Bump rustls-webpki from 0.103.9 to 0.103.10

[dependabot]

Bumps rustls-webpki from 0.103.9 to 0.103.10.

Release notes

Sourced from rustls-webpki's releases.

0.103.10

Correct selection of candidate CRLs by Distribution Point and Issuing Distribution Point. If a certificate had more than one distributionPoint, then only the first distributionPoint would be considered against each CRL's IssuingDistributionPoint distributionPoint, and then the certificate's subsequent distributionPoints would be ignored.

The impact was that correct provided CRLs would not be consulted to check revocation. With UnknownStatusPolicy::Deny (the default) this would lead to incorrect but safe Error::UnknownRevocationStatus. With UnknownStatusPolicy::Allow this would lead to inappropriate acceptance of revoked certificates.

This vulnerability is thought to be of limited impact. This is because both the certificate and CRL are signed -- an attacker would need to compromise a trusted issuing authority to trigger this bug. An attacker with such capabilities could likely bypass revocation checking through other more impactful means (such as publishing a valid, empty CRL.)

More likely, this bug would be latent in normal use, and an attacker could leverage faulty revocation checking to continue using a revoked credential.

This vulnerability is identified by GHSA-pwjx-qhcg-rvj4. Thank you to @​1seal for the report.

What's Changed

• Freshen up rel-0.103 by @​ctz in rustls/webpki#455
• Prepare 0.103.10 by @​ctz in rustls/webpki#458

Full Changelog: rustls/webpki@v/0.103.9...v/0.103.10

Commits

• 348ce01 Prepare 0.103.10
• dbde592 crl: fix authoritative_for() support for multiple URIs
• 9c4838e avoid std::prelude imports
• 009ef66 fix rust 1.94 ambiguous panic macro warnings
• c41360d build(deps): bump taiki-e/cache-cargo-install-action from 2 to 3
• e401d00 generate.py: reformat for black 2026.1.0
• 06cedec Take semver-compatible deps
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 32.71%. Comparing base (eb17c84) to head (7e94f15).

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #4539      +/-   ##
==========================================
+ Coverage   32.22%   32.71%   +0.48%     
==========================================
  Files         497      497              
  Lines       58890    58890              
==========================================
+ Hits        18977    19263     +286     
+ Misses      36498    36260     -238     
+ Partials     3415     3367      -48     

[github-actions]

❌ 3 Tests Failed:

Tests completed	Failed	Passed	Skipped
4561	3	4558	0

View the top 3 failed tests by shortest run time

TestRevalidationForSpecifiedRange

Stack Traces | 10.100s run time

... [CONTENT TRUNCATED: Keeping last 20 lines]
DEBUG[03-21|09:58:03.926] Journaled pathdb diff layer              root=453914..2bb97b parent=47467c..34f99a id=58                 block=57
DEBUG[03-21|09:58:03.926] Journaled pathdb diff layer              root=f033bb..c441f9 parent=453914..2bb97b id=59                 block=58
DEBUG[03-21|09:58:03.926] Journaled pathdb diff layer              root=8a3b0d..c4cc00 parent=f033bb..c441f9 id=60                 block=59
DEBUG[03-21|09:58:03.927] Journaled pathdb diff layer              root=f1dd74..17e285 parent=8a3b0d..c4cc00 id=61                 block=60
DEBUG[03-21|09:58:03.927] Journaled pathdb diff layer              root=ae10cb..fac472 parent=f1dd74..17e285 id=62                 block=61
DEBUG[03-21|09:58:03.927] Journaled pathdb diff layer              root=161e6d..4654fb parent=ae10cb..fac472 id=63                 block=62
DEBUG[03-21|09:58:03.927] Journaled pathdb diff layer              root=67cddc..75232e parent=161e6d..4654fb id=64                 block=63
DEBUG[03-21|09:58:03.927] Journaled pathdb diff layer              root=0e7e42..fadda9 parent=67cddc..75232e id=65                 block=64
DEBUG[03-21|09:58:03.927] Journaled pathdb diff layer              root=f58c7a..a67286 parent=0e7e42..fadda9 id=66                 block=65
DEBUG[03-21|09:58:03.927] Journaled pathdb diff layer              root=c15850..3ed356 parent=f58c7a..a67286 id=67                 block=66
DEBUG[03-21|09:58:03.927] Journaled pathdb diff layer              root=28f197..ee134b parent=c15850..3ed356 id=68                 block=67
DEBUG[03-21|09:58:03.928] Journaled pathdb diff layer              root=6925a4..7c5452 parent=28f197..ee134b id=69                 block=68
INFO [03-21|09:58:03.928] Persisted dirty state to disk            size=337.95KiB elapsed=8.481ms
INFO [03-21|09:58:03.928] Blockchain stopped
TRACE[03-21|09:58:03.928] P2P networking is spinning down
DEBUG[03-21|09:58:03.928] RPC server shutting down
INFO [03-21|09:58:03.928] HTTP server stopped                      endpoint=127.0.0.1:38205
DEBUG[03-21|09:58:03.929] RPC server shutting down
TRACE[03-21|09:58:03.929] P2P networking is spinning down
--- FAIL: TestRevalidationForSpecifiedRange (10.10s)

TestBatchPosterWithDelayProofsAndBacklog

Stack Traces | 15.840s run time

... [CONTENT TRUNCATED: Keeping last 20 lines]
INFO [03-21|10:05:17.337] Blockchain stopped
INFO [03-21|10:05:17.338] Ethereum protocol stopped
INFO [03-21|10:05:17.338] Transaction pool stopped
INFO [03-21|10:05:17.339] Updated payload                          id=0x03ff8675ff7f419e number=2   hash=5c4c3a..e6f77b txs=1  withdrawals=0 gas=1,501,105  fees=1.501105e-06   root=8b4695..11f36c elapsed=2.444ms
INFO [03-21|10:05:17.340] New Key                                  name=User43              Address=0xA2F879823F07Ea12d588e30146E8453885Ae95c6
INFO [03-21|10:05:17.340] Updated payload                          id=0x03c3c5340a56aa83 number=30  hash=94b340..0c990a txs=1  withdrawals=0 gas=86280      fees=8.628e-08      root=f42a9b..184cb1 elapsed=24.360ms
INFO [03-21|10:05:17.341] Stopping work on payload                 id=0x03c3c5340a56aa83 reason=delivery
INFO [03-21|10:05:17.342] Imported new potential chain segment     number=125 hash=7338e5..80e3fa blocks=1  txs=1  mgas=0.160  elapsed=23.417ms     mgasps=6.847    triediffs=551.30KiB  triedirty=0.00B
INFO [03-21|10:05:17.342] Persisting dirty state                   head=124 root=123503..ca4142 layers=124
INFO [03-21|10:05:17.343] Stopping work on payload                 id=0x03ff8675ff7f419e reason=delivery
INFO [03-21|10:05:17.343] Submitted transaction                    hash=0xf7930dbc83c5ce7b28de8ed90cd5ba9a0978f0a6a14826e6690a7023ecf56d20 from=0x26E554a8acF9003b83495c7f45F06edCB803d4e3 nonce=45  recipient=0xA2F879823F07Ea12d588e30146E8453885Ae95c6 value=10,000,000,000,000,000
INFO [03-21|10:05:17.344] Imported new potential chain segment     number=2   hash=5c4c3a..e6f77b blocks=1  txs=1  mgas=1.501  elapsed=5.232ms      mgasps=286.886  triediffs=6.09KiB    triedirty=0.00B
INFO [03-21|10:05:17.345] New Key                                  name=User44              Address=0xb9Eb65a76Fa62c7e1C938Eb16e301df54b18DcF1
INFO [03-21|10:05:17.345] Submitted transaction                    hash=0xb882e86fdaad1f32efd7332eab28d659d30c0e45d38df06b84ca107c4c40afa3 from=0x26E554a8acF9003b83495c7f45F06edCB803d4e3 nonce=37  recipient=0x0C709F340F0BB2e361229e345B7e26999d0969Ab value=1
WARN [03-21|10:05:17.346] Error performing sealing work            err="blockchain is stopped"
INFO [03-21|10:05:17.350] Submitted transaction                    hash=0xda7649a77fde3bb37f738d42e23e91536422c77ed4a768ded6f0995ca395cfe9 from=0x26E554a8acF9003b83495c7f45F06edCB803d4e3 nonce=46  recipient=0xb9Eb65a76Fa62c7e1C938Eb16e301df54b18DcF1 value=10,000,000,000,000,000
INFO [03-21|10:05:17.350] Persisted dirty state to disk            size=533.11KiB elapsed=7.884ms
INFO [03-21|10:05:17.350] Blockchain stopped
INFO [03-21|10:05:17.350] Submitted transaction                    hash=0x670320d7616d93c9bbf20dcf284d16d2f034dc8e971a0e975e48fb09bc8687c6 from=0x26E554a8acF9003b83495c7f45F06edCB803d4e3 nonce=38  recipient=0x0C709F340F0BB2e361229e345B7e26999d0969Ab value=1
--- FAIL: TestBatchPosterWithDelayProofsAndBacklog (15.84s)

TestBlockValidatorSimpleJITOnchain

Stack Traces | 55.860s run time

... [CONTENT TRUNCATED: Keeping last 20 lines]
TRACE[03-21|09:57:35.759] create validation entry: nothing to do   pos=1  streamerMsgCount=1
DEBUG[03-21|09:57:35.759] Served eth_getBlockByNumber              reqid=10028 duration="94.296µs"
DEBUG[03-21|09:57:35.759] Served eth_getBlockByNumber              reqid=21971 duration=97.943353ms
TRACE[03-21|09:57:35.765] got new header from L1                   number=23  hash=4c2a76..b2748c                   header="&{ParentHash:0x0a260d7923a19aaa2df77f05f3ed10fd0b65513ad0112dace3ba62cc215d686e UncleHash:0x1dcc4de8dec75d7aab85b567b6ccd41ad312451b948a7413f0a142fd40d49347 Coinbase:0x0000000000000000000000000000000000000000 Root:0x1b9b45575fbd40f30fe22105352d069edb0028e87e22474e04526fe842b5f62c TxHash:0x56e81f171bcc55a6ff8345e692c0f86e5b48e01b996cadc001622fb5e363b421 ReceiptHash:0x56e81f171bcc55a6ff8345e692c0f86e5b48e01b996cadc001622fb5e363b421 Bloom:[0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0] Difficulty:+0 Number:+23 GasLimit:15340524 GasUsed:0 Time:1774087076 Extra:[216 131 1 16 8 132 103 101 116 104 136 103 111 49 46 50 53 46 56 133 108 105 110 117 120] MixDigest:0x808a24d418134dc4701d261a250d4bb7f980fafbca914b0153e7e4c51f784717 Nonce:[0 0 0 0 0 0 0 0] BaseFee:+5665259681 WithdrawalsHash:0x56e81f171bcc55a6ff8345e692c0f86e5b48e01b996cadc001622fb5e363b421 BlobGasUsed:0xc116d1f988 ExcessBlobGas:0xc116d1f9a0 ParentBeaconRoot:0x0000000000000000000000000000000000000000000000000000000000000000 RequestsHash:0xe3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855}"
TRACE[03-21|09:57:35.765] Handled RPC response                     reqid=75    duration="2.555µs"
TRACE[03-21|09:57:35.765] Handled RPC response                     reqid=31982 duration="2.324µs"
TRACE[03-21|09:57:35.759] advanceValidations: nothing to validate  pos=1
--- FAIL: TestBlockValidatorSimpleJITOnchain (55.86s)
INFO [03-21|09:57:35.823] ExecutionEngine: Added DelayedMessages   msgIdx=165 delayedMsgIdx=33 block-header="&{ParentHash:0x212ca6a70f4544476b32d4d27e6ae5234b530245e5b4f4a25ad17f6a49eed96b UncleHash:0x1dcc4de8dec75d7aab85b567b6ccd41ad312451b948a7413f0a142fd40d49347 Coinbase:0xb386a74Dcab67b66F8AC07B4f08365d37495Dd23 Root:0x9b15db41b807d5ba5075d1d41c96f22f48b1b652777eb43c6f73e532a2adf6d2 TxHash:0x0cd849364c194dc2faac2adddabc71a49e0fd11bba7bdb362d6ade4060ba1540 ReceiptHash:0xf08cf5553e1dae52e3df19b356b8320e17c39fb055f635739c31052db5c3e45e Bloom:[0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0] Difficulty:+1 Number:+165 GasLimit:1125899906842624 GasUsed:0 Time:1774087109 Extra:[0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0] MixDigest:0x0000000000000000000000000000005300000000000000330000000000000000 Nonce:[0 0 0 0 0 0 0 34] BaseFee:+100000000 WithdrawalsHash:<nil> BlobGasUsed:<nil> ExcessBlobGas:<nil> ParentBeaconRoot:<nil> RequestsHash:<nil>}"
DEBUG[03-21|09:57:35.824] Served eth_getBlockByNumber              reqid=10048 duration="83.164µs"
DEBUG[03-21|09:57:35.824] Executing EVM call finished              runtime="290.42µs"
DEBUG[03-21|09:57:35.824] Served eth_call                          reqid=17182 duration="332.81µs"
TRACE[03-21|09:57:35.822] Handled RPC response                     reqid=18886 duration="1.403µs"
TRACE[03-21|09:57:35.824] Handled RPC response                     reqid=17182 duration="2.054µs"
TRACE[03-21|09:57:35.824] Handled RPC response                     reqid=10048 duration="2.765µs"
DEBUG[03-21|09:57:35.822] Served eth_getTransactionReceipt         reqid=2519  duration="20.598µs"
TRACE[03-21|09:57:35.824] Handled RPC response                     reqid=2519  duration="1.253µs"
DEBUG[03-21|09:57:35.823] Served eth_getBlockByNumber              reqid=17181 duration="122.889µs"
TRACE[03-21|09:57:35.819] Handled RPC response                     reqid=93    duration="10.429µs"
TRACE[03-21|09:57:35.824] Handled RPC response                     reqid=92    duration="1.864µs"

📣 Thoughts on this report? Let Codecov know! | Powered by Codecov