Update some deps in pokemon-service-tls example (#3911)

tls-listener 0.7.0 is vulnerable to CVE-2024-28854, GHSA-2qph-qpvm-2qf7, and RUSTSEC-2024-0341 rustls 0.20.9 is vulnerable to CVE-2024-32650, GHSA-6g7w-8wpp-frhj, and RUSTSEC-2024-0336 We can't update them to the latest versions because we still require hyper 0.x. ---- _By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice._
smithy-lang · Nov 13, 2024 · 8cf9ebd · 8cf9ebd
1 parent ae7b403
commit 8cf9ebd
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/examples/pokemon-service-tls/Cargo.toml b/examples/pokemon-service-tls/Cargo.toml
@@ -13,9 +13,11 @@ tokio = "1.26.0"
 tracing = "0.1"
 
 # These dependencies are only required for the `pokemon-service-tls` program.
-tls-listener = { version = "0.7.0", features = ["rustls", "hyper-h2"] }
-tokio-rustls = "0.24.0"
-rustls-pemfile = "1.0.2"
+
+# Latest version supporting hyper 0.x
+tls-listener = { version = "0.8", features = ["rustls", "hyper-h2"] }
+tokio-rustls = "0.24"
+rustls-pemfile = "1"
 futures-util = { version = "0.3.29", default-features = false }
 
 # Local paths
@@ -37,4 +39,3 @@ aws-smithy-types = { path = "../../rust-runtime/aws-smithy-types/" }
 pokemon-service-client = { path = "../pokemon-service-client/", features = [
     "behavior-version-latest",
 ] }
-
diff --git a/examples/pokemon-service-tls/src/main.rs b/examples/pokemon-service-tls/src/main.rs
@@ -131,6 +131,7 @@ pub async fn main() {
         acceptor,
         hyper::server::conn::AddrIncoming::bind(&addr).expect("could not bind"),
     )
+    .connections()
     .filter(|conn| {
         if let Err(err) = conn {
             eprintln!("connection error: {:?}", err);