cerc-io/lighthouse
16
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
440badd973
lighthouse/common
History
Paul Hauner 924a1345b1 Update zeroize_derive (#2625) 
## Issue Addressed

NA

## Proposed Changes

As `cargo audit` astutely pointed out, the version of `zeroize_derive` were were using had a vulnerability:

```
Crate:         zeroize_derive
Version:       1.1.0
Title:         `#[zeroize(drop)]` doesn't implement `Drop` for `enum`s
Date:          2021-09-24
ID:            RUSTSEC-2021-0115
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0115
Solution:      Upgrade to >=1.2.0
```

This PR updates `zeroize` and `zeroize_derive` to appease `cargo audit`.

`tiny-bip39` was also updated to allow compile.

## Additional Info

I don't believe this vulnerability actually affected the Lighthouse code-base directly. However, `tiny-bip39` may have been affected which may have resulted in some uncleaned memory in Lighthouse. Whilst this is not ideal, it's not a major issue. Zeroization is a nice-to-have since it only protects from sophisticated attacks or attackers that already have a high level of access already.
2021-09-25 05:58:37 +00:00
..
account_utils Update zeroize_derive (#2625) 2021-09-25 05:58:37 +00:00
clap_utils Implement SSZ union type (#2579) 2021-09-25 05:58:36 +00:00
compare_fields Check for unused deps in CI (#1262) 2020-06-14 10:59:50 +10:00
compare_fields_derive Update external deps (#1711) 2020-10-05 08:22:19 +00:00
deposit_contract Implement SSZ union type (#2579) 2021-09-25 05:58:36 +00:00
directory fix default network handling (#2029) 2020-12-08 05:41:10 +00:00
eth2 Update zeroize_derive (#2625) 2021-09-25 05:58:37 +00:00
eth2_config Improve ergonomics of adding a new network config (#2489) 2021-08-30 23:27:28 +00:00
eth2_interop_keypairs Fix nightly bump num bigint (#2591) 2021-09-12 23:55:20 +00:00
eth2_network_config Implement SSZ union type (#2579) 2021-09-25 05:58:36 +00:00
eth2_wallet_manager Rust 1.54.0 lints (#2483) 2021-07-30 01:11:47 +00:00
fallback Improve eth1 fallback logging (#2490) 2021-08-30 00:51:26 +00:00
filesystem Update file permissions (#2499) 2021-09-03 02:41:10 +00:00
hashset_delay Upgrade dependencies (#2513) 2021-08-17 01:00:24 +00:00
lighthouse_metrics Web3Signer support for VC (#2522) 2021-09-16 03:26:33 +00:00
lighthouse_version v1.5.2 (#2595) 2021-09-13 23:01:19 +00:00
lockfile Enable Compatibility with Windows (#2333) 2021-05-19 23:05:16 +00:00
logging Rust 1.54.0 lints (#2483) 2021-07-30 01:11:47 +00:00
lru_cache Keep track of failed head chains and prevent re-lookups (#1534) 2020-08-18 03:54:09 +00:00
malloc_utils Modify Malloc Tuning (#2398) 2021-06-09 02:30:06 +00:00
monitoring_api Upgrade dependencies (#2513) 2021-08-17 01:00:24 +00:00
sensitive_url Add SensitiveUrl to redact user secrets from endpoints (#2326) 2021-05-04 01:59:51 +00:00
slot_clock Validator monitor support for sync committees (#2476) 2021-08-31 23:31:36 +00:00
target_check Improve compilation error on 32-bit (#2424) 2021-06-30 04:56:22 +00:00
task_executor Web3Signer support for VC (#2522) 2021-09-16 03:26:33 +00:00
test_random_derive Update external deps (#1711) 2020-10-05 08:22:19 +00:00
validator_dir Implement SSZ union type (#2579) 2021-09-25 05:58:36 +00:00
warp_utils Upgrade dependencies (#2513) 2021-08-17 01:00:24 +00:00
README.md Directory Restructure (#1163) 2020-05-18 21:24:23 +10:00

README.md

eth2

Common crates containing eth2-specific logic.