build(deps): bump openssl from 0.10.79 to 0.10.80

[dependabot]

Bumps openssl from 0.10.79 to 0.10.80.

Release notes

Sourced from openssl's releases.

openssl-v0.10.80

What's Changed

• Prefer Homebrew openssl@4 and stop looking for openssl@1.1 by @​alex in rust-openssl/rust-openssl#2633
• Fix output buffer overflow in cipher_update_inplace for AES key-wrap-with-padding by @​alex in rust-openssl/rust-openssl#2638
• Release openssl 0.10.80 and openssl-sys 0.9.116 by @​alex in rust-openssl/rust-openssl#2639

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.79...openssl-v0.10.80

Commits

• 35be7ae Release openssl 0.10.80 and openssl-sys 0.9.116 (#2639)
• 19eceb2 Fix output buffer overflow in cipher_update_inplace for AES key-wrap-with-pad...
• b460eb3 Prefer Homebrew openssl@4 and stop looking for openssl@1.1 (#2633)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[greptile-apps]

Greptile Summary

Routine Dependabot bump of openssl from 0.10.79 to 0.10.80 (and openssl-sys 0.9.115 → 0.9.116), picking up a buffer-overflow fix in cipher_update_inplace for AES key-wrap-with-padding and updated Homebrew discovery logic.

• Cargo.lock checksums are updated consistently for both openssl and openssl-sys.
• aw-sync/Cargo.toml pins the vendored Linux/Android openssl version to match the new release.

Confidence Score: 5/5

Safe to merge — two-file dependency bump with no logic changes and a security fix included.

Both changed files are mechanical version-string and checksum updates generated by Dependabot. The new release patches a buffer overflow in AES key-wrap-with-padding, making the upgrade desirable. The Cargo.lock checksums match the published crate versions, and the pinned constraint in aw-sync/Cargo.toml is kept in sync.

No files require special attention.

Important Files Changed

Filename	Overview
Cargo.lock	Bumps openssl from 0.10.79→0.10.80 and openssl-sys from 0.9.115→0.9.116 with updated checksums; no other changes.
aw-sync/Cargo.toml	Updates pinned openssl version constraint from "0.10.79" to "0.10.80" for the Linux/Android vendored build target.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[dependabot PR] --> B[aw-sync/Cargo.toml\nopenssl 0.10.79 → 0.10.80]
    B --> C[Cargo.lock\nopenssl 0.10.79 → 0.10.80\nopenssl-sys 0.9.115 → 0.9.116]
    C --> D{Target platform}
    D -->|Linux vendored| E[openssl 0.10.80\nwith vendored feature]
    D -->|Other| F[openssl resolved\nfrom registry]
    E --> G[Fix: AES key-wrap buffer overflow\nin cipher_update_inplace]
    F --> G

Loading

_{Reviews (1): Last reviewed commit: "build(deps): bump openssl from 0.10.79 t..." | Re-trigger Greptile}