Skip to content

fix(deps): update tar to 0.4.45 (medium CVE-2026-33055, CVE-2026-33056)#218

Open
github-actions[bot] wants to merge 1 commit intomainfrom
fix/security-tar-16
Open

fix(deps): update tar to 0.4.45 (medium CVE-2026-33055, CVE-2026-33056)#218
github-actions[bot] wants to merge 1 commit intomainfrom
fix/security-tar-16

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Mar 21, 2026

Description

Bumps tar to resolve two medium severity vulnerabilities.

Type of Change

  • Bug fix (non-breaking change which fixes an issue)

Security Alert

Change

Updated tar from 0.4.44 to 0.4.45 via cargo update tar --precise 0.4.45.
tar is a transitive dependency pulled in through reth-cli-commands. No source
file changes were required — only Cargo.lock was updated.

Checklist

  • I have reviewed the relevant code guidelines in the docs/ folder
  • My code follows the coding standards of this project
  • I have performed a self-review of my own code

@github-actions @claude
fix(deps): update tar to 0.4.45 (CVE-2026-33055, CVE-2026-33056)
64b0c92 
Bumps tar from 0.4.44 to 0.4.45 to resolve two medium severity
vulnerabilities in the tar-rs crate.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JimmyShi22 JimmyShi22 JimmyShi22 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@JimmyShi22