https://blogs.gentoo.org/ago/2020/07/04/gentoo-tinderbox/ Issue: www-apps/libmedium-20231020 misses package(s) in RDEPEND. Discovered on: amd64 (internal ref: guru_tinderbox) System: GCC-14-SYSTEM (https://wiki.gentoo.org/wiki/Project:Tinderbox/Common_Issues_Helper#GCC-14) Info about the issue: https://wiki.gentoo.org/wiki/Project:Tinderbox/Common_Issues_Helper#QA0080
Created attachment 894691 [details] build.log build log and emerge --info
I won't fix it bug upstream fix those bugs: cargo ebuild Error: Found 3 vulnerabilities: Crate: h2 Version: 0.3.21 Title: Resource exhaustion vulnerability in h2 may lead to Denial of Service (DoS) Date: 2024-01-17 ID: RUSTSEC-2024-0003 URL: https://rustsec.org/advisories/RUSTSEC-2024-0003 Solution: Upgrade to ^0.3.24 or >=0.4.2 Crate: h2 Version: 0.3.21 Title: Degradation of service in h2 servers with CONTINUATION Flood Date: 2024-04-03 ID: RUSTSEC-2024-0332 URL: https://rustsec.org/advisories/RUSTSEC-2024-0332 Solution: Upgrade to ^0.3.26 or >=0.4.4 Crate: mio Version: 0.8.8 Title: Tokens for named pipes may be delivered after deregistration Date: 2024-03-04 ID: RUSTSEC-2024-0019 URL: https://rustsec.org/advisories/RUSTSEC-2024-0019 Solution: Upgrade to >=0.8.11 Please fix the issues or use "--noaudit" flag.
Fixed in: https://gitweb.gentoo.org/repo/proj/guru.git/commit/?h=dev&id=5fc98aa3ce5133cf778590976328f63c268a7db6
