fix: audit fix — reduce password copies in memory (v0.8.4)
- attempt_login takes Zeroizing<String> by value, eliminating the redundant Zeroizing::new(password.to_string()) that doubled the Rust-owned copy. - Clear password_entry's internal buffer immediately after extracting the password, shortening the window during which the GTK GString persists in non-zeroizable libc memory.
This commit is contained in:
Generated
+1
-1
@@ -575,7 +575,7 @@ dependencies = [
|
||||
|
||||
[[package]]
|
||||
name = "moongreet"
|
||||
version = "0.8.3"
|
||||
version = "0.8.4"
|
||||
dependencies = [
|
||||
"gdk-pixbuf",
|
||||
"gdk4",
|
||||
|
||||
Reference in New Issue
Block a user