*ring* is maintained again by djc · Pull Request #2230 · rustsec/advisory-db

djc · 2025-02-22T16:28:29Z

Remove unmaintained advisory RUSTSEC-2025-0007.

@ctz and the rustls maintainers now have access to the crates.io entry for ring.

alex · 2025-02-22T16:31:44Z

I think the correct way to do this is to add withdrawn = "2025-02-22"?

djc · 2025-02-22T16:32:43Z

I think the correct way to do this is to add withdrawn = "2025-02-22"?

Ahh, I was looking for something like that.

djc · 2025-02-22T16:33:51Z

I think the correct way to do this is to add withdrawn = "2025-02-22"?

Fixed.

Shnatsel · 2025-02-22T16:35:08Z

Thank you!

It would be nice to add a line or two about rustls maintainers getting access into the advisory text to make the situation more clear.

djc · 2025-02-22T16:38:56Z

crates/ring/RUSTSEC-2025-0007.md

 any reported security vulnerabilities may go unaddressed for prolonged periods
 of time.
+
+# Update: security maintenance only


@ctz thoughts on this wording?

djc force-pushed the retract-unmaintained-ring branch from 8ef4f2d to 2da2d90 Compare February 22, 2025 16:33

*ring* is maintained again, withdraw 2025-0007.

ed51835

djc force-pushed the retract-unmaintained-ring branch from 2da2d90 to ed51835 Compare February 22, 2025 16:38

djc commented Feb 22, 2025

View reviewed changes

alex approved these changes Feb 22, 2025

View reviewed changes

alex merged commit e23da6c into rustsec:main Feb 22, 2025
1 check passed

This was referenced Feb 22, 2025

[Task] Get rid of ring dependency in core valkey-io/valkey-glide#3226

Closed

Switching away from Ring algesten/ureq#1013

Open

xxchan mentioned this pull request Feb 23, 2025

RUSTSEC-2025-0007: *ring* is unmaintained apache/iceberg-rust#985

Closed

g2p mentioned this pull request Feb 25, 2025

*ring* is unmaintained #2227

Closed

madsbv mentioned this pull request Mar 3, 2025

RUSTSEC-2025-0007: *ring* is unmaintained madsbv/nix-options-search#70

Closed

nirbheek mentioned this pull request Mar 4, 2025

Switch to aws_lc_rs moq-dev/web-transport#58

Merged

Gelbpunkt mentioned this pull request Apr 22, 2025

RUSTSEC-2025-0007: *ring* is unmaintained hermit-os/kernel#1608

Closed

mbrubeck mentioned this pull request Apr 29, 2025

Ring currently unmaintained mbrubeck/agate#377

Closed

tnull mentioned this pull request Aug 12, 2025

Ensure we always startup with a rustls CryptoProvider lightningdevkit/ldk-node#600

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ring is maintained again#2230

ring is maintained again#2230
alex merged 1 commit intorustsec:mainfrom
djc:retract-unmaintained-ring

djc commented Feb 22, 2025 •

edited

Loading

Uh oh!

alex commented Feb 22, 2025

Uh oh!

djc commented Feb 22, 2025

Uh oh!

djc commented Feb 22, 2025

Uh oh!

Shnatsel commented Feb 22, 2025

Uh oh!

djc Feb 22, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

djc commented Feb 22, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

alex commented Feb 22, 2025

Uh oh!

djc commented Feb 22, 2025

Uh oh!

djc commented Feb 22, 2025

Uh oh!

Shnatsel commented Feb 22, 2025

Uh oh!

djc Feb 22, 2025

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

djc commented Feb 22, 2025 •

edited

Loading