From e1fbcf0d22fabd81ee876ff30438703453c2f3c0 Mon Sep 17 00:00:00 2001
From: Philip Tricca <flihp@twobit.org>
Date: Mon, 24 Mar 2025 08:35:19 -0700
Subject: [PATCH] Upgrade RSA crate 0.9.6 -> 0.9.8

this addresses https://nvd.nist.gov/vuln/detail/CVE-2023-49092
---
 Cargo.lock          | 8 ++++----
 hubtools/Cargo.toml | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 62ad0fc..fa8f618 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -340,7 +340,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "33d852cb9b869c2a9b3df2f71a3074817f01e1844f839a144f5fcef059a4eb5d"
 dependencies = [
  "libc",
- "windows-sys 0.52.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]
@@ -793,9 +793,9 @@ dependencies = [
 
 [[package]]
 name = "rsa"
-version = "0.9.6"
+version = "0.9.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5d0e5124fcb30e76a7e79bfee683a2746db83784b86289f6251b54b7950a0dfc"
+checksum = "78928ac1ed176a5ca1d17e578a1825f3d81ca54cf41053a592584b020cfd691b"
 dependencies = [
  "const-oid",
  "digest",
@@ -836,7 +836,7 @@ dependencies = [
  "errno",
  "libc",
  "linux-raw-sys 0.9.3",
- "windows-sys 0.52.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]
diff --git a/hubtools/Cargo.toml b/hubtools/Cargo.toml
index dc756cc..3b07bfe 100644
--- a/hubtools/Cargo.toml
+++ b/hubtools/Cargo.toml
@@ -18,4 +18,4 @@ tlvc = { git = "https://github.com/oxidecomputer/tlvc", default-features = false
 tlvc-text = { git = "https://github.com/oxidecomputer/tlvc", default-features = false, version = "0.3" }
 lpc55_sign = { git = "https://github.com/oxidecomputer/lpc55_support", default-features = false, version = "0.3" }
 lpc55_areas = { git = "https://github.com/oxidecomputer/lpc55_support", default-features = false, version = "0.2" }
-rsa = { version = "0.9.0", default-features = false, features = ["std", "pem", "sha2"] }
+rsa = { version = "0.9.8", default-features = false, features = ["std", "pem", "sha2"] }