rs (and aws-lc-sys indirectly) to suppress cargo-audit failure. [1]: https://rustsec.org/advisories/RUSTSEC-2026-0044.html Signed-off-by: Takahiro Itazuri <itazur@amazon.com>
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/deny.toml b/deny.toml
@@ -5,8 +5,7 @@ allow = [
     "Apache-2.0",
     "BSD-3-Clause",
     "ISC",
-    "Unicode-3.0",
-    "OpenSSL"
+    "Unicode-3.0"
 ]
 
 [[bans.deny]]
diff --git a/src/vmm/Cargo.toml b/src/vmm/Cargo.toml
@@ -17,7 +17,7 @@ gdb = ["arrayvec", "gdbstub", "gdbstub_arch"]
 
 acpi_tables = { path = "../acpi-tables" }
 arrayvec = { version = "0.7.6", optional = true }
-aws-lc-rs = "1.16.1"
+aws-lc-rs = "1.16.2"
 base64 = "0.22.1"
 bincode = { version = "2.0.1", features = ["serde"] }
 bitflags = "2.10.0"

Original file line number	Diff line number	Diff line change
`@@ -5,8 +5,7 @@ allow = [`
`5`	`5`	`"Apache-2.0",`
`6`	`6`	`"BSD-3-Clause",`
`7`	`7`	`"ISC",`
`8`		`- "Unicode-3.0",`
`9`		`- "OpenSSL"`
	`8`	`+ "Unicode-3.0"`
`10`	`9`	`]`
`11`	`10`
`12`	`11`	`[[bans.deny]]`