From 99c8995bb385f585eaa47fd751372f26aabc7754 Mon Sep 17 00:00:00 2001 From: Maybe Waffle Date: Sun, 3 Apr 2022 16:19:17 +0400 Subject: [PATCH 1/2] Release `0.7.3` --- CHANGELOG.md | 6 ++++++ Cargo.toml | 4 ++-- README.md | 2 ++ 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5b0dd6fc..1960f683 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## unreleased +## 0.7.3 - 2022-04-03 + +### Fixed + +- Update `teloxide-core` to version `0.4.5` to fix a security vulnerability. See more in `teloxide-core` [release notes](https://github.com/teloxide/teloxide-core/releases/tag/v0.4.5). + ## 0.7.2 - 2022-03-23 ### Added diff --git a/Cargo.toml b/Cargo.toml index 8928132d..6ae436a0 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "teloxide" -version = "0.7.2" +version = "0.7.3" edition = "2018" description = "An elegant Telegram bots framework for Rust" repository = "https://github.com/teloxide/teloxide" @@ -58,7 +58,7 @@ full = [ ] [dependencies] -teloxide-core = { version = "0.4", default-features = false } +teloxide-core = { version = "0.4.5", default-features = false } teloxide-macros = { version = "0.5.1", optional = true } serde_json = "1.0" diff --git a/README.md b/README.md index 7acff473..b9197739 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ > [v0.5 -> v0.6 migration guide >>](MIGRATION_GUIDE.md#05---06) +> `teloxide-core` versions less that `0.4.5` has a low-severity security vulnerability, [see more >>](./CHANGELOG.md#073---2022-04-03) +

teloxide

From 1e6bf831d84e0178e5f9e64381e1bd780f4e1542 Mon Sep 17 00:00:00 2001 From: Waffle Maybe Date: Sun, 3 Apr 2022 23:09:20 +0400 Subject: [PATCH 2/2] change the link and wording about the vuln in the readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b9197739..2a4451a7 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ > [v0.5 -> v0.6 migration guide >>](MIGRATION_GUIDE.md#05---06) -> `teloxide-core` versions less that `0.4.5` has a low-severity security vulnerability, [see more >>](./CHANGELOG.md#073---2022-04-03) +> `teloxide-core` versions less that `0.4.5` (`teloxide` versions less than 0.7.3) have a low-severity security vulnerability, [learn more >>](https://github.com/teloxide/teloxide/discussions/574)