RUSTSEC-2021-0073: Conversion from prost_types::Timestamp to SystemTime can cause an overflow and panic

[github-actions]

Conversion from prost_types::Timestamp to SystemTime can cause an overflow and panic

Details
Package	prost-types
Version	0.7.0
URL	tokio-rs/prost#438
Date	2021-07-08
Patched versions	>=0.8.0

Affected versions of this crate contained a bug in which untrusted input could cause an overflow and panic when converting a Timestamp to SystemTime.

It is recommended to upgrade to prost-types v0.8 and switch the usage of From<Timestamp> for SystemTime to TryFrom<Timestamp> for SystemTime.

See #438 for more information.

See advisory page for additional details.

[siegfriedweber]

Crate:         prost-types
Version:       0.7.0
Title:         Conversion from `prost_types::Timestamp` to `SystemTime` can cause an overflow and panic
Date:          2021-07-08
ID:            RUSTSEC-2021-0073
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0073
Solution:      Upgrade to >=0.8.0
Dependency tree:
prost-types 0.7.0
├── prost-build 0.7.0
│   ├── tonic-build 0.4.2
│   │   ├── kubelet 0.7.0
│   │   │   └── stackable-agent 0.5.0-nightly
│   │   └── k8s-csi 0.3.0
│   │       └── kubelet 0.7.0
│   └── k8s-csi 0.3.0
├── kubelet 0.7.0
└── k8s-csi 0.3.0

[siegfriedweber]

Remove .cargo/audit.toml when fixed

[soenkeliebau]

I've added krustlet/krustlet#640 upstream to maybe get an automated audit action there as well.