{"id":"RUSTSEC-2025-0007","summary":"*ring* is unmaintained","details":"The author has announced an indefinite hiatus in its development, noting that\nany reported security vulnerabilities may go unaddressed for prolonged periods\nof time.\n\n# Update: security maintenance only\n\nAfter this advisory was published, the author graciously agreed to give\naccess to the rustls team. The rustls team is committed to providing\nsecurity (only) maintenance for *ring* for the foreseeable future.\n\n# Update: back to normal\n\nThings are more-or-less back to how they were before, and in particular the\nsituation isn't \"security maintenance only.\"","modified":"2025-03-06T21:16:59Z","published":"2025-02-20T12:00:00Z","withdrawn":"2025-02-22T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/ring"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2025-0007.html"},{"type":"WEB","url":"https://github.com/briansmith/ring/discussions/2414"}],"affected":[{"package":{"name":"ring","ecosystem":"crates.io","purl":"pkg:cargo/ring"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"}]}],"ecosystem_specific":{"affects":{"os":[],"arch":[],"functions":[]},"affected_functions":null},"database_specific":{"informational":"unmaintained","categories":[],"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2025-0007.json","cvss":null}}],"schema_version":"1.7.3"}