b5fc017b19
quick-xml 0.39.4 enters only via wayland-scanner, a build-time proc-macro that parses trusted crate-shipped protocol XML at compile time — never a shipped binary, never runtime/attacker-controlled input, so neither DoS is reachable. wayland-scanner 0.31.10 (latest) pins quick-xml ^0.39; the fixes land only in >=0.41, so there is nothing to bump to. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
51 lines
3.8 KiB
TOML
51 lines
3.8 KiB
TOML
# cargo-audit configuration — consumed by `.gitea/workflows/audit.yml` (`cargo audit`).
|
|
#
|
|
# Silence only advisories that are KNOWN-UNFIXABLE and either not applicable to how we use the crate
|
|
# or an accepted, documented risk. Keep this list TIGHT and justify every entry — an ignore here
|
|
# means the audit job stops flagging it, so the reasoning must hold up.
|
|
#
|
|
# NOTE: `cargo audit` (no `--deny warnings`) fails only on *vulnerabilities*, not on the
|
|
# `unmaintained` warnings (audiopus_sys via opus, paste via utoipa-axum). Both are transitive, at
|
|
# their latest published version with no successor, so there's nothing to bump — left visible on
|
|
# purpose so we keep getting the maintenance signal; they do not fail CI. (rustls-pemfile was dropped
|
|
# 2026-06-29 by removing axum-server's unused tls-rustls feature + moving our own PEM parsing to
|
|
# rustls-pki-types; memmap2's unsoundness was fixed by the 0.9.11 bump.)
|
|
|
|
[advisories]
|
|
ignore = [
|
|
# rsa "Marvin Attack" (RUSTSEC-2023-0071): a timing side-channel in the rsa crate's variable-time
|
|
# modular exponentiation of the SECRET exponent. IMPORTANT — this affects the RSA private-key op in
|
|
# general, INCLUDING signing (m^d mod n), which the host DOES perform (gamestream/pairing.rs
|
|
# `signing_key.sign(&serversecret)`). It is NOT, as an earlier version of this note wrongly claimed,
|
|
# limited to decryption — so "the vulnerable path isn't exercised" is false; signing exercises it.
|
|
# We accept it because the attack is not practically reachable here, NOT because the path is unused:
|
|
# * No RSA decryption / PKCS#1v1.5 padding oracle exists anywhere (every `decrypt` in the tree is
|
|
# AES/AES-GCM), so the classic Bleichenbacher/Marvin chosen-ciphertext oracle is absent.
|
|
# * The only signed message (`serversecret`) is HOST-generated random, never attacker-chosen — so
|
|
# there's no adaptive chosen-input probing (the lever remote RSA-timing key recovery needs); and
|
|
# signing is gated behind the operator-entered pairing PIN, ONE signature per ceremony (a
|
|
# repeated phase-3 is rejected — gamestream/pairing.rs — to deny a passive timing-sample harvester).
|
|
# * GameStream is OFF by default (bare `serve` is native-only); the secure native QUIC plane uses
|
|
# rustls' constant-time backend, NOT the rsa crate. RSA is touched only on the opt-in,
|
|
# trusted-LAN GameStream/Moonlight pairing handshake. Moonlight mandates RSA-2048, so the
|
|
# GameStream identity cannot move to Ed25519/ECDSA (only the native identity could, and it
|
|
# already avoids the rsa crate).
|
|
# There is NO fixed rsa release (the constant-time rewrite is still unreleased upstream). Revisit if:
|
|
# a constant-time rsa ships (then drop this), the host ever signs an attacker-chosen message with
|
|
# this key, or any RSA decryption / key-transport using the private key is added.
|
|
"RUSTSEC-2023-0071",
|
|
|
|
# quick-xml DoS advisories (RUSTSEC-2026-0194 quadratic-time duplicate-attribute check;
|
|
# RUSTSEC-2026-0195 unbounded namespace-declaration allocation in NsReader). Both are
|
|
# exploited by feeding attacker-controlled XML to a running parser. In this tree quick-xml is
|
|
# a BUILD-TIME-ONLY, transitive dependency of `wayland-scanner` (a proc-macro that parses the
|
|
# TRUSTED wayland protocol XML files shipped with the wayland-rs crates at compile time). It is
|
|
# never linked into any shipped binary and never parses runtime/attacker-controlled input, so
|
|
# neither DoS is reachable. There is no fix to bump to: wayland-scanner 0.31.10 (latest) pins
|
|
# `quick-xml ^0.39`, and the fixes only exist in quick-xml >=0.41. Revisit (drop these) when
|
|
# wayland-scanner releases against quick-xml >=0.41, or if quick-xml is ever pulled onto a
|
|
# runtime path that parses untrusted XML.
|
|
"RUSTSEC-2026-0194",
|
|
"RUSTSEC-2026-0195",
|
|
]
|