Wasmtime GitHub notifications bot (Feb 16 2022 at 22:05): Wasmtime GitHub notifications bot (Feb 16 2022 at 22:05):peterhuene opened PR #3818 from port-cve-fix-to-main to main:
This PR ports the fix for
CVE-2022-23636tomain, but performs a
refactoring that makes it unnecessary for the instance itself to track if it
has been initialized; such a change was not targeted enough for a security
patch.The pooling allocator will now only initialize an instance if all of its
associated resource creation succeeds. If the resource creation fails, no
instance is dropped as none was initialized.Also updates
RELEASES.mdto include the related patch releases.
Wasmtime GitHub notifications bot (Feb 16 2022 at 22:05):peterhuene requested alexcrichton for a review on PR #3818.
Wasmtime GitHub notifications bot (Feb 16 2022 at 22:34):alexcrichton submitted PR review.
Wasmtime GitHub notifications bot (Feb 16 2022 at 22:34):alexcrichton submitted PR review.
Wasmtime GitHub notifications bot (Feb 16 2022 at 22:34):alexcrichton created PR review comment:
To avoid this arc clone/decrement could the module be passed in? (since I think callers always have it available)
Wasmtime GitHub notifications bot (Feb 16 2022 at 22:39):peterhuene submitted PR review.
Wasmtime GitHub notifications bot (Feb 16 2022 at 22:39):peterhuene created PR review comment:
I'll do that and assert the two modules match.
Wasmtime GitHub notifications bot (Feb 16 2022 at 23:08):peterhuene updated PR #3818 from port-cve-fix-to-main to main.
Wasmtime GitHub notifications bot (Feb 16 2022 at 23:30):peterhuene requested alexcrichton for a review on PR #3818.
Wasmtime GitHub notifications bot (Feb 16 2022 at 23:51):alexcrichton submitted PR review.
Wasmtime GitHub notifications bot (Feb 16 2022 at 23:51):alexcrichton merged PR #3818.
Last updated: Dec 13 2025 at 21:03 UTC